Your privacy, respected.
TroopToTask is committed to protecting your personal information and the personnel data you entrust to us.
What we collect, and why.
We collect information you provide directly: account info (email, name), organization data, and personnel records you enter (names, ranks, unit assignments, contact information, training records, counseling notes, availability statuses). We also collect usage data automatically: IP addresses, browser type, pages visited, and timestamps for security and audit purposes.
Purpose-driven, nothing more.
We use your information to: provide and maintain the TroopToTask service; authenticate your identity and manage access; generate security-relevant audit logs; process billing and support requests; send service-related notifications; improve the service based on aggregate usage patterns. We do not use your data for advertising, profiling, or any purpose unrelated to delivering the service.
Protected at every layer.
All data is encrypted at rest (AES-256) and in transit (TLS 1.2+). Data is stored on Supabase infrastructure hosted in the United States. We implement role-based access controls, security-relevant audit logging, and security headers aligned with NIST SP 800-171. See our Security page for comprehensive details.
Your data stays yours.
We do not sell or rent your personal information or personnel data. We may disclose information only when required by law, to enforce our terms, or to protect rights and safety. Our service providers process data solely to deliver the service under strict data processing agreements: Supabase for database, authentication, and file storage; Vercel for application hosting, analytics, and performance signals; and Stripe for payment processing, billing details, invoices, receipts, and tax-related billing information when provided.
Kept only as long as needed.
We retain your data for as long as your account is active. When you delete personnel records, counseling records, or other data, it is permanently removed from our database. If you delete your account, all associated data is deleted. Audit logs may be retained for compliance purposes for up to 1 year after account deletion.
You are in control.
You have the right to: access all data stored about you and your organization; export your data at any time via our export features; correct inaccurate information; delete your data and account; request information about how your data is processed. Organization owners can manage these rights for their organization's data through the application.
Essential only, no surveillance.
We use only essential cookies required for authentication and session management. We use Vercel Web Analytics and Vercel Speed Insights to collect aggregate site analytics and performance signals, including visited URLs, referrers, device and browser information, coarse geolocation, Web Vitals metrics, and timestamps. Vercel identifies visits with a request hash, discards session data after 24 hours, and does not require persistent analytics cookies. Learn more in Vercel's Privacy Notice. We do not use third-party advertising pixels, sell analytics data, participate in cross-site tracking or data broker networks, or use analytics to profile individual people.
Not designed for minors.
TroopToTask is designed for use by military personnel and unit leaders. We do not knowingly collect information from children under 13. If we become aware that we have collected such information, we will delete it immediately.
Transparent updates.
We may update this policy to reflect changes in our practices or legal requirements. We will notify users of material changes via the application. Continued use after changes constitutes acceptance.