Privacy Policy

Last updated: 21/01/2026

1. Introduction

CrystalOps ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our window cleaning management application.

2. Information We Collect

Personal Information

  • Account Information: Name, email address, phone number
  • Business Information: Business name, address, VAT number, payment terms
  • Customer Data: Names, addresses, phone numbers, billing information of your customers
  • Site Information: Property addresses and access notes for cleaning locations
  • Financial Data: Invoice details, payment records, pricing information

Technical Information

  • Usage Data: How you interact with our application
  • Device Information: Browser type, operating system, IP address
  • Cookies: Authentication tokens and session data

3. How We Use Your Information

We use your information to:

  • Provide and maintain our window cleaning management services
  • Process payments and billing through Stripe
  • Send service-related communications and invoices
  • Improve our application and user experience
  • Comply with legal obligations

4. Legal Basis for Processing (GDPR)

We process your data based on:

  • Contract Performance: To provide our services
  • Legitimate Interest: To improve our services and prevent fraud
  • Consent: For marketing communications (where applicable)
  • Legal Obligation: For tax and accounting requirements

5. Data Sharing and Disclosure

We may share your information with:

  • Supabase: Our database and authentication provider
  • Stripe: For payment processing
  • Email Service Providers: For sending invoices and notifications

We do not sell your personal information to third parties.

6. Data Security

We implement appropriate security measures including:

  • Encrypted data transmission (SSL/TLS)
  • Secure database storage with Supabase
  • Role-based access controls
  • Regular security updates

7. Your Rights (GDPR)

You have the right to:

  • Access: Request copies of your personal data
  • Rectification: Correct inaccurate personal data
  • Erasure: Request deletion of your personal data
  • Portability: Receive your data in a portable format
  • Restriction: Limit how we process your data
  • Objection: Object to processing based on legitimate interest

To exercise these rights, contact us at hello@crystalops.co.uk

8. Data Retention

We retain your data:

  • Account Data: Until account deletion
  • Financial Records: 6 years (UK tax requirements)
  • Customer Data: Until you delete it or close your account

9. International Transfers

Your data may be transferred to and processed in countries outside the UK/EU. We ensure appropriate safeguards are in place through our service providers' compliance with GDPR and standard contractual clauses.

10. Contact Us

For privacy-related questions, contact us at:

  • Email: hello@crystalops.co.uk
  • Address: [BUSINESS ADDRESS]

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or through our application. The "Last updated" date at the top of this policy indicates when it was last revised.

← Back to CrystalOps