This Privacy Policy explains how Hoursmith collects, uses, and protects data when you use the product to track time, manage clients and projects, send invoices, and collect payments.
What we collect
- Account data: your email, name, organization name, and timezone.
- Workspace content: clients, projects, tasks, time entries, and invoices you create. We store this so the product can show it back to you.
- Billing and payment data: Stripe handles subscription billing for your Hoursmith plan, and Stripe Connect handles online invoice payments into your connected Stripe account. We store Stripe identifiers, plan status, invoice payment status, and webhook event ids. We never see or store card numbers, CVCs, or bank-account credentials.
- Operational logs: server logs (request paths, status codes, error traces) and email-send records.
- Product analytics: when configured, and only after you allow analytics in the site banner, we send a small set of named events to PostHog — page views, CTA clicks, plan selections. The full event list is in our public source code at
src/lib/analytics/events.ts. We never send your email, name, phone, address, or any password / token. After you sign in we identify your session by your account's opaque UUID — not your email. Users with the "Do Not Track" signal enabled are excluded automatically.
What we don't collect
- Card numbers, CVCs, or expiry dates. Stripe handles all payment data.
- We don't sell your data, run third-party trackers in the app, or share your workspace content with anyone.
How we use it
We use the data above only to operate the product — show you your workspace, send invoices on your behalf, process your subscription, reconcile invoice payments, protect the service from abuse, and respond to support requests.
Your data, your call
You can, at any time:
- Export: download a JSON copy of every workspace row from
/settings → Download all data. - Delete: close your workspace from
/settings → Delete organization. We immediately cancel your Stripe subscription, clear stored email-provider credentials, and soft-delete the workspace data so it no longer appears in the product. Hard deletion of retained rows is handled by support request.
Subprocessors
- Stripe — payment processing.
- Your email provider — when you bring your own SMTP / SES / Resend credentials, that provider receives the outbound message.
- PostHog— product analytics (when configured). Event properties exclude email, name, phone, address, and password / token fields by construction. Session recording is disabled. We use localStorage rather than third-party cookies. Analytics starts only after you allow it in the site banner; you can opt out by declining there or by enabling "Do Not Track" in your browser.
- Hosting + database — the cloud provider you choose. Their sub-processor list applies.
Security
Detailed practices are in /security. Tap that link before asking for a security questionnaire.
Contact
Email hi@hoursmith.app with any privacy question or request.