Privacy Policy

1. Who we are

This Privacy Policy explains how myPitLab collects, uses, stores, and protects personal data when you use our platform.

2. What data we process

Depending on your usage, we may process:

• Account identity data (name, email, role, organization membership).
• Operational project data (inspections, reports, photos, workspace records).
• Security and audit data (authentication, access, system events).

3. Why we process data

We process data to provide and secure the service, manage accounts, support inspection workflows, respond to incidents, and comply with legal obligations.

4. Retention periods

• Security audit logs are retained for up to 365 days.
• Application error logs are retained for up to 90 days.
• Expired organization invitations are removed 30 days after expiry.

5. Processors and hosting

We use vetted subprocessors for infrastructure, database, email, billing, and optional AI-enabled functionality. Access is restricted on a least-privilege basis and reviewed under our internal security process.

6. International transfers and security

Where data is processed across regions, we apply appropriate safeguards. We use technical and organizational controls including access control, monitoring, and incident response procedures.

7. Your rights

You can request access, correction, export, or deletion of personal data where legally applicable. Contact support@mypitlab.com.

8. Policy updates

We may update this Privacy Policy from time to time. Material updates will be reflected on this page with a revised “Last updated” date.