Your privacy matters.

We only collect what GoTidy needs to run your team's workspace:

• Account info: name, email, password (hashed), profile photo, role (Admin, Manager, Staff).
• Organization info: company name, logo, branding, team structure, manager permissions.
• Work data: tasks, subtasks, schedules, clock-in / clock-out times, lunch breaks, time-off requests, reward points and activity history you create in the app.
• Payment info: billing contact and seat count. Card details are collected and stored by Stripe, never by GoTidy.
• Technical data: IP address, browser, device type and basic logs needed to keep the service running and secure.

• Provide the GoTidy service — tasks, schedules, payroll exports, rewards, notifications.
• Send transactional emails (sign-up, password reset, overdue task reminders, billing receipts).
• Process subscription payments through Stripe.
• Investigate bugs, prevent abuse, and protect accounts.
• Improve the product based on aggregate, non-identifying usage signals.

We do not sell your data. We do not use it to train AI models. We do not share it for advertising.

Your data lives in our managed Postgres database, hosted on enterprise cloud infrastructure with encryption at rest and in transit (TLS 1.2+).

• Every table is protected by row-level security so one organization's data can never be read by another.
• Passwords are hashed using industry-standard algorithms — we cannot see your password.
• Backups are encrypted and retained on a rolling basis.
• Access to production data is limited to a small number of engineers and audited.

GoTidy relies on a small number of trusted providers:

• Stripe — payment processing and subscription billing.
• Cloud database & auth provider — hosted Postgres, authentication and file storage.
• Email delivery provider — transactional emails only (no marketing lists).

Each provider is bound by its own privacy commitments and only receives the data needed for its role.

We use a small number of strictly necessary cookies to keep you signed in and to remember your theme preference. We do not run third-party advertising or cross-site tracking pixels.

You can, at any time:

• Access your data — export timesheets and activity to Excel or PDF from inside the app.
• Correct any inaccurate profile or work data.
• Delete your account and your organization's data by contacting support.
• Port your data to another service via standard CSV / Excel exports.

If you're in a region covered by GDPR, PIPEDA or CCPA, those laws give you these rights by default — we honour them for every user, regardless of location.

We keep your data for as long as your subscription is active. If you cancel, we retain your workspace for 30 days in case you change your mind, then permanently delete it. Backups age out within 90 days. Billing records may be retained longer where required by tax or accounting law.

GoTidy is a workplace tool intended for users 16 and older. We don't knowingly collect data from children under 16. If you believe a child has created an account, contact us and we'll remove it.

If we make material changes to this policy, we'll notify account admins by email and update the "Last updated" date at the top of this page. Continued use of GoTidy after a change means you accept the updated policy.

Questions about privacy or your data? Email info@gotidy.ca and we'll respond within 5 business days.