Privacy Policy

Last updated: April 27, 2026

1. Who we are

TeamFore ("we", "our", "us") is a workspace-based leave and availability management platform built for teams. This Privacy Policy explains how we collect, use, and protect your information when you use our service at teamfore.vercel.app.

2. Information we collect

We collect only the information necessary to provide the service:

  • Account information: your name and email address, provided directly or via Google OAuth sign-in.
  • Google OAuth data: when you sign in with Google, we receive your name, email address, and Google account ID. We do not receive your Google password or access to your Google account beyond authentication.
  • Usage data: leave requests, availability status, workload status, and other actions you take within the app.
  • Workspace data: team names, user roles, leave type configurations, and related settings created by your workspace admin.

3. How we use your information

  • To authenticate you and manage your session securely.
  • To provide leave management, team calendar, and availability features.
  • To send email notifications related to your leave requests and approvals (via Brevo).
  • To generate analytics and reports scoped to your workspace.
  • To maintain audit logs of key actions for governance and compliance within your workspace.

We do not sell your personal data. We do not use your data for advertising.

4. Data sharing

We share your data only with the following third-party services required to operate the platform:

  • Neon (PostgreSQL): our database provider. Your data is stored in their managed PostgreSQL service.
  • Brevo (Sendinblue): used to send transactional emails (leave notifications). We share only your email address and name for this purpose.
  • Google OAuth: used for authentication. We receive basic profile data (name, email) from Google only when you choose to sign in with Google.
  • PostHog: used for product analytics. We may share anonymized usage events. No personally identifiable information is sent to PostHog.

5. Cookies and sessions

We use a single httpOnly, secure cookie to maintain your authenticated session. This cookie is strictly necessary for the service to function. We do not use tracking cookies or advertising cookies.

6. Data retention

Your data is retained for as long as your account and workspace exist. When a workspace is deleted, associated user records and leave data are removed. Audit logs are retained for compliance purposes. You may request deletion of your account by contacting us at the email below.

7. Your rights

You have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate data (you can update your profile directly in the app).
  • Request deletion of your account and associated data.
  • Withdraw consent for Google OAuth by revoking access via your Google account settings at myaccount.google.com/permissions.

8. Security

We use industry-standard security practices: encrypted connections (HTTPS/TLS), httpOnly session cookies, Helmet security headers, rate limiting, and workspace-level data isolation. No system is completely secure; if you believe your account has been compromised, contact us immediately.

9. Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be noted by updating the date at the top of this page. Continued use of TeamFore after changes constitutes acceptance of the updated policy.

10. Contact

For any privacy-related questions or data requests, contact us at: vivekanandagodi@gmail.com