Last updated: April 2026
GraftOS is a field service management platform for UK trade businesses, operated by Flux Systems. This policy explains how we collect, use, and protect your personal data when you use our service.
We collect information you provide directly: your name, email address, and business details when you register. We also collect data you enter into the platform — jobs, clients, invoices, and quotes — as part of the service. We collect usage data such as login timestamps and page visits to improve the platform.
Your data is used solely to provide the GraftOS service: storing your business records, sending transactional emails (invoices, quotes, reminders), and displaying your dashboard. We do not sell, rent, or share your data with third parties for marketing purposes.
Your data is stored securely in Supabase (hosted on AWS in the EU region). All data is encrypted in transit (TLS) and at rest. Access is controlled by row-level security — you can only access your own records.
We send transactional emails via Resend (resend.com) from noreply@fluxsystems.co.uk. These include welcome emails on signup, quote notifications, and invoice payment reminders. You can disable email notifications in your account settings.
As a UK/EU resident you have the right to: access your personal data, correct inaccurate data, request deletion of your account and all associated data (available in Settings → Danger Zone), export your data, and object to processing. To exercise these rights, contact us at privacy@fluxsystems.co.uk.
GraftOS uses a single session cookie to keep you logged in (Supabase auth token). We do not use tracking or advertising cookies.
We use Supabase for database and authentication, Resend for transactional email, and Nominatim (OpenStreetMap) for address geocoding. Each service has its own privacy policy.
Your data is retained for as long as your account is active. When you delete your account, all data is permanently deleted within 24 hours. Backup retention does not exceed 30 days.
For privacy enquiries: privacy@fluxsystems.co.uk. Flux Systems, United Kingdom.