Privacy Policy

Last updated June 2026

This policy explains what data CrewTempo collects, why, and how it's protected. We've kept it in plain language; if anything here is unclear, get in touch.

What we collect

Account data you provide — your name, email, and password (stored only as a salted hash). Workspace data your team enters, such as schedules, time entries, and people records. Technical data needed to run the Service securely, including session details and the IP address and browser used to sign in.

How we use it

To provide the Service: authenticating you, scoping data to your organization, sending transactional email (verification, password resets, invitations, and notifications), and maintaining a security audit log of sensitive actions. We do not sell your data or use it for advertising.

How it's protected

Passwords are hashed with Argon2 and never stored in the clear. Sensitive secrets such as two-factor keys are encrypted at rest, and recovery codes are stored hashed. Every query is scoped to your organization, sessions are revocable, and two-factor authentication is available (and can be required) for added protection.

Data retention

Workspace data is retained while your account is active. Your plan determines how far back history stays viewable, but downgrading never deletes data. You can export your data or request deletion of your workspace at any time.

Third parties

We rely on a small number of service providers to operate — for example, to deliver email and to host the application and its database. These providers process data only as needed to provide their service.

Contact

Questions about your data or this policy? Reach us through the contact page.