Workridge

Privacy Policy

Last updated: June 5, 2026

This Privacy Policy explains how Workridge, a product of Next313 — a registered d/b/a of Dignetix Ltd (“Dignetix”, “we”, “us”) — collects, uses, stores, and protects information when you use Workridge (“the Service”), available at workridge.app. By using the Service, you agree to the practices described here.

1. Who we are & our role

Workridge is project-tracking and billing software used by businesses and their teams. For information about your own account and our public website, we act as a data controller. For the content your organization stores in its workspace (projects, tasks, billing records, uploads), we act as a data processor on behalf of your organization, which is the controller of that content. Our processing of workspace content is governed by our agreement with your organization, including a Data Processing Addendum (DPA) where applicable.

For privacy questions, contact us at privacy@workridge.app.

2. Information we collect

We collect only what is necessary to deliver and support the Service.

Account information

  • Your name, email address, and (if you sign in with Microsoft) your Entra ID identifier
  • Your organization, company memberships, and role/permission assignments
  • Notification, timezone, and display preferences

Workspace content (processed for your organization)

  • Projects, phases, tasks, comments, issues, and approvals
  • Billing data — rate cards, labor, expenses, mileage, and travel records
  • Photos, receipts, and files you upload to the Service’s storage
  • Addresses you enter for mileage/route calculation

Technical & usage information

  • Log and diagnostic data (IP address, browser, device type, timestamps)
  • Aggregated, privacy-preserving usage analytics used only to improve the Service
  • Error reports generated when the Service encounters a problem

Waitlist / marketing

If you join our waitlist, we collect the email address you provide to contact you about availability. You can opt out at any time.

We do not knowingly collect information from children under 16.

3. How we use your information

  • Operate, maintain, secure, and improve the Service
  • Authenticate users and enforce role- and tenant-based access controls
  • Respond to support requests and send service-related communications
  • Detect and prevent fraud, abuse, and security incidents
  • Comply with our legal obligations

We do not sell your data, we do not use your workspace content for advertising, and we do not train artificial-intelligence models on it.

4. How we share information — sub-processors

We share information only with trusted providers necessary to run the Service:

  • Supabase — database, authentication, and file storage
  • Microsoft Azure — application hosting
  • Microsoft Entra ID — single sign-on for staff users
  • Mapbox — address autocomplete and driving-distance calculation; when you use mileage features, your IP address and the addresses you enter are sent to Mapbox
  • Stripe — payment processing (when billing is enabled)

These providers are contractually bound to protect your data. We also share within your workspace per the role permissions you set, for legal reasons where required, and in a business transfer subject to this policy.

5. Data storage & security

Data is stored in Supabase-hosted PostgreSQL with row-level security and a restrictive tenant-isolation policy that fences each tenant’s data. Data is encrypted in transit (TLS) and at rest; uploads live in access-controlled buckets. No system is perfectly secure; if we become aware of an incident affecting your data, we will notify you in accordance with applicable law.

6. Data retention

We retain workspace content for as long as the account is active. Deleted records are removed promptly; backups may retain deleted data for up to 30 days. On account closure, we delete workspace content within 90 days, except where retention is legally required.

7. Your rights

Depending on your jurisdiction, you may have rights to access, correct, export, delete, object to, or restrict processing of your personal data, and to data portability. To exercise them, email privacy@workridge.app; we respond within 30 days. If you are a member of a customer organization, some requests may be directed to that organization as the controller of your workspace content.

8. International transfers

We are based in the United States, and our providers may operate servers in other countries. Where required, we rely on appropriate safeguards such as standard contractual clauses for cross-border transfers.

9. Cookies & analytics

We use strictly necessary cookies and browser storage to keep you signed in and maintain session state. For traffic measurement we use privacy-preserving, cookieless analytics; we do not use third-party advertising cookies or cross-site trackers, so no cookie-consent banner is required.

10. Changes to this policy

We may update this policy; we will change the “Last updated” date and, for material changes, notify you by email or in the Service before they take effect.

11. Contact

Questions or requests: privacy@workridge.app.