Privacy Policy

Last updated: May 2026

This Privacy Policy explains how Audin ("we," "us," or "our") collects, uses, stores, and protects information when you use our audit and compliance software platform (the "Service") at audinops.com.

We've tried to write this policy in clear language. If anything is unclear, contact us at hello@audinops.com.

1. Who We Are

Audin provides operational audit, compliance tracking, and workflow-management software for organizations and operations teams.

When customers use Audin:

Customers generally act as the data controller for operational, employee, audit, and workplace data submitted into the Service.
Audin generally acts as a data processor for customer-submitted data processed on behalf of the customer.
Audin acts as a data controller for account, billing, administrative, analytics, and business operations data.

2. Information We Collect

2.1 Information you provide directly

Account information: names, email addresses, organization names, passwords (stored as salted hashes), authentication credentials, and role assignments.
Operational data: audit responses, compliance records, schedules, notes, images, attachments, corrective actions, escalation data, and operational workflows created within the Service.
Profile information: organizational hierarchy assignments, locations, departments, permissions, and user preferences.
Communications: support inquiries, feedback, and communications sent to us.
Billing information: subscription and payment-related information processed through our payment providers.

2.2 Information collected automatically

Usage data: features used, pages visited, audit activity, login events, sync activity, and interaction patterns.
Device data: browser type, operating system, IP address, device identifiers, and approximate geographic region.
Cookies and similar technologies: authentication state, session tokens, security validation, and user preferences.
Log and diagnostic data: application logs, error reporting, crash diagnostics, and system performance metrics.

We do not sell personal information and do not use third-party advertising trackers for behavioral advertising purposes.

3. How We Use Information

We use collected information to:

Provide, maintain, secure, and improve the Service.
Authenticate users and manage permissions.
Operate audits, corrective-action workflows, notifications, escalations, and reporting.
Provide customer support and troubleshoot issues.
Monitor platform performance, reliability, and abuse prevention.
Process payments and manage subscriptions.
Comply with legal obligations and enforce our agreements.
Generate aggregated and de-identified analytics to improve platform performance and product development.

4. Data Ownership

Customers retain ownership of the operational and organizational data they submit to the Service.

Customers grant Audin a limited license to host, process, store, transmit, back up, analyze, and display submitted data solely for purposes of:

Operating and securing the Service
Providing customer-requested functionality
Maintaining backups and disaster recovery systems
Improving system performance and reliability
Complying with legal obligations

5. Customer Responsibilities

Customers are solely responsible for:

Ensuring they have lawful rights and permissions to upload, process, and manage data within the Service.
Providing legally required notices to employees, contractors, auditors, or other individuals whose information may be processed through the Service.
Complying with applicable workplace, labor, employment, privacy, surveillance, and regulatory laws.
Managing user access permissions, account administration, and retention settings.
Reviewing and validating operational decisions, audit findings, corrective actions, and compliance determinations.
Exporting any data they wish to retain before account cancellation or deletion deadlines.

6. Automated Systems & AI Features

Certain platform features may use automated systems, analytics models, or AI-assisted tooling to generate recommendations, summaries, prioritization suggestions, corrective-action guidance, operational insights, or workflow assistance.

These outputs are informational only and should not be relied upon as legal, regulatory, safety, HR, workplace, or professional advice.

Customers remain solely responsible for evaluating and approving operational decisions and compliance actions.

7. Subprocessors

We use trusted third-party service providers to help operate the Service under contractual confidentiality and data-processing obligations.

Provider	Purpose	Primary Region
Supabase	Database, authentication, storage	United States
Netlify	Hosting and serverless infrastructure	United States
Resend	Transactional email delivery	United States
Stripe	Payment processing	United States

Our subprocessors may change from time to time as our infrastructure and operational requirements evolve.

8. Data Storage & Retention

Infrastructure: Data is hosted using infrastructure providers located primarily in the United States.
Encryption: Data is encrypted in transit using TLS and encrypted at rest using industry-standard encryption methods.
Active accounts: We retain customer data while accounts remain active and as necessary to provide the Service.
After cancellation: We may retain customer data for a limited recovery period following cancellation before deletion from active systems.
Backups: Backup copies may persist temporarily after deletion requests before scheduled purge cycles complete.
Audit logging: Certain audit events, access records, amendments, or deletion logs may be retained for integrity, security, legal, or compliance purposes.

9. Your Rights

Depending on your jurisdiction, you may have rights including:

Access to personal data
Correction of inaccurate information
Deletion requests
Restriction or objection to processing
Data portability requests
Withdrawal of consent where consent is the legal basis for processing

Residents of certain jurisdictions, including the European Economic Area, United Kingdom, and California, may have additional statutory privacy rights under laws such as GDPR, UK GDPR, and CCPA/CPRA.

To exercise applicable rights, contact hello@audinops.com. We aim to respond within timelines required by applicable law.

10. International Transfers

If you access the Service outside the United States, your information may be transferred to and processed in the United States or other jurisdictions where our providers operate.

Where required, we rely on contractual safeguards such as Standard Contractual Clauses and applicable transfer mechanisms.

11. Cookies & Analytics

We use cookies and similar technologies for:

Essential functionality: authentication, session management, security validation, and account access.
Preferences: remembering user settings and interface preferences.
Analytics: understanding aggregate usage patterns and improving platform performance.

We do not use advertising cookies for third-party behavioral advertising.

12. Security

We implement commercially reasonable administrative, technical, and organizational safeguards designed to protect information processed through the Service.

Encryption in transit and at rest
Access controls and permission systems
Role-based authorization
Logging and monitoring systems
Infrastructure backup and recovery procedures
Need-to-know employee access limitations

However, no method of electronic transmission, storage, or security protection is completely secure, and we cannot guarantee absolute security.

If we determine that a security incident affecting customer data has occurred, we may notify affected customers in accordance with applicable legal obligations.

13. Important Disclaimers

Audin provides operational workflow, audit-management, reporting, and compliance-assistance software tools.

Audin does not provide:

Legal advice
Regulatory certification
Employment-law guidance
Safety certification services
Professional compliance consulting

Customers remain solely responsible for:

Operational decisions
Corrective actions
Regulatory compliance obligations
Employee-management practices
Workplace monitoring compliance
Internal audit interpretation and enforcement

We do not guarantee uninterrupted availability, error-free operation, regulatory compliance outcomes, audit accuracy, or prevention of operational incidents.

Certain features may be designated as beta, preview, experimental, or early-access functionality and may be modified, suspended, or discontinued at any time.

We are not responsible for delays, outages, failures, or data loss caused by events outside our reasonable control, including infrastructure failures, internet outages, cloud-provider disruptions, labor disputes, cyberattacks, natural disasters, or force majeure events.

14. Children's Privacy

The Service is not intended for children under 16 years of age, and we do not knowingly collect personal information from children.

If you believe a child has provided information to us, contact hello@audinops.com.

15. Changes to This Policy

We may update this Privacy Policy periodically.

When material changes are made, we may provide notice through the Service, by email, or through other reasonable methods before changes become effective.

16. Contact

For privacy, legal, or security-related questions:

hello@audinops.com

This Privacy Policy should be read together with the Audin Terms of Service and any applicable Data Processing Addendum (DPA).