Privacy Policy

Last updated: March 28, 2026

This Privacy Policy describes how TuffOps, a product provided by CaribeSolutions Inc. (“we,” “us,” or “our”), handles personal information when you visit our website, request a demo, or use our cloud-based operations software and related services (collectively, the “Services”).

If you use the Services on behalf of a company or organization, that entity is typically the controller of business contact and account data; we process such data as described here and in your agreement with us, where applicable.

1. Information we collect

We may collect the following categories of information:

• Account and contact data. Name, work email, phone number, company name, role, and similar details you provide when you sign up, book a meeting, or communicate with us.
• Service and usage data. Information about how the Services are used, such as log data, device and browser type, approximate location derived from IP address, timestamps, and diagnostic or performance data.
• Content you submit in the Services. Information your organization enters or uploads—such as customer names, site addresses, job details, photos, signatures, and messages—so we can provide the Services. Your organization decides what to enter; we process it only to operate and improve the Services as permitted by contract and law.
• Support and communications. Messages you send to us (for example, email or in-product support), including attachments you choose to provide.
• Payment-related data. If you pay us, our payment processors may collect billing details; we generally receive limited information (such as confirmation of payment) rather than full card numbers.

2. How we use information

We use personal information to:

• Provide, maintain, secure, and improve the Services;
• Create and manage accounts, authenticate users, and enforce our terms;
• Communicate with you about the Services, support, updates, and (where permitted) relevant offerings;
• Detect, prevent, and address fraud, abuse, or technical issues;
• Comply with legal obligations and respond to lawful requests; and
• Analyze usage in aggregated or de-identified form where appropriate.

3. Legal bases (EEA, UK, and similar regions)

Where required, we rely on one or more of the following: performance of a contract with you or your organization; our legitimate interests (such as securing and improving the Services), balanced against your rights; your consent, where we ask for it; and compliance with legal obligations.

4. How we share information

We do not sell your personal information. We may share information with:

• Service providers who assist us (for example, hosting, email, analytics, scheduling, payment processing, and customer support tools), subject to confidentiality and processing terms;
• Your organization, when you use the Services as part of a business account;
• Professional advisors where reasonably necessary; and
• Authorities or others when required by law or to protect rights, safety, and security.

We may also share information in connection with a merger, acquisition, or sale of assets, with notice as required by law.

5. International transfers

We may process and store information in countries other than where you live. Where we transfer personal data from the EEA, UK, or Switzerland to countries not deemed adequate, we use appropriate safeguards (such as standard contractual clauses) as required by applicable law.

6. Retention

We retain personal information for as long as needed to provide the Services, meet legal, tax, or accounting requirements, resolve disputes, and enforce agreements. Retention periods may depend on the type of data and your organization’s settings or instructions where applicable.

7. Your rights and choices

Depending on your location, you may have rights to access, correct, delete, or export certain personal information, or to object to or restrict certain processing. You may also have the right to withdraw consent where processing is consent-based, and to lodge a complaint with a supervisory authority.

To exercise rights related to data held in a business account, contact your organization’s administrator first. To contact us directly, use the email address shown on our main website. We will respond in line with applicable law.

8. Security

We implement technical and organizational measures designed to protect personal information. A summary of our security practices is available on our Security overview page.

9. Children

The Services are not directed to children under 16, and we do not knowingly collect their personal information. If you believe we have collected such information, please contact us so we can delete it.

10. Third-party sites and scheduling

Our website may link to third-party tools (for example, scheduling or video conferencing). Those services have their own privacy policies; we encourage you to read them.

11. Changes to this policy

We may update this Privacy Policy from time to time. We will post the updated version on this page and revise the “Last updated” date. Where changes are material, we will provide additional notice as appropriate.

12. Contact

For privacy questions or requests, contact us at privacy@tuffops.com.