Komplio
Log in

Privacy Policy

Last updated: February 11, 2026

1. Overview

Komplio ("Company", "we", "us") operates the Komplio platform ("Service"). This Privacy Policy explains how we collect, use, store, and protect your information when you use our Service. We are committed to protecting your privacy and handling your data transparently.

2. Information We Collect

2.1 Account Information

When you register, we collect your name, email address, and password (stored in hashed form). If you are invited to an organization, we also collect your role and organizational affiliation.

2.2 Operational Data

Through normal use of the Service, we collect and store:

  • Cleaning logs including timestamps, completion status, duration, and notes
  • Photographs uploaded as proof of cleaning (stored in secure cloud storage)
  • Checklist completion records
  • Schedule and task assignment data
  • Public feedback submitted by visitors (ratings, comments, and optionally a name)

2.3 Device and Usage Data

We automatically collect technical information including browser type, device type, IP address, pages visited, and timestamps. This data is used for security, debugging, and service improvement.

2.4 Offline Data

When using the Service offline through our progressive web application, data is temporarily stored on your device using browser storage (IndexedDB). This data is synchronized with our servers when connectivity is restored and is then removed from local storage.

3. How We Use Your Information

We use the collected information to:

  • Provide, operate, and maintain the Service
  • Authenticate users and enforce role-based access controls
  • Generate analytics and reports for your organization
  • Process subscription payments through our payment provider
  • Send service-related communications (account verification, security alerts, billing notices)
  • Improve and develop new features for the Service
  • Detect and prevent fraud, abuse, or security incidents

We do not sell your personal information to third parties. We do not use your operational data (cleaning logs, photos, etc.) for advertising purposes.

4. Data Sharing

We may share your information with:

  • Your organization: Data you create within the Service is visible to administrators and supervisors in your organization according to their role permissions.
  • Service providers: We use third-party services to host and operate the platform, including Supabase (database hosting and cloud infrastructure) and Stripe (payment processing). These providers only access data as necessary to perform their functions and are contractually obligated to protect it.
  • Legal requirements: We may disclose information if required by law, regulation, legal process, or enforceable governmental request.

5. Data Storage and Security

Your data is stored on secure cloud infrastructure. We implement industry-standard security measures including:

  • Encryption in transit (TLS/HTTPS)
  • Encryption at rest for stored data
  • Row-level security policies for multi-tenant data isolation
  • Regular security updates and monitoring
  • Authentication via secure token-based sessions with automatic refresh

In the event of a data breach that affects your personal information, we will notify affected account administrators by email without undue delay.

While we take reasonable measures to protect your data, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.

6. Data Retention

We retain your data for as long as your account is active or as needed to provide the Service. Cleaning logs, photos, and operational data are retained for the duration of your subscription.

We recommend exporting your data before deleting your account. Upon account deletion, your data is removed from our active systems. Backup copies may persist for up to 90 days before being fully purged.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access and receive a copy of your personal data
  • Correct inaccurate personal data
  • Request deletion of your personal data
  • Object to or restrict processing of your data
  • Data portability (receive your data in a structured format)
  • Withdraw consent where processing is based on consent

To exercise these rights, contact us at support@komplio.com. We will respond within 30 days.

8. Cookies and Local Storage

We use cookies for authentication and session management. We also use browser local storage (IndexedDB) for offline functionality. These are essential to the operation of the Service and cannot be disabled while using it.

We do not use third-party advertising or tracking cookies.

9. Public Feedback

The Service allows members of the public to submit feedback about washroom conditions via QR codes. Feedback submission is voluntary. Submitters may optionally provide their name but are not required to create an account. Feedback data (rating, comment, optional name) is stored and visible to the organization managing the washroom.

10. Children's Privacy

The Service is not directed at children under 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will take steps to delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or a notice within the Service. Continued use after changes take effect constitutes acceptance of the revised policy.

12. Contact

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at support@komplio.com.