Privacy Policy

Last updated: February 2026

Note: This is a template privacy policy. Please consult a lawyer before launch to ensure full compliance with applicable privacy laws (CCPA, GDPR, etc.).

Introduction

WireHours (“we,” “us,” or “our”) operates the WireHours web application (the “Service”). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. We are committed to protecting your personal data and being transparent about what we collect and why.

Information We Collect

Account Information

  • Name and email address (required for account creation)
  • Phone number (optional, used for SMS notifications)
  • State and trade selection (for compliance tracking)

Employment & Work Data

  • Employer information (name, address, supervisor details)
  • Work hour entries (date, hours, categories, descriptions)
  • GPS location data (optional — only when explicitly enabled by you for work verification)
  • Uploaded documents (certifications, training records)

Verification Data

  • Supervisor signatures (captured via digital signature pad)
  • Verification timestamps and IP addresses

Technical Data

  • Device type and browser information
  • IP address and general location
  • Usage analytics (pages visited, features used)

How We Store Your Data

Your data is stored securely using Supabase, which provides US-hosted PostgreSQL databases with encryption at rest and in transit. All database access is protected by row-level security (RLS) policies — you can only access your own data. Uploaded documents are stored in Supabase Storage with private access controls.

How We Use Your Data

  • Provide and maintain the Service (hour tracking, compliance calculations, progress dashboards)
  • Generate state-specific compliance reports and PDF exports
  • Send verification requests to supervisors on your behalf
  • Send transactional emails (account confirmation, verification status, license expiration reminders)
  • Process payments for Pro and Contractor subscriptions
  • Improve the Service based on anonymous, aggregated usage data

Third-Party Services

We use the following third-party services to operate WireHours. We do NOT sell your data to advertisers or third-party marketing companies. Ever.

  • Supabase — Database, authentication, and file storage (US-hosted)
  • Stripe — Payment processing. We never store your credit card information. Stripe is PCI DSS Level 1 certified, the highest level of security.
  • Resend — Transactional email delivery (verification requests, account notifications)
  • Twilio — SMS notifications (optional, for verification status updates)
  • Vercel — Application hosting and deployment

Cookies

We use only essential cookies required for authentication and session management. We do not use advertising cookies, tracking pixels, or third-party marketing cookies. Our authentication session cookie is HttpOnly and Secure, meaning it cannot be accessed by JavaScript and is only transmitted over HTTPS.

Your Rights: Data Export & Deletion

Your data belongs to you. At any time, you can:

  • Export your data — Download all your hour entries, employer information, and documents as a PDF or structured export from the Settings page.
  • Delete your account — Permanently delete your account and all associated data from Settings. This cascades to all hour entries, employers, documents, and verification records. Any active Stripe subscription is cancelled. This action is irreversible.
  • Request data correction — Contact us at support@wirehours.app to correct any inaccurate personal data.

Children's Privacy

WireHours is not intended for use by anyone under the age of 13. We do not knowingly collect personal information from children under 13. Electrical apprenticeship programs typically require participants to be at least 16-18 years old. If we discover that a child under 13 has created an account, we will promptly delete it.

Data Retention

We retain your data for as long as your account is active. Apprenticeship records may be needed for licensing applications years after they are created, so we do not automatically delete old data. When you delete your account, all data is permanently removed within 30 days. Anonymized, aggregated analytics data (which cannot identify you) may be retained indefinitely.

Security

We take the security of your data seriously. Measures include: encryption at rest and in transit (TLS 1.2+), row-level security (RLS) on all database tables, secure authentication via Supabase Auth, regular security audits, and rate limiting on all public endpoints. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by email and by posting the updated policy on this page with a new “Last updated” date. Your continued use of the Service after changes constitutes acceptance of the updated policy.

Contact Us

If you have questions about this Privacy Policy or your data, contact us at: support@wirehours.app