RiteHQ LogoRiteHQ
Join Waitlist

Privacy Policy

Effective Date: September 24, 2025

Version: 1.0

1. Introduction & Scope

Welcome to Rite HQ (also "we", "us", "our", "the Service"). Rite HQ is operated by CW Frontier Innovations LLC (a Tennessee, U.S. limited liability company). This Privacy Policy describes how we collect, use, disclose, and protect the personal information of users ("you" or "your") of the Rite HQ web application (the "Service").

By accessing or using the Service, you agree to this Privacy Policy (as updated from time to time). If you disagree, please do not use the Service.

This Policy applies to all users, including individuals and representatives of organizations/teams using Rite HQ.

2. Definitions

  • Personal Information / Personal Data means information that identifies or can reasonably be used to identify an individual.
  • Organization / Tenant Data means data related to an organization account, including user accounts within the organization, roles, and related metadata.
  • Sub-processors / Service Providers are third parties we engage to help provide the Service (e.g. hosting, image storage, authentication).
  • User Content means any content, data, or materials you input into the Service (e.g. your organization's branding, names, email, other data as applicable).

3. What Information We Collect

We collect and process the following categories of personal and organizational data:

CategoryExamples / SpecificsCollected FromPurpose
Identity & Contact InfoName, email address, basic company / organization nameYou (at registration or profile setup)To create and maintain your account, communicate updates, support
Organization MetadataOrganization / tenant name, logo, branding colorsYou (upload / configure)To configure your experience, segregate data properly
Authentication / Account DataCredentials, session tokens (via Clerk)You / systemTo authenticate and manage your account
Cookies / Session CookiesFunctional cookies (via Clerk) for login, sessionsSystem / your browserTo maintain session, user authentication state

At present, we do not actively collect usage analytics, IP addresses, or other metadata (e.g. device data). However, you may later add those; if so, we will update this Policy accordingly.

4. How We Use Information & Legal Basis

We use your information to operate the Service, including:

  • Creating, maintaining, and securing your account
  • Segregating and isolating organizational data so there's no cross-tenant contamination
  • Enabling invitations of teammates / collaborators under your organization
  • Customer support and troubleshooting
  • Sending you administrative or policy notices (e.g. changes to terms / privacy)

Legal Basis (U.S. / general):

Because the U.S. does not have a comprehensive federal privacy law, we rely primarily on your implicit or express consent (by using the Service) and contractual necessity (to perform the service you expect). If you later serve users in regions with stricter regimes (e.g. GDPR in Europe), you may need to adopt additional legal bases (e.g. legitimate interest, consent) and disclosures.

5. Cookies, Tracking & Similar Technologies

We use functional cookies / session cookies (via Clerk) that are strictly necessary to support authentication, sessions, and security. They are not used for advertising or behavioral tracking.

If we introduce analytics or marketing tracking in the future (e.g. Google Analytics, Mixpanel), we will update this section and provide opt-out or consent mechanisms.

6. Disclosure & Sharing of Data

We do not sell or rent your personal or organization data. We only share data in the following limited circumstances:

  • Service Providers / Sub-processors: We engage third parties to assist us in providing the Service (e.g. Clerk for authentication, Neon for database/storage, Cloudinary for image storage & CDN, Vercel for hosting). These providers have access only to data necessary to perform their services and are contractually obligated to protect your data.
  • Legal / Compliance: We may disclose data to comply with legal obligations, enforceable subpoenas or court orders, or to protect rights, safety, or property (ours or others).
  • Business Transfers: In the event of a merger, acquisition, sale, or reorganization, your data may be transferred (with notice to users) as part of that transaction, subject to confidentiality.

If you are in a jurisdiction with data transfer restrictions (e.g. EU), we will need to implement transfer safeguards (standard contractual clauses, etc.) if cross-border transfers occur.

7. Data Retention & Deletion

We retain your personal and organizational data for as long as your account / organization exists, unless you request deletion. If you wish to delete your data:

  • You may delete your organization via Clerk (which removes the organization account).
  • To delete all of your personal data, you must contact support at info@cwfrontierinnovations.com

Upon deletion request, we will permanently delete or anonymize your personal data within a reasonable timeframe, unless there is a legal obligation we must retain certain data (for fraud prevention, compliance, etc.).

8. Security Measures

We take security seriously. We employ technical and organizational safeguards including:

  • Encryption in transit (TLS)
  • Encryption at rest for sensitive storage (when applicable)
  • Role-based access control and least privilege
  • Vendor / sub-processor contracts requiring data protection
  • Regular security audits, vulnerability scanning, and penetration testing
  • Monitoring, logging, and incident response procedures

9. User Rights & Controls

Depending on your jurisdiction, you may have rights over your personal data. These may include:

  • Access / Correction: Request a copy of your data or request correction
  • Deletion / Erasure: Request that we delete your data
  • Objection / Restriction: To certain processing (if applicable)
  • Data Portability: Request a machine-readable export of your data

To exercise any of these rights, contact us via info@cwfrontierinnovations.com. We may request verification before fulfilling requests.

Because our user base is primarily business / organizational users, these rights will generally be exercised by the user account / organization owner. If additional regulatory rights apply (e.g. GDPR subject access requests), those will follow the legal timelines applicable in that jurisdiction.

10. Children's Privacy & Age Limits

Our Service is not intended for children under 13. We do not knowingly collect personal data of children under 13. If you believe we inadvertently collected data of a child under 13, please contact us and we will delete it.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time (for example, if we introduce analytics, AI/ML features, or modify data practices). We will notify users of material changes via in-app notifications or email to organization owners. The "Effective Date" at the top will reflect the current version.

12. Contact & Enforcement

If you have questions, concerns, or requests regarding your privacy or this Policy, contact:

Support / Privacy Contact: info@cwfrontierinnovations.com

Company / Controller: CW Frontier Innovations LLC

If you are in a jurisdiction with a supervisory authority (e.g. EU), you may have the right to lodge a complaint with that authority.