PatchDesk← Back to Home

Privacy Policy

Last updated: March 1, 2025

1. Introduction

PixelnPatch IT Services ("we," "us," or "our") operates PatchDesk, a Professional Services Automation platform for Managed Service Providers. This Privacy Policy explains how we collect, use, disclose, and protect information when you use the PatchDesk service ("Service").

By using the Service, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

Account and Organization Information

When your organization is onboarded to PatchDesk, we collect:

  • Organization name and contact details
  • Administrator name and email address
  • Billing information (processed securely through our payment provider)
  • Subscription and service agreement details

User Information

For users within your organization, we collect:

  • Name and email address
  • Role and permissions within the platform
  • Authentication credentials (passwords are hashed and never stored in plain text)
  • Login activity and session information

Service Data

Data you input into the Service in the course of your business operations, including:

  • Client and contact information
  • Support tickets, notes, and correspondence
  • Project and task data
  • Time entries and invoices
  • Asset and configuration records

Technical Information

We automatically collect certain technical data, including:

  • IP addresses and browser information
  • Device and operating system details
  • Pages visited and features used within the Service
  • Error logs and performance data

3. How We Use Information

We use the information we collect to:

  • Provide, operate, and maintain the Service
  • Process transactions and send related information
  • Send administrative communications, such as updates and security alerts
  • Respond to support requests and provide customer service
  • Monitor and analyze usage to improve the Service
  • Detect and prevent fraudulent or unauthorized use
  • Comply with legal obligations

We do not sell your data to third parties. We do not use your Service Data for advertising purposes.

4. Data Storage and Security

Your data is stored on secure servers provided by Supabase, our database and authentication provider. Data is stored in regions compliant with applicable data protection regulations.

We implement industry-standard security measures including:

  • Encryption of data in transit using TLS/SSL
  • Encryption of data at rest
  • Row-level security policies ensuring multi-tenant data isolation
  • Regular security reviews and updates
  • Access controls limiting who can access your data

While we take reasonable steps to protect your data, no system is completely secure. We cannot guarantee absolute security of your information.

5. Third-Party Service Providers

We use select third-party providers to operate the Service. These providers only have access to information necessary to perform their functions and are obligated to protect it:

  • Supabase — Database, authentication, and file storage
  • Vercel — Application hosting and deployment
  • Resend — Transactional email delivery
  • Cloudflare — Bot protection and security

We do not share your data with any other third parties except as required by law or with your explicit consent.

6. Client Portal Data

PatchDesk includes a client portal feature that allows your clients to access certain information about their tickets, projects, and invoices. When your clients use the portal:

  • They authenticate using OAuth (Microsoft or Google) or email
  • They can only access data you have explicitly shared with them
  • Their portal activity may be logged for security purposes

You are responsible for informing your clients about how their data is used within the portal and for obtaining any necessary consents.

7. Data Retention

We retain your data for as long as your account is active or as needed to provide the Service. If you terminate your agreement with us, we will retain your data for a period of 90 days to allow for data export, after which it will be securely deleted unless required by law to retain it longer.

You may request export of your data at any time by contacting us.

8. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access — Request a copy of the personal data we hold about you
  • Correction — Request correction of inaccurate data
  • Deletion — Request deletion of your personal data, subject to legal obligations
  • Portability — Request your data in a portable format
  • Objection — Object to certain types of processing

To exercise any of these rights, please contact us using the information below. We will respond within a reasonable timeframe.

9. Cookies

The Service uses cookies and similar technologies to maintain your session and preferences. These are strictly necessary for the Service to function and are not used for advertising or tracking.

You can control cookie settings through your browser, but disabling certain cookies may affect the functionality of the Service.

10. Children's Privacy

The Service is intended for business use by adults and is not directed at children under the age of 16. We do not knowingly collect personal information from children. If you believe we have inadvertently collected such information, please contact us immediately.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through a notice within the Service. Your continued use of the Service after such notification constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or how we handle your data, please contact us at:

PixelnPatch IT Services

Email: support@pixelnpatch.com

Website: patchdesk.ca