Privacy Policy

Last updated: April 6, 2026

1. Introduction

SupCMMS (“we”, “our”, or “us”) operates the SupCMMS maintenance management platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service. Please read this policy carefully. By using SupCMMS you agree to the practices described here.

2. Information We Collect

We collect information in the following ways:

  • Account data: When you register, we collect your name, email address, and organization name.
  • Usage data: Work orders, assets, maintenance records, inventory, and other content you create inside the app.
  • Files and media: Photos, documents, and attachments you upload to work orders or assets.
  • Communication data: Messages you send via our contact form or support ticketing system.
  • Technical data: IP addresses, browser type, device identifiers, and usage logs collected automatically when you use the service.

3. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and improve the SupCMMS platform.
  • Send transactional emails (work order notifications, password resets, invitations).
  • Respond to support requests and contact form submissions.
  • Monitor platform health, security, and abuse prevention.
  • Comply with legal obligations.

4. Data Storage and Security

Your data is stored on Supabase-managed PostgreSQL databases hosted on AWS infrastructure. Files are stored in Supabase Storage (S3-compatible). Data is encrypted in transit (TLS) and at rest. We implement row-level security (RLS) policies to enforce tenant data isolation — no tenant can access another tenant's data.

Despite our safeguards, no transmission or storage system is 100% secure. If you believe your data has been compromised, contact us immediately at hello@supacmms.com.

5. Cookies

SupCMMS uses cookies and similar technologies for:

  • Authentication: Session tokens stored in cookies to keep you logged in.
  • Preferences: A NEXT_LOCALE cookie stores your language preference (1-year expiry).

We do not use third-party advertising cookies. You can disable cookies in your browser settings, but some features (such as staying logged in) will not function without them.

6. Third-Party Services

We share data with the following third-party providers solely to operate the service:

  • Supabase — database, authentication, and file storage.
  • Mailjet — transactional email delivery (work order notifications, invitations, password resets).
  • Vercel — hosting and edge infrastructure.
  • Paddle — payment processing and subscription billing (for paid plans).

Each provider has their own privacy policy governing their handling of your data. We do not sell your personal data to third parties.

7. Data Retention

We retain your data for as long as your account is active or as needed to provide the service. If you close your account, your data will be deleted within 30 days, except where retention is required by applicable law.

8. Your Rights

Depending on your jurisdiction, you may have the right to access, correct, delete, or export your personal data. To exercise these rights, contact us at hello@supacmms.com. We will respond within 30 days.

9. Children's Privacy

SupCMMS is not intended for use by individuals under 16 years of age. We do not knowingly collect personal data from minors.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the new policy on this page with an updated “Last updated” date. Continued use of the service after changes constitutes acceptance.

11. Contact Us

Questions about this Privacy Policy? Contact us at hello@supacmms.com or via our contact form.