Legal
Last updated: 13 June 2026 · A product of Nanobird Technologies Pvt. Ltd., India
This is a general template provided for transparency. Please have it reviewed by a qualified privacy professional for your jurisdiction (e.g. GDPR / India DPDP Act) before relying on it.
CreativeOps Tracker is a product of Nanobird Technologies Pvt. Ltd. ("we", "our", "us"), the data controller for the personal data described here. This policy explains how we collect, use, and protect your personal data when you use CreativeOpsTracker.com. For data-protection queries, contact hello@creativeopstracker.com.
Account data you provide when registering (name, email address, profession); content you enter while using the platform (projects, meetings, timesheets, KPI entries, media logs, comments); and limited technical data (log/usage data, IP address, device/browser info) needed to run the service securely.
We do not intentionally collect or process sensitive personal information such as government identification numbers, biometric information, health records, personal banking credentials, or payment card details.
We use your data solely to operate the platform — to authenticate you, display your projects and team, generate reports, send service emails (e.g. deadline reminders, review notifications), and keep the service secure. We do not sell or rent your personal data, and we do not share it for third-party marketing.
Where the GDPR (EU/UK) or India’s Digital Personal Data Protection Act applies, we process personal data on these bases: performance of our contract with you (to provide the service); our legitimate interests (to secure and improve the service); your consent (where required, e.g. optional communications); and compliance with legal obligations. You may withdraw consent at any time where processing is based on it.
We implement industry-standard administrative, technical, and organisational safeguards including TLS encryption in transit, encrypted database storage, role-based access controls, authentication and authorisation controls, row-level security policies, backup and recovery procedures, and monitoring and audit logging. Data is stored using Supabase (PostgreSQL) infrastructure, with access to production systems restricted to authorised personnel. While no system can guarantee absolute security, we take reasonable measures to protect customer data.
In the event of a security incident or data breach that materially affects personal information, we will notify affected users and relevant authorities where required by applicable law.
We share data with a small set of vendors strictly to run the service: Supabase (database, authentication & file storage), Vercel (application hosting), Resend (transactional email), Cloudflare Turnstile (anti-spam on forms), and our payment processor / Merchant of Record (billing, only if you purchase a paid plan). Each is bound by its own data-protection commitments. A current list is available on request.
Our subprocessors may process data outside your country, including in the EU and the United States. Where required, such transfers rely on appropriate safeguards (e.g. Standard Contractual Clauses) provided by those vendors.
We use only essential cookies required for authentication, session management, security, and operation of the Service. We do not use advertising cookies and do not sell browsing data to third parties.
Subject to applicable law, you have the right to access, correct, export (portability), restrict, or delete your personal data, to object to certain processing, and to lodge a complaint with your data-protection authority. To exercise any right, contact hello@creativeopstracker.com; we respond within the timeframe required by law. Workspace data may also be controlled by your workspace administrator.
Workspace administrators may have access to information associated with users within their workspace and are responsible for managing permissions and access rights within their organisation.
We retain your data for as long as your account is active. If you delete your account, your personal data is permanently removed within 30 days, except where we must retain limited records to meet legal, tax, or accounting obligations.
The Service is intended for business use by adults and is not directed at children. We do not knowingly collect personal data from anyone under 16.
We may update this Privacy Policy from time to time. We will post the updated version with a new date and, for material changes, notify you by email or in-app.
For privacy-related queries or to exercise your rights, contact us at: hello@creativeopstracker.com