Privacy Policy

Last updated: June 13, 2026

This Privacy Policy describes how KTRNET (operated by Workflow Prodigy) collects, uses, and protects information.

1. Information we collect

• Account data. Name, email, role, and authentication metadata.
• Customer content. Records that customers create inside their tenant (contracts, work orders, timekeeping, etc.).
• Operational logs. Request logs, audit trail entries, and security events.

2. How we use information

We use information to operate, secure, and improve the Service, to communicate with customers, and to satisfy legal obligations. We do not sell personal information.

3. Sharing

We share information with subprocessors strictly to operate the Service (hosting, email, payment processing, observability) under written agreements. A current subprocessor list is available on request.

4. Retention

Account and audit-log data is retained for the life of the customer relationship plus a defined tail for compliance. Customers can configure tenant-level retention.

5. Security

We use tenant isolation, least-privilege access, encryption in transit, and append-only audit logging. Vulnerability reports are welcome at security@ktrnet.com.

6. Your rights

You can request access, correction, or deletion of your personal information by emailing privacy@ktrnet.com. Customer-tenant data requests should go through the tenant administrator.

7. Children

The Service is not directed at children under 16 and we do not knowingly collect their information.

8. Changes

We will post material changes to this policy on this page and update the "Last updated" date.