Privacy Policy

ShieldInspect ("we," "our," or "us") respects your privacy. This Privacy Policy describes what information we collect when you use our website and service, how we use and protect it, and your choices and rights. By using ShieldInspect, you agree to the practices described here.

1. Information we collect

Account and profile information. When you sign up or use your account, we collect: name, email address, and (if you provide it) phone number and profile photo. We also store your role (e.g., Owner or Compliance Lead) and, for Owners, subscription and billing-related identifiers (e.g., Stripe customer ID) so we can provide the Service and manage your subscription.

Content and usage data. We store the data you create in the Service, including: location names and addresses; audit checklists, photos, timestamps, scores, and approval status; invite and assignment information (e.g., who invited whom, which locations a Compliance Lead is assigned to); and custom checklist or knowledge-question content you add. We may collect device and log information (e.g., IP address, browser type, pages visited) to operate and secure the Service and to troubleshoot issues.

Payment information. We do not store your full payment card details. Billing is processed by Stripe. When you subscribe or update payment methods, you provide payment information directly to Stripe in accordance with their privacy policy. We receive only non-sensitive billing identifiers and subscription status from Stripe so we can provide access and support.

2. How we use your information

We use the information we collect to: (a) provide, operate, and improve the Service (including displaying your profile, locations, audits, and audit logs to you and to other users with the appropriate access, such as Owners and their assigned Compliance Leads); (b) send you transactional and service-related communications by email (e.g., invite emails to Compliance Leads, password reset or account-related emails from our auth provider, and notifications when an inspection is ready for you to complete); (c) if you provide a phone number in your Account settings, send you SMS (text) notifications when an inspection is ready for you to complete—by adding a phone number you consent to receive these messages; message and data rates may apply; you may remove your phone number at any time in Account settings to stop SMS; (d) process payments and manage subscriptions; (e) enforce our Terms of Service and protect the security of the Service; and (f) comply with applicable law. We do not sell your personal information to third parties. We do not use your data for advertising or to build profiles for third-party marketing.

3. How we share your information

We share information only as follows: (a) Within your organization: Owners can see their locations, employees (Compliance Leads), and all audit data for their locations; Compliance Leads can see the locations they are assigned to and the audits they are asked to complete. (b) Service providers: We use third-party providers to host the Service, store data, process payments, and send emails (e.g., Supabase, Vercel, Stripe, Resend). These providers process data on our behalf under contracts that require them to protect your information and use it only to provide the services we request. (c) Legal and safety: We may disclose information if required by law, court order, or government request, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others. (d) Business transfers: If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction; we will notify you of any change in ownership or use of your personal information.

4. Data storage and security

Your data is stored on infrastructure operated by our service providers (including Supabase and Vercel), which may store data in the United States or other regions. We use industry-standard measures to protect data in transit (e.g., HTTPS) and at rest (e.g., access controls, encryption where applicable). Access to personal data within our systems is limited to what is necessary to operate the Service and support you. Despite our efforts, no method of transmission or storage is 100% secure; we cannot guarantee absolute security.

5. Data retention

We retain your account and audit data for as long as your account is active or as needed to provide the Service and comply with our legal obligations. If you delete your account, we will delete or anonymize your personal data in accordance with our retention practices and applicable law. Some data may remain in backups for a limited period. Owners can delete Compliance Lead accounts from the Service; that initiates removal of those users' access and deletion of their account data as described in our systems.

6. Your rights and choices

You may access, update, or delete your account and profile information (name, email, phone, profile photo) from your Account settings. You may cancel your subscription and delete your account at any time; deletion will remove your access and we will delete or anonymize your personal data as described in Section 5. You may request a copy of the personal data we hold about you or request correction or deletion (subject to legal exceptions) by contacting us at the email below. If you are in the European Economic Area, United Kingdom, or another jurisdiction with specific privacy rights, you may have the right to: access, rectify, erase, restrict processing, object to processing, data portability, and to withdraw consent where processing is based on consent. You may also have the right to lodge a complaint with a supervisory authority. We will respond to such requests in accordance with applicable law.

7. Cookies and similar technologies

We use cookies and similar technologies (e.g., session storage) that are necessary to operate the Service: for example, to keep you signed in, to remember your preferences, and to secure the Service. We do not use third-party advertising or tracking cookies for marketing. You can control cookies through your browser settings; disabling necessary cookies may affect the functionality of the Service.

8. Children

The Service is not directed to individuals under 16. We do not knowingly collect personal information from children under 16. If you learn that a child has provided us with personal information, please contact us and we will take steps to delete it.

9. International transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States, where our service providers operate. Those countries may have different data protection laws. By using the Service, you consent to such transfer. Where required, we rely on appropriate safeguards (e.g., standard contractual clauses or adequacy decisions) for transfers from the EEA, UK, or similar regions.

10. Changes to this policy

We may update this Privacy Policy from time to time. We will post the updated policy on this page and update the "Last updated" date. For material changes, we may also notify you by email or through the Service. Your continued use of the Service after the effective date of the changes constitutes acceptance. If you do not agree, you should stop using the Service and contact us regarding your data.

11. Contact

For privacy-related questions, requests, or complaints, contact us at privacy@mockinspections.com or at mockinspections.contact@gmail.com. We will respond within a reasonable time.