1. Overview
CredWatch (“we”, “us”, “our”) operates a workforce compliance tracking platform for trades staffing agencies. This policy explains how we collect, use, and protect information about both agency administrators and the workers whose credentials are tracked in our system.
2. Information We Collect
From agency administrators:
- Name, email address, company name
- Phone number (if provided)
- Billing information (processed by Stripe — we never store card details)
- Agency address and contact information
From worker records (entered by agencies):
- Worker names, email addresses, phone numbers
- License numbers, credential types, expiration dates
- Credential documents uploaded to our system
- License verification data from public state databases
3. How We Use This Information
- To provide the CredWatch service
- To send automated license expiration reminders to workers and agency administrators
- To verify license status against public state licensing databases
- To process billing through Stripe
- We never sell, share, or rent your data to third parties
- We never use your data for advertising purposes
4. Worker Data and Consent (TCPA)
CredWatch sends automated SMS reminders to workers about their expiring licenses. By adding a worker's phone number to CredWatch, the agency administrator represents and warrants that:
- (a) The worker has consented to receive automated text messages about their license status from the agency or its service providers;
- (b) The phone number belongs to the worker and is correct;
- (c) The agency will obtain any required consents before adding worker contact information.
Workers may opt out of SMS reminders at any time by replying STOP to any message. Standard message and data rates may apply.
5. State License Database Verification
CredWatch accesses publicly available state licensing databases to verify contractor license status. This data is public record. We use it solely to provide license verification services to agencies managing those workers. We do not sell or redistribute this data.
6. Data Security
- All data stored in Supabase with row-level security — no agency can access another agency's data
- All data transmitted over encrypted HTTPS
- Credential documents stored in private, access-controlled storage
- We never store payment card details
7. Data Retention
We retain your data for as long as your account is active. When you delete your account, all agency data, worker records, and credential documents are permanently deleted within 30 days.
8. Your Rights
You may request access to, correction of, or deletion of your data at any time by emailing hello@credwatch.app. For California residents, additional rights apply under the CCPA — see Section 9.
9. California Residents (CCPA)
If you are a California resident, you have the right to:
- Know what personal information we collect
- Request deletion of your personal information
- Opt out of the sale of personal information (we do not sell personal information)
- Non-discrimination for exercising your rights
To exercise these rights, email hello@credwatch.app with subject line “CCPA Request”.
10. Contact
Privacy questions or requests:
hello@credwatch.app
CredWatch
Phoenix, Arizona