Legal Document

Privacy Policy

Your privacy matters to us. This policy explains how we handle your data.

Effective: January 1, 2026
Updated: January 26, 2026
v2.0

TL;DRQuick Summary

  • We collect only what's necessary to provide our facility management services
  • We never sell your personal data to third parties
  • You have full control over your data - access, export, or delete anytime
  • We use industry-standard encryption and security measures

Jump to section

We collect information to provide and improve our facility management services. The types of data we collect include:

Information You Provide

Data you directly give us when creating an account or using our services:

  • Account Information: Name, email address, phone number, password
  • Profile Data: Username, profile photo, facility preferences
  • Payment Information: Billing address, payment method details (processed securely by our payment provider)
  • Communications: Messages, feedback, and support requests you send us

Information Collected Automatically

Data gathered when you interact with our platform:

  • Usage Data: Features used, pages visited, actions taken within the app
  • Device Information: Device type, operating system, browser type, unique device identifiers
  • Log Data: IP address, access times, app crashes, and system activity
  • Location Data: With your permission, precise or approximate location for facility features

Information from Third Parties

Data we may receive from other sources:

  • Facility Operators: Membership status, booking history at their facilities
  • Social Login Providers: Basic profile information if you sign in with Google or Apple
  • Analytics Partners: Aggregated usage patterns and demographics

We use collected information for the following purposes:

  • Provide Services: Process bookings, manage waitlists, deliver notifications
  • Improve Our Platform: Analyze usage patterns, fix bugs, develop new features
  • Communicate With You: Send booking confirmations, security alerts, and (with consent) promotional messages
  • Ensure Safety: Detect fraud, enforce our terms, and protect users and facilities
  • Legal Compliance: Meet legal obligations, respond to lawful requests

We process data based on: your consent, contractual necessity, legitimate interests, or legal obligations.

We do not sell your personal information. We may share data in these circumstances:

With Facility Operators

When you book or join a waitlist, we share necessary information with the facility:

  • Your name and contact information for booking management
  • Waitlist position and booking preferences
  • Check-in/check-out times and usage history at their facility

With Service Providers

Trusted third parties who help us operate our platform:

  • Cloud Hosting: Secure data storage and processing
  • Payment Processors: Handle transactions securely (we don't store card numbers)
  • Communication Services: Deliver SMS and email notifications
  • Analytics Providers: Understand usage patterns (anonymized where possible)

For Legal Reasons

We may disclose information when required by law or to:

  • Comply with legal process or government requests
  • Enforce our Terms of Service
  • Protect rights, property, or safety of Oh/Jo Tech, users, or the public

You have the following rights regarding your personal information:

  1. 1Access: Request a copy of the personal data we hold about you
  2. 2Correction: Update or correct inaccurate information in your account
  3. 3Deletion: Request deletion of your account and associated data
  4. 4Portability: Export your data in a machine-readable format
  5. 5Opt-Out: Unsubscribe from marketing communications at any time
  6. 6Restriction: Limit how we process your data in certain circumstances

To exercise these rights, contact us at privacy@ohjotech.com or use the privacy controls in your account settings.

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: Request details about categories and specific pieces of personal information collected
  • Right to Delete: Request deletion of personal information (with some exceptions)
  • Right to Opt-Out: We do not sell personal information, so this right does not apply
  • Non-Discrimination: We will not discriminate against you for exercising your privacy rights

To submit a CCPA request, email privacy@ohjotech.com with "CCPA Request" in the subject line. We will verify your identity before processing.

If you are in the European Economic Area (EEA), UK, or Switzerland, you have rights under the General Data Protection Regulation (GDPR):

  • Legal Basis: We process data based on consent, contract performance, or legitimate interests
  • Data Transfers: When transferring data outside the EEA, we use Standard Contractual Clauses or other approved mechanisms
  • Supervisory Authority: You have the right to lodge a complaint with your local data protection authority
  • Withdrawal of Consent: Where processing is based on consent, you may withdraw it at any time

We retain your information for as long as necessary to provide our services and fulfill the purposes described in this policy:

  • Active Accounts: Data retained while your account is active
  • Deleted Accounts: Most data deleted within 30 days; some retained up to 90 days for fraud prevention
  • Legal Requirements: Some data may be retained longer to comply with legal obligations
  • Aggregated Data: De-identified, aggregated data may be retained indefinitely for analytics

We implement robust security measures to protect your data:

  • Encryption: Data encrypted in transit (TLS 1.3) and at rest (AES-256)
  • Access Controls: Strict internal access controls and authentication requirements
  • Monitoring: Continuous monitoring for security threats and suspicious activity
  • Incident Response: Established procedures to respond to data breaches
  • Regular Audits: Periodic security assessments and penetration testing

While we implement strong security measures, no system is 100% secure. Please protect your account credentials and report suspicious activity immediately.

Oh/Jo Tech is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13.

If you believe we have inadvertently collected information from a child under 13, please contact us immediately at privacy@ohjotech.com and we will delete the information.

We may update this Privacy Policy periodically. When we make material changes:

  • We will notify you via email or in-app notification
  • The "Last Updated" date at the top will be revised
  • For significant changes, we may require acknowledgment before continued use
  • Previous versions will be archived and available upon request

2026 Oh/Jo Tech. All rights reserved.