Privacy Policy

1. Who We Are

CoreBack Ledger ("CoreBack," "we," "us," or "our") is operated by CoreBack Ledger, Inc. We provide a browser-based returns ledger for independent and multi-location auto repair shops at hourlyroi.com.

Contact: hello@hourlyroi.com

2. Information We Collect

2.1 Account Information

When you create an account, we collect your email address and password credentials. Passwords are stored in hashed form; we do not store plain-text passwords.

2.2 Shop and Ledger Data

To operate the product, we store the structured data you choose to save, such as shop name, vendor names, part numbers, core return amounts, due-by dates, shipment/tracking references, and credit memo values.

2.3 OCR Processing

Invoice PDFs and images are processed entirely in your browser using Tesseract.js. Raw invoice files are not required to leave your device for OCR. If you save a record, only the extracted structured data is stored in your ledger.

2.4 Usage and Service Data

We collect product and service usage information such as page visits, feature usage, and operational events needed to run, secure, and improve the service. We use Vercel-hosted analytics and performance tooling for aggregate site and application metrics.

2.5 Payment Information

Payments are processed by Stripe. We do not store full payment card numbers or card security codes on our servers.

3. Sales, Demo Requests, and Marketing Attribution

If you request a demo, pricing walkthrough, or sales follow-up, we may collect your first name, last name, work email, phone number, shop name, number of locations, monthly parts spend, and any information you share about your workflow or current challenges.

We may also capture marketing attribution metadata such as source, medium, campaign, content, term, landing path, and ad click identifiers including gclid, fbclid, li_fat_id, and rdt_cid.

We use this information to respond to your request, schedule and tailor demos, qualify product fit, prepare directional recovery estimates, measure campaign effectiveness, and manage sales follow-up. We do not sell this information.

We retain demo-request and sales-lead data for up to 12 months after our last meaningful contact unless we need to keep it longer for legal recordkeeping, or you ask us to delete it sooner.

To opt out of sales follow-up or request deletion of demo-request data, email hello@hourlyroi.com. We will review and respond within 30 days.

4. How We Use Information

• To provide, operate, secure, and maintain CoreBack Ledger
• To authenticate users and manage subscriptions, billing, and support
• To send transactional messages, deadline reminders, and operational notifications
• To respond to demo requests, sales questions, and customer success follow-up
• To measure site performance, campaign effectiveness, and product usage trends
• To comply with legal obligations and enforce our terms

5. Data Sharing

We share data only with service providers and subprocessors needed to operate the service, such as:

• Supabase for database and authentication infrastructure
• Vercel for hosting, delivery, analytics, and site performance tooling
• Stripe for subscription billing and payment processing
• Google Fonts for hosted web fonts used on our site
• Law enforcement, regulators, or advisors where disclosure is required or reasonably necessary by law

6. Data Retention

Account and product data are retained for the duration of your subscription and for a limited period afterward to support reactivation, security review, or legal recordkeeping. Demo-request and sales-lead data follow the retention rule described in Section 3. Aggregated analytics and operational logs may be retained longer where they no longer reasonably identify an individual.

7. Security

We use technical and organizational safeguards such as TLS encryption in transit, access controls, managed infrastructure security controls, and database access restrictions. No system is completely secure, so you should use a strong, unique password and protect your account credentials.

8. Your Rights and Choices

Depending on your jurisdiction, you may have rights to access, correct, delete, or export certain personal information, and to object to or restrict certain processing.

To exercise a privacy request, email hello@hourlyroi.com. For demo-request data, you may also ask us to stop sales follow-up or delete your lead record.

9. Cookies and Similar Technologies

We use essential authentication and session cookies required for login and account security. Our analytics configuration is intended for aggregate site and product measurement rather than advertising cookies. If we later add non-essential analytics, advertising, or similar tracking technologies, we will update this policy and implement additional notice or consent controls where required.

10. International Transfers

Our services are hosted in the United States. If you use the service from outside the United States, your information may be transferred to and processed in the United States.

11. Children's Privacy

CoreBack Ledger is designed for business use and is not directed to children. We do not knowingly collect personal information from children under 18.

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last Updated" date and provide additional notice where appropriate.

13. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at hello@hourlyroi.com.