Privacy Policy

Who we are. Drift Catch is operated by 17907583 Canada Inc., a federally-incorporated Canadian corporation with its principal place of business in Saskatchewan, Canada. References to "Drift Catch," "we," "us," and "our" in this Privacy Policy mean 17907583 Canada Inc. We are the data controller for personal information collected through the Service, except where a sub-processor named in §3 acts as a separate controller for its own operational purposes (such as Stripe acting as a controller for payment-method and fraud-prevention data).

How to reach us about this policy. For privacy questions, deletion requests, or any other matter under this Privacy Policy, contact us at hello@driftcatch.app. For escalations, see §11 (Contact) below.

1. Information We Collect

Drift Catch collects the following information to provide and improve the Service:

• Account information: Your email address and name
• Business information: Your business name
• Project data: Project details, scope definitions, deliverables, revision history, and change orders you create
• Client contact information: Names and email addresses of clients you add to your projects
• Payment information: Billing details processed securely by Stripe (we do not store your full card number)

2. How We Use Your Information

• To provide, maintain, and improve the Service
• To authenticate your identity and manage your account
• To process payments and manage your subscription
• To send transactional emails (magic links, scope alerts, change order notifications)
• To alert our team to system events that may affect your account — for example, a payment that recovered after a failed charge, or a scheduled job that did not complete. These alerts go to Drift Catch staff, not to you. See §3 (Resend) for the data-flow detail.
• To communicate important updates about the Service

3. Service Providers and Analytics

Drift Catch relies on the trusted service providers listed below to operate. We also measure aggregate usage with our own first-party analytics, which involves no third-party analytics provider — see the final entry in this section for how that works.

• Supabase — Database hosting, authentication, and data storage. Your data is stored securely in Supabase's infrastructure (see supabase.com/privacy).
• Vercel — Web hosting and edge delivery. Vercel hosts the driftcatch.app application and serves every HTTP request you make to the Service. As part of providing hosting, Vercel automatically processes connection metadata such as your IP address, browser user-agent, and request URL in order to route the request and to operate platform-level security protections. Vercel is operated by Vercel Inc., a Delaware corporation headquartered in the United States, and processes requests on infrastructure located primarily in the United States. See vercel.com/legal/privacy-policy for their data handling practices and §6 below for the cross-border transfer framework.
• Cloudflare — Domain name resolution, content delivery, and edge security. Cloudflare provides authoritative DNS for driftcatch.app and operates the content delivery network and the security layer (web application firewall and denial-of-service protection) that sits in front of the Service. As part of providing these services, Cloudflare automatically processes connection metadata such as your IP address, browser user-agent, and request URL in order to resolve, cache, route, and filter the request. Cloudflare also operates the email routing that powers our @driftcatch.app addresses; the contents of an email you send us transit Cloudflare en route to our mailbox. Cloudflare is operated by Cloudflare, Inc., a Delaware corporation headquartered in the United States, with processing on a global edge network. See cloudflare.com/privacypolicy for their data handling practices and §6 below for the cross-border transfer framework.
• Stripe — Payment processing. Stripe handles all payment information securely and is PCI-DSS compliant. We do not store your full credit card details (see stripe.com/privacy).
• Resend — Transactional email delivery. Used to send magic links, scope alerts, change order notifications, and other Service emails to your registered email address.

  We also use Resend to deliver internal operational alerts to Drift Catch staff — for example, an automated daily digest flagging payment-recovery events for our review. Those internal alerts may contain pseudonymous account identifiers (a user ID) and the associated payment amount and Stripe payment-intent reference, so that we can investigate and resolve billing edge cases on your behalf; they do not include your name, email address, or message content.

  Resend handles message delivery and retains delivery metadata in accordance with its data handling practices (see resend.com/legal/privacy-policy).

• Anthropic (Claude API) — AI assistance. We use Anthropic's Claude API in three places:

  (1) AI-Assisted Drafting (beta), inside the Templates editor. When you click "Generate draft," the prompt and any context fields you've entered (template category, tone, audience, your draft notes) are sent to Claude for inference and the draft text is returned to your editor. You explicitly invoke this each time; nothing is auto-sent. Drafts are not saved unless you choose to save them.

  (2) Triage and reply-drafting for messages you send to support@, hello@, priority@, feedback@, and ideas@ at driftcatch.app. When you email us at one of those addresses, the email subject and body are sent to Claude to help us categorize the message and draft a starting reply. Every reply is reviewed, edited, or rewritten by a human before being sent — nothing is auto-sent. Attachments are NOT sent — Claude is told only the count and filenames. Messages matching a deterministic keyword filter (legal, security, financial-dispute, government-domain senders, and content matching common credential or sensitive-identifier patterns such as payment-card numbers, government IDs, and API keys) skip the Claude step entirely and are escalated to a human directly. The Claude step may also be skipped during high-volume periods to keep our API spend bounded — in that case, your message is routed directly to a human and your reply experience is unchanged.

  (3) AI-Assisted Timeline Change-Order Drafting (beta). When you ask Drift Catch to help draft a message proposing a revised delivery date for one of your projects, a small, fixed set of fields is sent to Claude to generate a neutral draft: the project title, the deliverable name, the current delivery date on file (or an indication that none is on file), the new delivery date you are proposing, and whether a signed agreement already exists for that project. You explicitly invoke this; nothing is auto-sent. The returned draft is placed in an editable field for you to review and change before any revision request is created or sent. What is sent to Claude for this feature: the project title, the deliverable name, the old delivery date, the new delivery date, and a yes/no flag for whether a signed agreement exists. What is NOT sent: your client's name, email, phone number, or address; any calendar event titles; any prices, amounts, or how far behind the project is; your signed contracts; and any data from other parts of your Drift Catch account. The draft is written in a neutral tone — it neither admits fault nor assigns blame; it simply requests agreement to the revised date. As with the other two surfaces, prompts and outputs for this feature are retained by Anthropic only within its 30-day operational window and are not used to train Anthropic's models, per our Commercial Terms with Anthropic.

  What is sent to Claude: the text you typed (template prompt + context fields, or email subject + body). What is NOT sent: attachments, the keyword-filtered sensitive content described above, your payment data, your signed contracts, any data from other parts of your Drift Catch account.

  Who Anthropic is and where the processing happens. Anthropic is Anthropic, PBC, a US Public Benefit Corporation. API requests are processed in the United States. This is a cross-border transfer of personal information from Canada (where Drift Catch is operated) to the United States; we rely on Anthropic's contractual commitments under our Commercial Terms with them (see retention and training posture below) as the comparable-protection mechanism under PIPEDA Principle 4.1.3 and as the safeguard for transfers from EEA / UK users under GDPR Chapter V.

  Retention at Anthropic. Per Anthropic's published API policy at the time of integration, prompts and outputs from API calls are retained by Anthropic only as required for operational and abuse-detection purposes — a 30-day window — and are deleted thereafter.

  Training. Anthropic does NOT use Drift Catch's API data to train its models. This is a contractual commitment in our Commercial Terms with Anthropic (Section B), distinct from Anthropic's consumer products.

  Retention at Drift Catch. For (1), we do not retain your Templates prompt beyond the API call window unless you explicitly save the generated draft to your account; we retain a per-user monthly usage counter for quota enforcement (see §4(h)). For (2), Drift Catch retains the Claude classification as a Gmail label and the drafted reply as a Gmail draft inside our support mailbox. Outside Gmail, we maintain only (a) per-sender flags recording whether you have opted out via HUMAN and whether we have sent you the auto-acknowledgment (these flags allow us to honor your opt-out and avoid duplicate auto-acks), (b) a daily spend counter for Anthropic API cost control, and (c) operational logs (in Google Cloud Logging) that record the sender's domain, the channel, and the disposition of each thread — full email content is never logged.

  Your control. For (1), don't click "Generate draft" — the feature is opt-in per click. For (2), you can opt out of AI assistance for your own correspondence by replying to any of our messages with the single word HUMAN — your address will be flagged and future messages from you will skip the AI triage step entirely, going straight to a human.

  Anthropic processes data per its Commercial Terms of Service and Privacy Policy (anthropic.com/legal).

• First-party analytics — We measure aggregate page views using our own first-party analytics, built and operated by Drift Catch. No third-party analytics provider is involved. This analytics sets no cookie and stores nothing on your device (the strictly-necessary UX storage described in §8 is separate and unrelated to analytics). To count visits without identifying you, our server computes a one-way hash of your IP address, your browser's user-agent string, and our domain using a secret key that we rotate and destroy daily. Your raw IP address is read only momentarily in memory and is never written to any database, log, or backup. Because each day's key is destroyed, the hash cannot be reversed to identify you or correlated across days. These dedup signals are deleted at our next daily rollup, and in all cases within 48 hours, and rolled up into hash-free aggregate counts only.
• Other Drift Catch users you invite to your workspace — when you invite a team member to your Business workspace, that team member becomes a recipient of the workspace data described in §12 (Workspace Sharing). Team members are independent users of Drift Catch and are not our sub-processors; they receive your data under the consent you grant by sending the invitation.

These services have their own privacy policies governing how they handle your data. We do not sell, rent, or share your personal information with any other third parties.

4. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes set out in this Privacy Policy and to satisfy any legal, accounting, or reporting requirements:

• (a) Customer data (account info, projects, scopes, change orders, client contacts, files): retained for the duration of your active account, plus thirty (30) days after termination during which you may export. After 30 days, deleted from primary systems. Encrypted backups may persist up to ninety (90) days before purge.
• (b) Billing and subscription audit data: seven (7) years from the associated event, for tax compliance and chargeback defense. This includes (i) payment timestamps, (ii) subscription tier transitions, (iii) Stripe transaction identifiers, (iv) a copy of the Stripe webhook event payload (which may include your billing email, billing address, the last four digits of your card number for transaction-matching purposes, and any tax IDs you provided to Stripe), and (v) plan-tier and subscription-status snapshots. Drift Catch never stores full credit card numbers; Stripe handles them per PCI-DSS. If you delete your account, this audit data is preserved in a hashed, scrubbed archive for the remainder of the seven-year window — see Terms §7(c)(i).
• (c) Electronic signature audit data: seven (7) years from the date of signature, for evidentiary purposes. See Terms §9 for the corresponding contractual provision.
• (d) Email queue payloads (transactional emails not yet sent or recently sent): up to thirty (30) days, then purged.
• (e) Webhook delivery logs: thirty (30) days, then purged.
• (f) Meeting recordings (Business tier): retained while user remains on Business tier or within a 30-day grace period after tier downgrade. After the grace period, recordings are deleted from storage. See in-app recording settings for current retention.
• (g) Anonymized aggregate analytics: indefinite retention; no personally identifying information.
• (h) AI-Assisted Drafting (Beta) usage counter: A single per-user count of generated drafts across all AI-Assisted Drafting surfaces (currently the Templates editor and Timeline Change-Order Drafting), drawn from one shared monthly allowance. The current calendar month's count enforces quota; prior months' counts are retained as an aggregate for capacity planning. Not associated with the content, project, client, or output of any draft.
• (i) Internal operational alerts (anomaly, cron, and recovery events): ninety (90) days from fired_at, auto-purged by the daily purge_email_queue_pii cron at 03:00 UTC. Pseudonymous identifiers only (no email, name, IP, or message content).
• (j) Support email triage and reply drafts (the AI-assisted support inbox flow described in §3 under Anthropic, item 2): the Claude-generated category label and the drafted reply are stored as a Gmail label and a Gmail draft inside our support mailbox until the reply is sent, edited, or discarded; once sent, the message thread is retained in the support mailbox for as long as is reasonably necessary for customer-support history and dispute defense. Outside the mailbox, we retain (i) per-sender flags recording your HUMAN opt-out and whether we have sent you the auto-acknowledgment, retained for as long as you remain a correspondent so we can honor your opt-out across future messages; (ii) a daily Anthropic API spend counter, retained as an aggregate for cost control; and (iii) operational logs in Google Cloud Logging recording sender domain, channel, and disposition only — never email content — retained for thirty (30) days, then auto-purged.
• (k) Founding-member reservation records (created when you reserve a founding-member rate during the early-access program, per Terms §3): the email address, reservation tier, payment timestamp, and Stripe reference associated with your reservation are retained for the duration of your founding-member enrollment and for seven (7) years after the reservation, for tax compliance and chargeback-defense purposes. This retention is on the same legal footing as the (b) billing-and-subscription audit row above and is subject to the same legal-retention override on deletion requests.
• (l) Notification preferences: Your per-channel notification settings (email, in-app, or off, per event type) and digest frequency are retained for the duration of your active account and deleted when your account is deleted. No content of any notification is retained beyond the per-row retention in (d), (e), and (i) above.
• (m) Stripe billing-failure retry queue (the failed_stripe_seat_updates log): up to ninety (90) days after the entry is marked resolved. Entries containing third-party payment-processor error messages are held only as long as necessary to debug the failure and are purged on the next scheduled sweep thereafter.
• (n) Pending team-seat invitations (the team_invitations.invitee_email column): deleted within seven (7) days after the invitation expires, is accepted, or is revoked. See purge_team_invitations_expired (daily cron, 03:15 UTC).
• (o) Team membership rows (team_members): retained for the lifetime of the workspace membership. Deleted immediately when a team member is removed or leaves, when the inviting workspace is downgraded below the Business tier, or when either the team member or the workspace owner deletes their Drift Catch account.
• (p) Change-order decision records (the change_order_decisions audit log): when a client approves or rejects a change order through the approval link, we record the decision, the time, and the IP address and browser user-agent the decision was submitted from, as server-witnessed evidence of the client's assent to the contract change. Retained for the duration of the underlying contract plus seven (7) years following project completion, to support the establishment, exercise, or defence of legal claims (legitimate interest; same legal footing as the signature-audit row in (c) above). Subject to the same legal-retention override on deletion requests.
• (q) Client engagement timestamps (the projects.scope_viewed_at and invoices.viewed_at columns): the first time your client opens a proposal sign-off link or an invoice we sent on your behalf, we record a single timestamp so you can see that it has been seen. We record only the first open — there is no per-open counter, and no IP address or device information is stored for this signal. Retained for the duration of the related project or invoice and deleted when you delete your Drift Catch account.
• (r) Tax set-aside ledger (the tax_set_aside_entries table): when you mark an invoice or change order paid, we record one row capturing the paid amount, its currency, the tax-rate percentage you had configured at that moment, and the resulting suggested set-aside figure — so your tax dashboard can tally it. This is an informational estimate, not tax advice. Retained for the duration of your active account and deleted when you delete your Drift Catch account. (A pseudonymous per-quarter dedup marker — tax_set_aside_reminder_log, holding only your account identifier and the quarter due-date, no content — is kept on the same basis to avoid sending you a duplicate quarterly reminder.)
• (s) Delivery-acceptance records (the delivery_acceptances audit log): when your client approves and accepts the delivered work through their portal link, we record the typed name they signed with, the time, the IP address and browser user-agent the acceptance was submitted from, and a snapshot of the deliverables accepted, as server-witnessed evidence of the client's acceptance. Retained for the duration of the underlying contract plus seven (7) years following project completion, to support the establishment, exercise, or defence of legal claims (legitimate interest; same legal footing as the signature-audit row in (c) above). Subject to the same legal-retention override on deletion requests.
• (t) Recurring-invoice schedules (the recurring_invoices table): when you set up a recurring or retainer schedule, we store a snapshot of the client name and email, the line items, currency, tax rate, and cadence so we can draft the next invoice for you each cycle. Drift Catch never charges or emails your client automatically — each generated invoice is a draft you review and send yourself. Retained for as long as the schedule exists and deleted when you delete the schedule or your Drift Catch account.
• (u) Payment schedules (the payment_schedules and payment_schedule_stages tables): when you set up a payment plan for a project, we store a snapshot of the client name and email, the currency, the project total, the tax rate, and the stages you define (deposit, milestones, and a final balance) so we can draft each stage's invoice when you choose to generate it. Drift Catch never charges or emails your client automatically — each generated invoice is a draft you review and send yourself, and we are not a party to your payment agreement with your client. Retained for as long as the payment plan exists and deleted when you delete the plan or your Drift Catch account.
• (v) First-party analytics signals (the analytics_events dedup rows): a daily-rotating, keyed one-way hash of your IP address, your browser's user-agent string, and our domain (never the raw IP), together with the page path and the referring site's domain stored as separate fields. Used solely to count unique visitors and page views. Deleted at our next daily rollup, and in all cases within 48 hours, and aggregated into hash-free daily counts (analytics_daily) that contain no identifier and no personal information. The daily hashing key is rotated and destroyed every day; once a day's key is deleted, that day's hashes can no longer be reversed or linked across days.
• (w) Free-month promotional grants (the promo_grants table): when you claim a free-month promotional offer, we store the email address you claimed with (in a normalized form) and its domain, a link to your account, the promotional campaign source, and the time the grant was made — so we can apply the offer, enforce the one-grant-per-person and limited-quantity rules, and prevent duplicate claims. Retained for the duration of the promotional program and your active account, and deleted when you delete your Drift Catch account.
• (x) Late-fee application records (the late_fee_applications table): when a late fee is applied to an overdue invoice under the late-fee terms your client agreed to at signing, we record the invoice and project, a snapshot of the agreed fee terms, the overdue amount and currency, the number of days overdue, the computed fee and its disclosed annualized-equivalent rate, and a link to the original signature event — as evidence of how and why the fee was calculated. Retained for seven (7) years from the date the fee is applied, for tax-compliance and dispute/evidentiary purposes (legitimate interest; same legal footing as the billing-audit row in (b) and the signature-audit row in (c) above). Subject to the same legal-retention override on deletion requests.
• (y) Internal access audit log (the founder_access_log table): each time our team opens the internal operations/metrics dashboard, we record which internal surface was viewed and when, against a pseudonymous internal-operator identifier. This log contains no customer personal information — no email, name, IP address, or message content — and exists so that internal access to our own operational data is itself auditable. Most of these internal surfaces show only aggregate, de-identified figures (counts, sums, and trend buckets). One internal surface additionally displays account-level identifiers — your email address together with your plan tier and subscription status — to authorized staff for account-management and support purposes; opening that surface is recorded in this same log under a distinct surface name, so access to your account-level data is separately auditable. Retained for security and audit purposes.
• (z) Feedback survey responses (the survey_responses table): the answers you provide on the free-month feedback survey, together with an optional recommendation rating, linked to your account, so we can improve Drift Catch and issue your reward. We keep one response per account. Retained for the duration of your active account and deleted when you delete your Drift Catch account.
• (aa) Survey reward records (the survey_rewards table): one record holding the 50%-off code we issued for completing the survey, its Stripe reference, and its expiry, so we can deliver the reward and prevent duplicate issuance. This is a Drift Catch-issued discount, not card or payment data. Retained for the duration of your active account and deleted when you delete your Drift Catch account.

You may request deletion of your personal data at any time by contacting hello@driftcatch.app. Some categories above (notably (b) and (c)) are subject to overriding legal retention obligations and cannot be deleted on request — we will inform you of this when responding to a deletion request and will delete such data when the legal retention period expires.

5. Data Security

We take the security of your data seriously. All data is transmitted over HTTPS with TLS encryption. Data at rest is encrypted in our database. Authentication is handled via secure magic links — no passwords are stored. While no system is 100% secure, we implement industry-standard practices to protect your information.

6. International Data Transfers

Drift Catch is operated from Saskatchewan, Canada. Some of the third-party services we rely on to operate the Service are located in, or process data from, other countries — including the United States and the European Union. When you use Drift Catch, your personal information may be transferred to, stored in, or processed in those countries.

We rely on the following mechanisms to provide a comparable level of protection for personal information transferred outside Canada:

• Vendor contractual commitments. Each sub-processor named in §3 above is bound by its own published privacy commitments and, where applicable, by the terms of our agreement with that vendor. These commitments include security, confidentiality, and purpose-limitation obligations comparable to those required by Canadian privacy law.
• Standard contractual clauses and adequacy decisions. For transfers originating from the European Economic Area or the United Kingdom to the United States, we and our sub-processors rely on the mechanisms recognized under Chapter V of the EU General Data Protection Regulation and under the UK data protection regime. Depending on the vendor, those mechanisms include the European Commission's Standard Contractual Clauses (SCCs), the UK International Data Transfer Addendum, or vendor participation in an applicable adequacy framework. Each vendor's current transfer mechanism is described in the vendor's own privacy policy linked from §3.
• AI-specific transfer detail. For the cross-border transfer involved when we use the Claude API for Templates drafting, for support-inbox triage, and for timeline change-order drafting, see the dedicated Anthropic bullet in §3 above. That bullet sets out the data sent, the retention window at Anthropic, the no-training contractual commitment, and the PIPEDA Principle 4.1.3 / GDPR Chapter V mechanisms we rely on for that specific flow.
• Accountability for cross-border processing. Under PIPEDA Principle 4.1.3 (and the Office of the Privacy Commissioner of Canada's guidance on transfers for processing), Drift Catch remains accountable for personal information transferred to a third party for processing, regardless of where the processing occurs. If you have questions about a specific transfer, please contact us using the address in §11 (Contact).

This section describes the framework for transfers that exist as of the Last Updated date above. If we add a new sub-processor or change a transfer mechanism, we will update §3 and, where the change is material, notify you under §10 (Changes to This Policy).

7. Your Rights

You have the following rights regarding your personal data:

• Access: You can view all data associated with your account at any time within the app.
• Export: You can export your project data, scope documents, and change orders at any time.
• Deletion: You can request complete deletion of your account and all associated data by contacting us.
• Correction: You can update your personal information through your account settings at any time.

8. Cookies and Equivalent Client-Side Storage

Drift Catch uses minimal cookies and equivalent client-side storage, all of which are strictly necessary for the operation of the Service. Specifically:

• Authentication session. We set a first-party cookie to maintain your signed-in session. Without it, you would have to authenticate on every page load.
• Short-lived UI state in session-scoped browser storage. We use sessionStorage for short-lived UI preferences such as the founding-member banner dismissal. These values are retained only until you close your browser tab.
• No tracking cookies, no advertising cookies, no cross-site identifiers, no third-party analytics cookies, and no fingerprinting.

Analytics. We use our own first-party analytics for aggregate page-view and visitor counts, as disclosed in §3 above. It is cookieless by design: it sets no cookies, stores no persistent identifier in your browser, and does not track you across sites or use any third-party analytics provider. Your IP address is read only momentarily in memory to compute a daily-rotating keyed hash and is never stored in raw form; the hashing key is rotated and destroyed daily.

Because we do not set any non-essential cookie and do not deploy any tracker that requires consent under the EU ePrivacy Directive, the UK Privacy and Electronic Communications Regulations (PECR), Quebec Law 25, or comparable cookie-consent regimes, no cookie or storage consent banner is required for the Service as currently configured. If we ever add a non-essential cookie, tracker, advertising pixel, session-replay tool, or comparable third-party script, we will update this section and present an appropriate consent interface before that script loads.

9. Children's Privacy

Drift Catch is not intended for use by children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected data from a child under 13, we will take steps to delete that information promptly. If you believe a child under 13 has provided us with personal data, please contact us immediately.

10. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you via email at least 30 days before the changes take effect. We encourage you to review this policy periodically. Your continued use of Drift Catch after changes are posted constitutes your acceptance of the updated policy.

11. Contact

If you have questions about this Privacy Policy or how we handle your data, please contact us at hello@driftcatch.app.

Email sent to that address is triaged with AI assist; replies are written and sent by a human. See §3 above for what data is processed and §4(d)–(e) for retention.

12. Workspace Sharing (Business tier)

If you are on the Business tier, you may invite other Drift Catch users ("team members") to access your workspace. When a team member accepts your invitation, the following data flows are enabled:

• What we share with them. Your workspace projects, scope items, change orders, invoices, time entries, meetings, calendar events, leads, expenses, communications, signed contracts and amendments, and the client contact information you have entered into those records. They will also see your display_name, business_name, and custom_domain so the workspace is identifiable to them; they will not see your billing information, payment-method data, subscription tier, or account-internal counters.
• What they cannot do. Members assigned the member role can view workspace data and log their own time entries and meetings; they cannot modify your projects, invoices, or other workspace records, and they cannot remove other team members. Members assigned the admin role can additionally edit workspace records and remove regular members from the workspace, and they may access the workspace's billing portal — but they cannot remove or change the role of another admin, cannot finalize amendments to your signed contracts (admins may prepare amendments; only you click Apply), and cannot see your payment-method data, subscription tier, or account-internal counters.
• Your legal basis for sharing. By inviting a team member, you authorize the sharing of the data above with the individual identified by the email address on the invitation. The invitation grants the team member access for as long as they remain a member of your workspace; access is revoked immediately when you remove them, when they leave, or when your workspace is downgraded below the Business tier.
• Your responsibility. You are responsible for ensuring that you have a lawful basis to share each piece of client or third-party information in your workspace with each team member you invite. This includes any consent or notice obligations you owe to the individuals whose personal information appears in your projects, invoices, communications, or other records.
• Team member's data subject rights. A team member can request access to or deletion of the personal information we hold about them (their Drift Catch account email, their team-membership row, their authored time entries, etc.) under §7 above. A team member cannot use this right to extract data belonging to your workspace; that data is yours, and team-member access is transient.
• Workspace owner notification on member account deletion. If a team member deletes their Drift Catch account, the workspace owner is notified by email that a member's account was closed and the seat was removed. The notification does not identify the deleted member by name or email; it confirms only the workspace state change and the resulting billing adjustment.