Privacy Policy

Effective Date: February 1, 2026
Last Updated: February 1, 2026

Elite Tech Global LLC ("Company," "we," "us," or "our"), a Utah limited liability company, operates the Ref LeakLog software application and website at refleaklog.app (the "Service"). This Privacy Policy explains how we collect, use, disclose, store, and protect your personal information when you use the Service.

By using the Service, you consent to the practices described in this Privacy Policy. If you do not agree with this Privacy Policy, please do not use the Service.

1. Information We Collect

1.1 Account Information

When you create an account, we collect:

  • Full name
  • Email address
  • Password (stored in hashed form; we never store plaintext passwords)
  • Organization name
  • Account role (Owner or Technician)
  • EPA Section 608 certification type and certification number

1.2 Business and Compliance Data

In the course of using the Service, you may enter the following types of business and compliance data:

  • Equipment records: Equipment descriptions, types, categories, refrigerant types, full charge amounts, and installation details
  • Service event logs: Dates, refrigerant quantities added or recovered, service types, leak checks, and technician notes
  • Leak rate calculations: Automatically computed values based on your entered data using EPA-approved calculation methods
  • Repair and verification records: Repair action details, verification test results, and follow-up dates
  • Customer site information: Site names, addresses, and contact details
  • Technician profiles: Names, email addresses, EPA certifications, and active/inactive status

1.3 Payment Information

Payment transactions are processed by our third-party payment processor, Lemon Squeezy (Lemon Squeezy LLC). When you subscribe, payment information (such as credit card number, billing address) is collected and processed directly by Lemon Squeezy. We do not receive, store, or have access to your full credit card number or payment credentials. We receive from Lemon Squeezy only: confirmation of payment status, subscription status, plan type, customer ID, and subscription ID.

1.4 Automatically Collected Information

When you access the Service, we may automatically collect certain technical information, including:

  • IP address
  • Browser type and version
  • Device type and operating system
  • Pages visited and features used within the Service
  • Date and time of access
  • Referring URL

This information is collected through server logs and, where applicable, cookies. See our Cookie Policy for more details.

1.5 Information We Do Not Collect

We do not knowingly collect: Social Security numbers, driver's license numbers, financial account numbers (other than through our payment processor), biometric data, geolocation data, or information from children under the age of 18.

2. How We Use Your Information

We use the information we collect for the following purposes:

  • Providing the Service: Operating and maintaining the Service, including performing leak rate calculations, generating compliance reports, managing user accounts and organization access, and processing subscription billing
  • Communication: Sending transactional emails (account verification, password resets, billing receipts, subscription status changes), service announcements, and compliance alerts (such as threshold exceedance notifications)
  • Improvement: Analyzing usage patterns to improve the Service's functionality, performance, and user experience
  • Security: Detecting and preventing fraud, unauthorized access, and other security threats
  • Legal compliance: Complying with applicable laws, regulations, and legal processes

We do not sell your personal information. We do not use Your Data for advertising purposes. We do not share Your Data with third parties for their marketing purposes.

3. How We Share Your Information

We may share your information only in the following limited circumstances:

3.1 Service Providers

We share data with third-party service providers who assist in operating the Service, including:

  • Supabase (Supabase Inc.): Database hosting, authentication, and backend infrastructure. Your Data is stored in Supabase-managed databases with row-level security policies ensuring organization-scoped data isolation.
  • Lemon Squeezy (Lemon Squeezy LLC): Payment processing and subscription management.
  • Vercel (Vercel Inc.): Application hosting and content delivery.

These providers process your data solely on our behalf and are contractually obligated to protect your information and use it only for the purposes we specify.

3.2 Within Your Organization

Data entered by any user within an organization is visible to other authorized users of that same organization according to the role-based access controls of the Service. Organization Owners have access to all data within their organization. Technicians have access to data appropriate to their role.

3.3 Legal Requirements

We may disclose your information if required to do so by law, legal process, or governmental request, or when we believe in good faith that disclosure is necessary to: (a) comply with a legal obligation; (b) protect our rights, property, or safety; (c) prevent fraud or illegal activity; or (d) protect the personal safety of users or the public.

3.4 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, your information may be transferred to the acquiring entity. We will notify you via email or prominent notice on the Service before your information becomes subject to a different privacy policy.

4. Data Security

We implement industry-standard technical and organizational measures to protect your information, including:

  • Encryption of data in transit using TLS/SSL
  • Encryption of data at rest in our database systems
  • Row-level security policies ensuring organization-scoped data isolation (users in one organization cannot access data belonging to another)
  • Hashed password storage (we never store plaintext passwords)
  • Role-based access controls (Owner vs. Technician permissions)
  • HMAC signature verification on payment webhooks to prevent tampering
  • Regular security reviews of application code and infrastructure

Despite these measures, no method of transmission over the Internet or method of electronic storage is 100% secure. We cannot guarantee absolute security. If you become aware of a security vulnerability or data breach, please contact us immediately at security@refleaklog.app.

5. Data Retention

We retain your personal information and Your Data for as long as your account is active or as needed to provide the Service. Given the regulatory nature of the compliance data stored in the Service, we maintain data availability for audit purposes consistent with EPA recordkeeping requirements.

Upon account deletion:

  • We provide at least thirty (30) days for you to export Your Data
  • Personal information and Your Data are permanently deleted within ninety (90) days
  • Anonymized or aggregated data that cannot be used to identify you may be retained for analytical purposes
  • Information we are required by law to retain will be kept for the legally required period

6. Your Rights and Choices

6.1 General Rights

Regardless of your location, you have the right to:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request correction of inaccurate or incomplete personal information
  • Deletion: Request deletion of your personal information and account
  • Data export: Export Your Data through the Service's built-in PDF report features
  • Opt-out: Opt out of non-essential communications

To exercise any of these rights, contact us at privacy@refleaklog.app. We will respond to verified requests within thirty (30) days.

6.2 Utah Consumer Privacy Act (UCPA)

If you are a Utah resident, you have additional rights under the Utah Consumer Privacy Act (Utah Code § 13-61), effective December 31, 2023, including the right to:

  • Confirm whether we are processing your personal data
  • Access your personal data
  • Delete personal data you have provided to us
  • Obtain a portable copy of your data in a readily usable format
  • Opt out of the processing of personal data for targeted advertising or the sale of personal data

We do not sell personal data and do not process personal data for targeted advertising. To exercise your UCPA rights, contact us at privacy@refleaklog.app.

6.3 California Consumer Privacy Act (CCPA / CPRA)

If you are a California resident, you have rights under the California Consumer Privacy Act (as amended by the California Privacy Rights Act), including the right to:

  • Know what personal information we collect, use, disclose, and sell
  • Request deletion of your personal information
  • Opt out of the sale or sharing of your personal information
  • Non-discrimination for exercising your privacy rights
  • Correct inaccurate personal information
  • Limit use of sensitive personal information

We do not sell or share personal information as defined under the CCPA / CPRA. To submit a verifiable consumer request, contact us at privacy@refleaklog.app. We will verify your identity before processing your request and respond within forty-five (45) days.

6.4 Other State Privacy Laws

If you are a resident of Virginia, Colorado, Connecticut, or any other state with consumer privacy legislation, you may have similar rights under your state's privacy law. We are committed to honoring all applicable privacy rights. Please contact us at privacy@refleaklog.app to exercise your rights.

7. Children's Privacy

The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we learn that we have collected personal information from a child under 18, we will take steps to delete that information promptly. If you believe a child under 18 has provided us with personal information, please contact us at privacy@refleaklog.app.

8. International Users

The Service is hosted in the United States and is primarily intended for users in the United States. If you access the Service from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your country. By using the Service, you consent to this transfer, storage, and processing.

9. Third-Party Links

The Service may contain links to third-party websites or services, including EPA resources, payment processor pages, and educational content. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party services you access through the Service.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. We will notify you of material changes by posting the updated policy on this page with a revised "Last Updated" date and, for significant changes, by sending an email notification. Your continued use of the Service after changes become effective constitutes your acceptance of the revised Privacy Policy.

11. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Elite Tech Global LLC
Email: privacy@refleaklog.app
General inquiries: support@refleaklog.app
Security issues: security@refleaklog.app
Website: https://refleaklog.app