Privacy Policy

Effective Date: December 2025 | Last Updated: April 26, 2026

Company/Operator: Stonebridge Collective LLC | Contact: support@jobclocked.com

1) Overview

This Privacy Policy explains how JobClocked ("we," "us," or "our") collects, uses, discloses, and safeguards information when you use our web and mobile applications for time tracking, expenses, invoicing, and related services.

This policy reflects JobClocked's current product functionality, integrations, and security architecture. JobClocked is intended for use by adult business users and organizations.

2) Information We Collect

A. Account & Profile Information

When you create or manage an account, we collect:

  • Username, email address, first and last name, phone number
  • Role and permissions, time zone, hourly rate (if provided)
  • Account preferences and notification settings

B. Organization & Member Metadata

If you create or join an organization, we collect:

  • Organization name, address, time zone, currency defaults
  • Billing defaults (invoice prefix, starting number, default rates, payment terms)
  • Membership data (member roles, invitations, organization ownership)

C. Client & Project Information

To support billing and project tracking, we store:

  • Client contact details (name, email, phone, address)
  • Project details (name, description, status, billing type, rates, dates, assignments)

D. Time, Expense, and Adjustment Records

We store:

  • Time entries (descriptions, start/end times, duration, billable status, rates, amounts)
  • Expense records (amounts, categories, receipt details, mileage, dates, billable status)
  • Adjustments (reason, amount, category, date, billable status)

E. Receipt & Document References

We store metadata and references for:

  • Receipt images and supporting documents you attach to expenses or projects
  • File identifiers, links, and folder references for items uploaded to connected storage providers

F. Invoicing, Billing & Email Templates

We store:

  • Invoices (numbers, totals, status, payment terms, notes, sent/paid dates)
  • Invoice-related file metadata (PDF information, linked folders)
  • Billing/payment metadata at the organization and invoice level (e.g., payment status, payment method type, processor reference identifiers)
  • Email templates (subject, body, HTML content, default status)

G. Authentication & Security Data

We process:

  • Passwords, stored only as secure one-way hashes
  • Access tokens and refresh tokens used to maintain your session
  • HttpOnly authentication cookies (see Section 4)
  • Multi-factor authentication settings, including TOTP secrets and backup codes (when MFA is enabled)
  • Trusted device records, including device fingerprint context such as user agent and IP-derived metadata

H. Mobile App Local Storage Data

If you use the JobClocked mobile app, the app stores certain data locally on your device:

  • Auth/session artifacts (access and refresh tokens) used to keep you signed in
  • A hashed offline unlock PIN you set for the mobile app
  • A cached copy of your user profile so the app can function briefly without network access
  • A biometric unlock toggle indicating whether you have opted in to Face ID / fingerprint unlock
  • An offline login timestamp used to enforce offline expiry windows

I. Third-Party Integration Data (Optional)

If you enable integrations, we store:

  • Google Drive: OAuth tokens and selected folder metadata for document storage and backups
  • Gmail: OAuth tokens used to send emails from your Gmail account on your behalf

JobClocked's use and transfer of information received from Google APIs complies with the Google API Services User Data Policy, including the Limited Use requirements.

J. System & Log Data

We collect limited log and usage data such as IP address, device type, timestamps, request paths, and error events to maintain security, diagnose issues, and ensure service reliability. See Section 12 for details on log redaction.

3) How We Use Your Information

We use collected information to:

  • Provide time tracking, expense management, invoicing, and project functionality
  • Generate, manage, and process invoices and billing communications
  • Organize and upload receipts and documents to connected services
  • Authenticate users, manage sessions, and secure accounts (including MFA and trusted device evaluation)
  • Enable mobile offline access and biometric unlock on devices where you opt in
  • Provide customer support, monitor reliability, and investigate errors

4) Authentication, Sessions & Cookies

JobClocked uses a token-based authentication model. When you sign in, we issue a short-lived access token and a longer-lived refresh token used to obtain new access tokens without re-prompting for credentials.

On the web, these tokens are delivered and stored in HttpOnly cookies that are not accessible to client-side JavaScript. These cookies exist solely for authentication, session continuity, and security (such as detecting expired or revoked sessions). We do not use cookies for advertising or cross-site tracking.

Sessions persist across page reloads and (where you have chosen to remain signed in) across browser restarts until the refresh token expires or is revoked. Signing out, changing your password, or revoking a trusted device invalidates the associated tokens.

5) Mobile App Local Storage & Offline Unlock

The JobClocked mobile app stores authentication artifacts and offline unlock data on your device so that you can use the app briefly without network connectivity. This includes:

  • Access and refresh tokens used to authenticate API requests
  • A hashed PIN that you set for offline unlock (we do not store the PIN itself)
  • A cached snapshot of your user profile
  • A biometric unlock preference toggle
  • An offline login timestamp

Offline access is time-limited. After the offline expiry window elapses without successfully reaching our servers, the app will require you to sign in online again before continued use. Uninstalling the app or signing out clears the locally stored unlock data.

6) Biometric Usage

If you enable biometric unlock (such as Face ID or fingerprint) in the mobile app, biometrics are used only for local app unlock on your device. Biometric verification is performed entirely by your device's operating system. JobClocked never receives, stores, or transmits your biometric data, fingerprint templates, or facial recognition data.

Biometrics are not used for server-side authentication. Disabling biometric unlock in the app or in your device settings turns this feature off immediately.

7) Multi-Factor Authentication & Trusted Devices

When you enable multi-factor authentication (MFA), we store:

  • A TOTP shared secret used to verify time-based one-time passwords from your authenticator app
  • One-time backup codes that allow recovery if you lose access to your authenticator
  • Trusted device records that include fingerprint attributes such as user agent and IP-derived context

This data is used solely to verify your identity, reduce repeated MFA prompts on devices you have marked as trusted, and detect suspicious sign-in attempts. You can revoke trusted devices and regenerate backup codes from your account settings.

8) Third-Party Processors & Subprocessors

We use the following third-party processors to operate JobClocked. Each receives only the data necessary to perform its function:

  • Sentry — error monitoring and performance diagnostics. Sentry receives error events, stack traces, and limited request context. Our event preprocessing strips cookies before events are sent to Sentry to avoid forwarding session credentials.
  • Google (OAuth, Google Drive, Gmail) — token-based integrations you opt into. Google receives the OAuth scopes you authorize, the files we upload or list on your behalf, and the emails we send through Gmail at your request.
  • Stripe and other payment rails — when payments are processed through Stripe or another configured provider, the provider receives the payment amount, currency, customer/invoice references, and any payer information required to complete the transaction. JobClocked itself does not store full card or bank account numbers; we retain only payment metadata at the organization and invoice level (such as payment status and processor reference identifiers). Manual payment rails (e.g., recording a check or bank transfer outside Stripe) only store the metadata you enter.
  • Database, hosting, and email delivery providers — used to host the service and deliver transactional system emails (e.g., password resets).

Our subprocessor list may change as our infrastructure evolves. Material updates will be reflected by updating the "Last Updated" date and, where required, by additional notice.

9) Document & Receipt Uploads

Receipts, supporting documents, and invoice PDFs that you attach in JobClocked are uploaded to Google Drive using the connected Drive integration for your organization.

Visibility caveat: Uploads are currently configured with a public-link visibility setting (makePublic: true). This means that anyone who obtains the resulting Drive file link may be able to access the file without further authentication. You should treat any document you upload as potentially shareable via link and avoid uploading material you are not comfortable distributing in this way. Access through the JobClocked app itself remains restricted to authenticated users in your organization.

10) Cross-Org Drive Credential Model

Organization-level uploads (such as receipts and backup files) use the Google Drive connection of the organization owner. When members of your organization upload through JobClocked, the upload is performed on behalf of the organization using the owner's connected Drive credentials, and the resulting files reside in the owner's Drive account in the configured folder.

Owners can disconnect the Drive integration at any time, which will stop new uploads and disable Drive-dependent features for the organization.

11) Backups & Exports

JobClocked supports creating backup archives of organization data. Backups can be created on demand, uploaded to the organization's connected Google Drive, listed within the app, and downloaded. Access to create, list, and download backups is restricted to organization owners.

12) Security Logging & Redaction

We log operational metadata about requests (such as method, path, status, timing, IP, and user agent) for security monitoring and diagnostics. Sensitive values — including passwords, tokens, cookies, and known secret fields — are redacted before request and error data is written to logs or forwarded to our monitoring providers. Logs may still include other operational metadata necessary to diagnose issues.

13) Permissions

Mobile app: The mobile app may request permission to use your device's camera for receipt capture and related expense flows, and Face ID / biometric permission for local app unlock. The app's permission prompts describe each use at the time the permission is requested. You can revoke these permissions at any time in your device's system settings.

Web app: The JobClocked web application sends a Permissions-Policy HTTP header that explicitly disables browser camera, microphone, and geolocation access for the application. JobClocked does not request or use these browser capabilities on the web.

14) Data Retention

We retain different categories of data for different periods based on operational need and legal requirements:

  • Account & profile data — retained for the life of your account. Deleted or anonymized within a reasonable period after account deletion, subject to legal/accounting holds.
  • Organization, client, project, time, and expense records — retained while the organization is active and for a reasonable period thereafter to support reopening, audits, and billing reconciliation.
  • Billing & invoice metadata — retained for the period required by applicable tax and accounting laws (typically several years), even after account closure.
  • Operational and security logs — retained for a limited rolling window sufficient for incident investigation and trend analysis.
  • Uploaded files (receipts, documents, backups) — retained in the connected Google Drive folder until you or your organization owner deletes them, or until the Drive integration is removed.
  • OAuth tokens (Google Drive, Gmail) — retained until you revoke the integration in JobClocked or in your Google account, or until the token is invalidated by the provider.
  • Access & refresh tokens, sessions, and trusted devices — expire automatically based on configured token and session lifetimes; revoked immediately when you sign out or remove a trusted device.

To request deletion of your account, contact us at the address in Section 17. We will confirm and process verified deletion requests within a reasonable timeframe, typically within 30 days, except where retention is required for legal, accounting, or security purposes.

15) How We Share Information

We do not sell personal information.

We share information only with the trusted service providers described in Section 8, and only to the extent necessary to operate the service. We may also disclose information where required to:

  • Comply with applicable laws or legal requests
  • Protect the security, integrity, or rights of JobClocked and its users

16) Security

We implement industry-standard security measures, including password hashing, HttpOnly authentication cookies, optional multi-factor authentication, trusted device evaluation, log redaction of sensitive fields, and the web Permissions-Policy header described above.

No system is completely secure, and we cannot guarantee absolute security.

17) Your Rights & Choices

Depending on your location, you may have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate or out-of-date personal data (much of which you can update directly in your account settings)
  • Delete your account and associated personal data, subject to the retention exceptions in Section 14
  • Export your data in a portable format
  • Withdraw consent for optional integrations (such as Google Drive or Gmail) at any time by disconnecting them in the app
  • Revoke trusted devices and active sessions from your account settings

To exercise any of these rights, email support@jobclocked.com. We will acknowledge your request within a reasonable period and aim to respond substantively within 30 days, consistent with applicable law. We may need to verify your identity before fulfilling certain requests.

18) Public Link & Document Visibility Caveat

As described in Section 9, files uploaded through JobClocked to Google Drive are currently configured with public-link visibility. Anyone who obtains the resulting Drive link may be able to view the file. Please consider this when uploading receipts, contracts, or other documents.

19) International Use & Cross-Border Processing

JobClocked is operated from the United States. If you access JobClocked from outside the United States, your information may be processed and stored in the United States or in other locations where our service providers (including those listed in Section 8, such as Google, Sentry, and Stripe) operate.

Our subprocessor list may be updated from time to time as our infrastructure changes. The current "Last Updated" date at the top of this policy reflects the most recent revision.

20) Children's Privacy

JobClocked is intended for adult business users and organizations. The service is not directed to, designed for, or intended for use by minors, including children under the age of 13. We do not knowingly collect personal information from minors. If you believe a minor has provided us with personal information, please contact us so we can take appropriate action.

21) Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be reflected by updating the "Last Updated" date above and, where appropriate, by additional notice within the app.

22) Contact Us

If you have questions or requests regarding this Privacy Policy: