ElevateOS logo
ElevateOSLeadership OS
Get Started

Privacy

Privacy Policy

Last updated: 2026

1. Who we are

ElevateOS is operated by Elevation Ops Group LLC ("ElevateOS", "we", "us"). We act as the data controller for personal data processed through the ElevateOS platform. You can contact us via the address listed on our Contact page.

2. Personal data we collect

  • Account data — name, email, password (hashed), organization.
  • Team & performance data — content you and your team enter (members, goals, projects, scorecards, notes).
  • Support data — messages you send us.
  • Usage & device data — log data, IP address, browser/device identifiers, pages viewed, feature interactions.
  • Cookies — essential cookies for session and security; optional analytics cookies if enabled.

Payment data (card details, billing address, tax IDs) is collected directly by our payments provider Paddle, not by us.

3. Why we process it and our legal basis

  • Provide the service (contract performance) — create your account, run the product features.
  • Security & fraud prevention (legitimate interests) — detect abuse and protect users.
  • Product improvement & analytics (legitimate interests / consent where required) — understand and improve how ElevateOS is used.
  • Customer support (contract / legitimate interests) — respond to your inquiries.
  • Legal compliance (legal obligation) — tax, accounting, lawful requests.
  • Marketing communications (consent) — only where you have opted in.

4. Who we share data with

  • Paddle.com Market Ltd — our Merchant of Record for sales, subscription management, payments, tax compliance, and invoicing.
  • Service providers / subprocessors — hosting, database, email delivery, analytics, and support tooling, under contractual confidentiality and security obligations.
  • Professional advisers — legal, accounting, and audit professionals.
  • Authorities — where required by law, regulation, or valid legal process.

We do not sell your personal data.

5. International transfers

Some of our service providers may process data outside your country. Where required, we rely on appropriate safeguards such as Standard Contractual Clauses or adequacy decisions.

6. Data retention

We retain personal data for as long as your account is active and for a reasonable period afterwards to comply with legal, tax, and accounting obligations, resolve disputes, and enforce agreements. When data is no longer needed it is deleted or anonymised.

7. Your rights

Depending on your location, you may have rights to:

  • Access the personal data we hold about you.
  • Request correction (rectification) of inaccurate data.
  • Request deletion (erasure) of your data.
  • Restrict or object to certain processing.
  • Receive a portable copy of your data.
  • Withdraw consent at any time where processing is based on consent.
  • Lodge a complaint with your local data protection authority.

To exercise these rights, contact us via the Contact page. We aim to respond within one month.

8. Security

We use appropriate technical and organisational measures including encryption in transit, access controls, principle-of-least-privilege, and audit logging. No system is perfectly secure, but we work to protect your data against loss, misuse, and unauthorised access.

9. Cookies

We use essential cookies to keep you signed in and secure the service. If enabled, analytics cookies help us understand product usage. You can manage cookies through your browser settings.

10. Changes

We may update this notice from time to time. Material changes will be communicated through the product or by email.