Privacy Policy
How ManageSync collects, uses, shares, and protects information when you use our platform.
Effective June 22, 2026 · Last updated June 22, 2026
1. Overview & scope
This Privacy Policy explains how ManageSync (“ManageSync,” “we,” “us,” or “our”) handles information in connection with our multi-tenant field-service platform and marketplace (the “Platform”). ManageSync is a business-to-business service used by Locations (such as convenience stores, fuel sites, and facility operators), Contractors (service firms, their dispatchers, and technicians), and our own staff.
This policy applies to information processed through the Platform and our related websites. It does not cover the independent practices of third-party services you connect, or of the Locations and Contractors who use the Platform and act as the controllers of their own data.
2. Our role: controller & processor
For account registration, billing, security, and operating the Platform generally, ManageSync acts as a controller of the relevant information. For data that a customer organization submits or generates while using the Platform (such as Work Order content), ManageSync generally acts as a processoron that organization’s behalf and processes it according to that organization’s instructions and our agreement with them. If you are an Authorized User of an organization, requests about that organization’s data may need to be directed to that organization.
3. Information we collect
We collect the following categories of information:
- Account & profile information — name, email address, phone number, password (stored hashed by our authentication provider), notification preferences, and two-factor authentication settings.
- Organization & business information — company name, addresses, service areas, sites and offices, roles, territories, licenses, and similar operational details.
- Credit, billing & verification information — information you provide in credit applications, tax forms (such as W-9 details), insurance certificates, and business documentation, along with plan and billing records.
- Work Order content — service requests, scheduling, assignments, notes, messages, forms, job photos, and service ratings.
- Tank monitoring telemetry — tank-level readings, device data, and alarm events received from connected Veeder-Root TLS hardware.
- Integration data — information exchanged with connected third-party services such as QuickBooks Online (Intuit) and PDI for accounting and invoicing.
- Usage, device & log data — IP address, browser and device information, pages and actions, timestamps, and diagnostic logs.
- Communications & email engagement — messages you send us, and email delivery and engagement events (such as delivery, opens, and clicks) from our email provider.
- Audit & access records — records of significant actions, including consented staff-access grants and administrative activity.
4. How we use information
We use information to:
- provide, operate, maintain, and secure the Platform;
- create and manage accounts and organizations, and authenticate users;
- enable core features — dispatching, the marketplace, scheduling, compliance tooling, tank-monitoring displays and alarms, and accounting integrations;
- facilitate Work Orders, including sharing necessary information between the relevant Location and Contractor;
- process billing, credit applications, and invoicing;
- send transactional and operational communications, alarms, and notifications (subject to your preferences);
- provide support and respond to inquiries;
- detect, investigate, and prevent fraud, abuse, and security incidents;
- improve and develop the Platform, and analyze usage in aggregate; and
- comply with legal obligations and enforce our terms.
7. Service providers & subprocessors
We rely on a small set of trusted providers to deliver the Platform. The principal ones are:
| Provider | Purpose |
|---|---|
| Supabase | Database, authentication, file storage, and real-time infrastructure |
| Vercel | Application hosting and content delivery |
| Resend | Transactional and notification email delivery |
| Intuit (QuickBooks Online) | Accounting and invoicing integration (when enabled) |
| PDI | Accounting / ERP integration (when enabled) |
This list may change as our services evolve. We will keep it current and can provide additional detail about our subprocessors on request to support@managesync.com.
8. Consented staff access
To provide support and resolve issues, ManageSync staff may need to access an organization’s data. Where the Platform provides a consented staff-access mechanism, such access is intended to be granted by the customer, limited in time, scoped to what is needed, and recorded in an audit log. We log administrative and access actions to support accountability and security.
9. Data retention
We retain information for as long as needed to provide the Platform, to maintain account and organization records, to comply with legal, accounting, and regulatory obligations, to resolve disputes, and to enforce our agreements. Certain records — such as audit logs and Work Order status history — are kept as part of the integrity and accountability of the Platform. When information is no longer needed, we delete or de-identify it in the ordinary course.
10. Security
We use administrative, technical, and organizational measures designed to protect information, including encryption in transit, access controls, tenant data isolation, optional two-factor authentication, and audit logging. No method of transmission or storage is completely secure, however, and we cannot guarantee absolute security. You are responsible for safeguarding your credentials and for configuring access within your organization appropriately.
11. Your rights & choices
Depending on your location and role, you may have rights to access, correct, update, delete, or obtain a copy of certain personal information, or to object to or restrict certain processing. You can update much of your profile and notification preferences directly within the Platform, and you can unsubscribe from non-essential emails using the link in those messages or via your notification settings. Security and authentication messages (such as password resets, access requests, and critical alarms) are always sent and cannot be turned off.
To exercise a right, contact us at support@managesync.com. If the information relates to an organization for which we act as a processor, we may direct your request to that organization or assist it in responding. We will verify requests as appropriate and respond as required by applicable law.
12. International data transfers
ManageSync operates in the United States, and information we process may be stored and handled in the United States or other countries where we or our service providers operate. Where required, we take steps to ensure appropriate safeguards for cross-border transfers of personal information.
13. Children's privacy
The Platform is intended for business use by adults and is not directed to children. We do not knowingly collect personal information from anyone under 18. If you believe a minor has provided us information, contact us so we can take appropriate action.
14. Changes to this policy
We may update this Privacy Policy from time to time. If we make material changes, we will take reasonable steps to notify you, such as by posting the updated policy with a new “Last updated” date or notifying you within the Platform. Your continued use of the Platform after changes take effect constitutes acceptance of the updated policy.
15. Contact
If you have questions about this Privacy Policy or our data practices, contact us at support@managesync.com, or by mail to ManageSync, Phoenix, AZ.
