DockOpsDockOps

DockOps Privacy Policy

Last Updated: November 14th, 2025

Download PDF

Introduction

DockOps is committed to protecting your privacy. This Privacy Policy explains what information we collect through our Service, how we use and share that information, and your rights in relation to that information. This Policy applies to information collected from users of the DockOps Service (hull cleaning companies and their authorized users) and, where applicable, from the clients of those companies (boat owners) whose information may be entered into DockOps. By using DockOps or providing us with personal information, you consent to the practices outlined in this Privacy Policy.

DockOps is a software-as-a-service platform provided to businesses. It is not directed to individuals for personal or household use, and it is not intended for children under 18. If you are using DockOps on behalf of a company, you represent that you have authority to do so and to share any personal information input into the Service.

Information We Collect

We collect various types of information in order to operate and provide our Service effectively. This includes:

  • Account and Business Information: When you sign up for DockOps, we collect information about you and your company. This may include your name, business name, email address, phone number, mailing address, and payment details for subscription billing. We also collect login credentials (such as usernames and hashed passwords) for your account.
  • Client and Job Information: As you use DockOps to manage your hull cleaning operations, you will input personal information about your clients (boat owners) and details of jobs. This may include your clients’ names, contact information (such as email, phone number), boat or vessel details, service locations (e.g., marinas or docks), scheduling information, and notes or photos related to jobs. It may also include data about your own personnel or divers (e.g., names, hours worked, pay rates) as needed to calculate wages or track assignments.
  • Invoice and Payment Information Via Stripe: DockOps integrates with Stripe to handle invoicing and payments. When you generate an invoice for a client, DockOps records the invoice details (such as items, services provided, amount due, due date) and the client’s contact information to send the invoice. If a client pays an invoice online, that payment is processed by Stripe. DockOps itself does not collect or store the client’s credit card or bank information; that data is collected directly by Stripe through the payment form. DockOps may receive a notification of the payment and basic transaction details (such as payment amount, date, payment method type, and Stripe transaction ID) to update the invoice status. If you pay your DockOps subscription via credit card or bank transfer, those payments are also handled by a third-party processor (like Stripe or another provider), and DockOps does not store your full payment card details.
  • Quickbooks Integration and Data Access: When you choose to connect your QuickBooks Online account to DockOps, you authorize DockOps to access specific categories of data from your QuickBooks company via OAuth2. We use this integration to facilitate invoice creation, customer synchronization, and payment status tracking.

Data Accessed: DockOps requests the following QuickBooks scopes:

  • com.intuit.quickbooks.accounting
  • com.intuit.quickbooks.payment

Under these scopes, we may access:

  • Customers
  • Invoices
  • Payments (read-only)
  • Items
  • Company metadata
  • Sales form preferences
  • Payment processor metadata

We do not access payroll, employee, tax, or banking data.

Purpose of Use: DockOps uses this data to:

  • Create and update invoices on your behalf
  • Sync customer information
  • Reconcile payment statuses
  • Maintain accurate financial records

Data Retention: We retain QuickBooks-derived data only as long as necessary to support invoice history, operational reporting, fraud prevention, and legal compliance. Data not required for these purposes can be deleted upon request. OAuth tokens are securely stored and deleted upon revocation or disconnection.

Revoking Access: You may disconnect DockOps from QuickBooks by removing the app in your Intuit App Management settings or by contacting DockOps support. Once access is revoked:

  • DockOps loses all ability to sync or act on your QuickBooks data
  • Related features (e.g., invoice creation via QuickBooks) are disabled

To request deletion of QuickBooks-derived data, contact DockOps support. We will delete all data not legally required to retain after verifying your identity.

Security Compliance: DockOps securely stores OAuth tokens on backend servers only (never in the frontend), uses encryption and access controls, and complies with Intuit’s security policies. We do not store or process your QuickBooks credentials directly. Access tokens are refreshed only when necessary and retained for no longer than required.

  • Automatically Collected Data: When you use the DockOps web or mobile application, we may automatically collect certain technical information. This can include your device type, browser type, operating system, IP address, and device identifiers. We also log usage data such as when you log in, features you use, pages or screens you view, and actions you take (e.g., scheduling a job or sending an invoice). We use cookies and similar technologies to remember your preferences, keep you logged in, and collect aggregate analytics information. For example, we might use a cookie to maintain your session or to understand how users navigate through our interface. You can configure your browser to reject cookies, but this may affect the functionality of the Service (such as staying logged in).

We collect the above information either because you provide it to us directly, because it is generated through your use of the Service, or from third-party services you connect (like Stripe providing payment confirmation data).

How We Use Your Information

DockOps uses the collected information for the following purposes:

  • Providing and Maintaining the Service: We use your information to operate DockOps and deliver the features you expect. For example, we use account and login information to authenticate you, use client and job information to populate schedules and reports, use diver data to calculate payroll amounts, and use invoice information to generate and send invoices to your clients.
  • Processing Transactions: We use relevant information to facilitate payments and invoices. For instance, we share necessary details with Stripe to process invoice payments, and we use your subscription billing information to charge for your DockOps subscription.
  • Communications: We may use your email address or phone number to send you service- related communications. This includes confirmations and receipts (e.g., when an invoice is paid), notifications about scheduled jobs or changes, alerts if there’s an issue with your account, and responses to any support inquiries you send us. We may also send occasional updates about new features or improvements to DockOps. If we send marketing communications, we will provide an opt-out option.
  • Improvement and Analytics: We internally analyze usage patterns and performance data to improve DockOps. This helps us troubleshoot issues, optimize user experience, and develop new features. We may use aggregate, de-identified data for product research and to understand industry trends (for example, average number of jobs per month across all users), but this analysis will not reveal personal information of any individual client or user.
  • Compliance and Legal Obligations: We may use or preserve your information as needed to comply with applicable laws, regulations, legal processes, or governmental requests. For example, we might retain certain financial records to fulfill tax and accounting laws, or use information to respond to a court order. We also use information to enforce our Terms of Service, prevent fraud or abuse of our Service, resolve disputes, and protect our rights and the rights of our users or others.

If we plan to use personal information for purposes other than those stated in this Policy, we will provide notice or obtain consent as required by law.

Legal Bases for Processing (EU/UK Users)

If you are located in certain jurisdictions (such as the European Economic Area, the UK, or others) where data protection laws require a “legal basis” for processing personal information, our legal bases include:

  • Contract: We process personal data to provide the Service as per our contract with you (the Terms of Service). For example, we need to process your login data, client data, and job information to perform our obligations and deliver DockOps to you.
  • Legitimate Interests: We process data as needed for our legitimate interests in improving and securing our Service, communicating with you about product updates, and supporting our user base. When we rely on this basis, we ensure that our interests are not overridden by individuals’ data protection rights.
  • Legal Obligation: In some cases, we may need to process or retain data to comply with a legal obligation, such as financial reporting or responding to lawful requests.
  • Consent: If we ever request and rely on your consent to process information (for example, if we introduce a newsletter or use certain cookies in the EU), you have the right to withdraw that consent at any time.

How We Share Information

We understand that your information is important, and we only share personal data in certain circumstances:

  • With Your Direction or Consent: We will share information with third parties if you direct us to. For example, if you use an integration or export data to another service, we’ll share data as needed to complete that request.
  • Service Providers (Processors): We share information with trusted third-party companies that perform services on our behalf to help us deliver the Service. This includes:
    • Stripe: As noted, we share data with Stripe to enable payment processing. When you send an invoice that will be paid online, we provide Stripe with the information needed to create the payment form and process the transaction (such as the invoice amount, your business name, your client’s email for receipt, etc.). Stripe will handle the sensitive payment details (card numbers, etc.) directly from your client. Stripe also processes subscription payments for DockOps. Stripe will receive payment-related information (such as your client’s credit card details) when invoices are paid. DockOps itself does not store full credit card numbers; all such information is handled by Stripe in accordance with their security protocols. Stripe’s use of data is governed by their own privacy policy.
    • Hosting and Infrastructure: We may use cloud hosting providers (e.g., Amazon Web Services, Google Cloud, or similar) to store databases and run our application. Personal data is stored on their secure servers, but they do not access your data except for storage and retrieval purposes.
    • Email and Communication Services: We might use services like email delivery providers to send out notifications, invoices, or support emails. These providers would have access to the necessary contact information to fulfill their function (e.g., your email and your clients’ emails for sending invoices).
    • Analytics/Monitoring: If we use analytics tools or error tracking services (such as Google Analytics for our website or Sentry for error logging), these services may collect certain information about usage or technical issues. We configure such tools to avoid collecting unnecessary personal details, and we use them to improve performance and user experience.

    All these service providers are bound by appropriate confidentiality and data protection obligations and are not permitted to use your data for any purpose other than to provide services to DockOps.

  • Business Transfers: If DockOps or its parent company undergoes a business transaction such as a merger, acquisition, corporate reorganization, or sale of assets, your information may be transferred to the successor entity. If such a transfer occurs, we will ensure that your information remains subject to confidentiality commitments and will notify you (for example, via email or a notice on our website) of the change in ownership or use of your personal information, as well as any choices you may have regarding your information.
  • Legal Requirements and Protection of Rights: We may disclose your information if required to do so by law or in the good-faith belief that such action is necessary to (a) comply with a legal obligation, subpoena, or governmental request; (b) enforce our Terms of Service or other agreements; (c) detect or prevent security, fraud, or technical issues; or (d) protect the rights, property, or safety of DockOps, our users, clients, or the public. This includes exchanging information with other companies and organizations for fraud protection and credit risk reduction.
  • Aggregated or De-Identified Data: We may share aggregated, anonymized data that does not identify you or any individual, for example in industry reports or marketing materials. For instance, we could mention the total number of jobs scheduled through DockOps across all users, or average invoice amounts, as long as that data contains no personal details.

Importantly, DockOps does not sell your personal information to third parties for their own marketing or other independent use. We do not share personal data with third parties for them to advertise their products to you.

Cookies and Tracking Technologies

DockOps uses cookies and similar tracking technologies in the Service and on our marketing website:

  • Essential Cookies: These cookies are necessary for the Service to function. For example, when you log in, we use a cookie to keep you logged in as you navigate between pages. These cookies are usually session-based (they expire when you log out or close your browser).
  • Preference Cookies: We might use cookies to remember your preferences (like your chosen settings or filters within the app) to enhance your experience.
  • Analytics Cookies: If we use analytics tools on our website or within the app, those tools may set cookies to collect information on usage patterns (such as what pages are visited, for how long, etc.). This helps us improve the Service. For example, our marketing site might use Google Analytics, which would place cookies to track visitor interactions in an anonymous manner (no personally identifying information).
  • Cookie Management: You can control or delete cookies through your browser settings. However, please note that if you disable cookies entirely, some features of DockOps may not function properly (for instance, you may not be able to stay logged in).

When required by law (for example, if we expand to regions that mandate it), we will provide a cookie consent mechanism to obtain your permission for non-essential cookies.

Data Retention

We retain personal information for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law. In general:

  • Account Data: We keep your account information and all associated data for as long as your DockOps account is active. If you delete your account or if DockOps terminates your account, we will initiate deletion of your data. However, we may retain certain information for a limited time thereafter in backups or archives, or as required for legal, security, or business continuity reasons. We may also retain information if needed to resolve disputes or enforce our agreements.
  • Client and Transaction Data: Records of invoices, payments, and job reports may be retained as necessary for our clients’ legitimate business purposes and to comply with laws. For example, financial transaction records might be kept for a number of years to satisfy accounting and tax regulations. We store such data securely and limit its use to the purposes for which it was retained.
  • Backup and Archival Copies: Even after you delete information from your account, it might remain in our offline backups for a period of time. We implement retention limits on backup data and will purge or anonymize information from backups in accordance with our data retention policies.

When we no longer have a legitimate need or legal obligation to retain your personal information, we will securely delete or anonymize it. If deletion is not feasible (for example, because personal data is stored in backups), then we will securely store the data and isolate it from further processing until deletion is possible.

Data Security

We take the security of your information seriously. DockOps implements a variety of technical and organizational security measures to protect personal data from unauthorized access, disclosure, alteration, or destruction. These measures include:

  • Encryption: We use encryption to protect data in transit (e.g., HTTPS/TLS encryption for data transmitted between your device and our servers). We also encrypt sensitive data at rest where appropriate.
  • Access Controls: We limit access to personal information to authorized personnel who need it to operate, develop, or support the Service. Our team is trained on the importance of privacy and security.
  • Secure Infrastructure: We use reputable cloud service providers with robust security practices. Our servers are protected by firewalls, and we apply security updates and patches in a timely manner.
  • Monitoring: We monitor the Service for potential vulnerabilities and attacks, and we conduct regular security assessments and testing.
  • PCI Compliance via Stripe: All payment transactions and financial data entry (like credit card information for invoices or subscription payments) are handled through Stripe’s secure systems. Stripe is PCI-DSS compliant, ensuring that payment information is processed with a high level of security. DockOps itself never sees or stores your clients’ credit card numbers.

Despite our efforts, no security measure or method of data transmission over the Internet can be guaranteed to be 100% secure. You should also play a role in keeping your data safe by maintaining strong passwords, limiting access to your DockOps account, and logging out when you’ve finished using the Service on shared devices. If you have reason to believe that your data or account is no longer secure, please contact us immediately.

Your Rights and Choices

Depending on your location and applicable data protection laws, you may have certain rights regarding your personal information. We honor the rights of individuals as required by law, which may include:

  • Access and Correction: You have the right to request access to the personal information we hold about you and to ask for corrections if it’s inaccurate or incomplete. Most of your basic account and client information can be reviewed and updated directly by logging into your DockOps account. For any information not accessible in the app, you can contact us to request it.
  • Deletion: You can request that we delete personal information that we hold about you. For example, if you terminate your DockOps account, you can request deletion of any remaining personal data. We will do so unless we are required to retain the information for legal or legitimate business purposes (as described in Data Retention above). Note that if your information was entered by one of our user companies (e.g., if you are a boat owner whose data was added by a hull cleaning company), you may need to contact that company (the data controller) to have them update or remove your information. However, we will assist our users in fulfilling such requests as needed.
  • Objection and Restriction: You have the right to object to certain processing or to ask us to restrict processing of your information in certain circumstances. For instance, you can object to marketing emails (and we will stop sending them). If you feel our legitimate interest processing impacts your rights, you can raise an objection.
  • Data Portability: In some cases, you have the right to obtain a copy of your personal data in a portable format, or to have it transmitted to another controller where technically feasible.
  • Opt-out of Marketing: If we send you marketing or promotional communications, you can opt out at any time by clicking the “unsubscribe” link in the email or contacting us. (Note: Even if you opt out of marketing, we may still send essential service or account- related communications.)
  • California Privacy Rights: If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA) and other laws. These include the right to know what personal information we collect, the right to access and delete your personal information (with some exceptions), and the right not to be discriminated against for exercising these rights. DockOps does not sell personal information. California users may contact us to exercise their data rights as described below in the Contact section.
  • EU/EEA Data Subjects: If you are in the European Union or a similar jurisdiction, you have the right to lodge a complaint with your country’s data protection authority if you believe we have infringed your privacy rights. We encourage you to contact us first, so we can address your concerns directly.

To exercise any of your rights, please contact us at privacy@dockops.com or through the contact information provided below. We may need to verify your identity (for example, by asking you to provide information associated with your account) before fulfilling certain requests. We will respond to your request within the timeframes required by law.

International Data Transfers

DockOps is based in the United States, and our Service is currently hosted in the U.S. If you access DockOps from outside the United States, please be aware that your information will be transferred to and stored on servers in the U.S. or other jurisdictions where our facilities or service providers are located. The data protection laws of these locations may be different (and less stringent) than those in your country.

However, we are committed to protecting your personal information, and we will take appropriate safeguards to ensure such transfers are in compliance with applicable laws. If you are in a region like the EU/EEA or the UK, we will rely on legal mechanisms such as Standard Contractual Clauses or other approved transfer frameworks to lawfully transfer personal data across borders. By using the Service or providing us with information, you consent to the transfer of your personal data to the U.S. and other jurisdictions as explained in this section.

Children’s Privacy

DockOps does not target and is not intended for use by children. Our Service is designed for businesses and is not directed to anyone under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal data from a child under 13 (or under 16 in certain jurisdictions) without verifiable parental consent, we will take steps to delete that information. If you believe a child’s information has been provided to us improperly, please contact us so we can investigate and address the issue.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make a material change to this Policy, we will notify you by email (sent to the address associated with your account) or by prominent notice within the Service, and we will update the “Last Updated” date at the top of this Policy.

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting the personal information we collect. Your continued use of DockOps after any update to this Policy will constitute your acceptance of the changes, to the extent permitted by law.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us. We will do our best to address your inquiry promptly.

Contact Information:
DockOps Support Team
Email: tech@dockoperations.com
(If you prefer to contact us by mail, please write to:
DockOps LLC | 2869 Historic Decatur Rd. San Diego, CA 92106)