Privacy Policy

Last updated: April 13, 2026    Effective: April 13, 2026

1. Who We Are

Worklo ("we", "us", "our") is a professional services automation platform developed and maintained by the Worklo team. Our website is located at worklo.dev.

For questions about this policy, contact us at privacy@worklo.dev.

2. Data We Collect

2.1 Information you provide directly

• Contact form submissions name, email address, and message content when you contact us through our website.
• Email communications any information you include when emailing us directly.
• Job applications name, contact details, work history, and any other information submitted through our careers page.

2.2 Information collected automatically

• Usage data pages visited, time spent, referring URLs, and browser type when you visit our website.
• IP address collected for security and analytics purposes, anonymized where possible.
• Device information operating system, browser version, and screen resolution.

2.3 Information we do NOT collect

When you self-host Worklo, all data you enter into the platform projects, tasks, time entries, client information, team data is stored entirely on your own infrastructure. We have no access to this data whatsoever.

3. How We Use Your Data

We use the information we collect for the following purposes:

• Responding to inquiries to reply to contact form submissions and support requests.
• Processing job applications to evaluate candidates and communicate about open roles.
• Improving our website to understand how visitors use our site and improve the experience.
• Security to detect and prevent fraudulent or malicious activity.
• Legal compliance to comply with applicable laws and regulations.

We do not sell your personal data. We do not use your data for advertising or profiling.

4. Data Sharing

We do not sell, rent, or trade your personal information. We may share data only in the following limited circumstances:

• Service providers trusted third parties who help us operate our website (e.g., hosting providers, email services). These parties are contractually bound to protect your data.
• Legal requirements if required by law, court order, or governmental authority.
• Business transfers in the event of a merger, acquisition, or sale of assets, your data may be transferred. We will notify you before this occurs.

5. Self-Hosted Deployments

Worklo is designed as a self-hosted platform. When you download and run Worklo on your own servers:

• All data entered into the platform is stored in your own Supabase (PostgreSQL) database.
• We have no access to your database, your users' data, or any operational data.
• You are the data controller for all data processed within your self-hosted instance.
• You are responsible for securing your own deployment, including database credentials, environment variables, and network access.

This privacy policy does not govern data processed within your self-hosted Worklo instance that is governed by your own privacy policy as the data controller.

6. Cookies & Tracking

Our website uses minimal cookies:

• Essential cookies required for basic website functionality. These cannot be disabled.
• Analytics cookies used to understand how visitors use our site. These are anonymized and do not track individuals across sites.

We do not use advertising cookies, third-party tracking pixels, or social media tracking scripts. You can disable non-essential cookies in your browser settings at any time.

7. Data Retention

• Contact form data retained for up to 2 years or until you request deletion.
• Job application data retained for 12 months after the position is filled, then securely deleted.
• Website analytics aggregated and anonymized data retained for up to 24 months.

You may request deletion of your data at any time by contacting privacy@worklo.dev.

8. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

• Right of access request a copy of the personal data we hold about you.
• Right to rectification request correction of inaccurate or incomplete data.
• Right to erasure request deletion of your personal data ("right to be forgotten").
• Right to restriction request that we limit how we process your data.
• Right to data portability receive your data in a structured, machine-readable format.
• Right to object object to processing of your data for certain purposes.
• Right to withdraw consent where processing is based on consent, withdraw it at any time.

To exercise any of these rights, contact us at privacy@worklo.dev. We will respond within 30 days.

9. Security

We take reasonable technical and organizational measures to protect your personal data against unauthorized access, loss, or disclosure. These include:

• HTTPS encryption for all data in transit on our website.
• Access controls limiting who can access personal data internally.
• Regular review of our data handling practices.

No method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

10. Children's Privacy

Worklo is not directed at children under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us immediately at privacy@worklo.dev and we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. For significant changes, we will provide a more prominent notice. Your continued use of our website after changes are posted constitutes acceptance of the updated policy.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

• Email: privacy@worklo.dev
• Contact form: worklo.dev/contact