Privacy Policy

Effective date: May 15, 2026

1. Who We Are

VertexPoint is a B2B SaaS platform for onsite contractors. It is operated by HollowPixel. This Privacy Policy explains what data we collect, how we use it, and your rights.

Data Controller vs. Data Processor. When organizations use VertexPoint to manage their teams, projects, and field submissions, the organization is the data controller — they determine what data is collected and why. HollowPixel acts as a data processor on their behalf. If you are an employee or contractor invited into an organization on VertexPoint, your primary data relationship is with your organization, not with HollowPixel directly.

2. Data We Collect

  • Account data: name, email address, and an optional profile photo when you create an account.
  • Organization data: organization name and branding assets you upload.
  • Project & form data: projects, forms, and field submissions you create within the platform.
  • Usage data: pages visited, features used, and error events collected for operational monitoring.
  • Payment data: if you subscribe to a paid plan, payment is processed by Stripe. We store only your Stripe customer ID; card numbers are never stored on our servers.

3. How We Use Your Data

  • Provide, operate, and improve the VertexPoint service.
  • Send transactional emails (email verification, password reset, organization invitations).
  • Monitor application health and diagnose errors.
  • Process subscription payments and manage billing.

We do not sell your personal data to third parties.

4. Sub-processors

We use the following third-party services to operate the platform:

  • Vercel — hosting and serverless functions (United States)
  • Neon — managed PostgreSQL database (United States)
  • Resend — transactional email delivery
  • Stripe — payment processing (if applicable)

Each sub-processor is contractually bound to handle your data securely and in compliance with applicable laws.

5. Data Retention

Data is retained as long as an organization account is active. Organization owners may permanently delete their organization and all associated data at any time from Dashboard → Organization → Danger Zone. Upon deletion, all projects, forms, submissions, and member records belonging to the organization are permanently removed.

Individual member accounts are managed by the organization administrator. Members who wish to have their personal data removed should contact their organization administrator, who can remove them from the organization via the Members settings.

6. Your Rights

Depending on your location, you may have rights to access, correct, or delete your personal data:

  • Organization owners and admins — you can manage and delete your organization's data directly within the platform.
  • Organization members — because your organization is the data controller for your account, please contact your organization administrator to request access, correction, or deletion of your data.
  • All users — for any privacy concern we can assist with directly, email privacy@vertexpoint.com. We will respond within 30 days.

7. Security

We use industry-standard security practices including HTTPS encryption in transit, bcrypt password hashing, and access-controlled infrastructure. No method of transmission or storage is 100% secure; we cannot guarantee absolute security.

8. Changes to This Policy

We may update this policy periodically. When we do, we will revise the effective date at the top of this page. Continued use of the service after changes constitutes acceptance of the updated policy.

9. Contact

Questions about this Privacy Policy? Contact us at privacy@vertexpoint.com.