← Back to home

Privacy Policy

Effective March 31, 2026

At TAD Delivery Intelligence (“we,” “our,” or “us”), we are committed to protecting your privacy and ensuring you have a transparent understanding of how we collect, use, and safeguard your data. This Privacy Policy explains our practices for our SaaS diagnostic platform and related services.

What We Collect

When you use TAD Delivery Intelligence, we collect information necessary to deliver our diagnostic services:

  • Organization Information: Your company name, organization structure, team names, and team composition.
  • Contact Information: Email addresses and phone numbers of team members completing the diagnostic.
  • Diagnostic Data: Responses to structured diagnostic questions about delivery performance, team processes, and metrics.
  • Payment Information: Billing and payment details processed securely through Stripe. We do not store full credit card numbers.
  • Usage Data: Log data including IP address, browser type, pages accessed, and timestamps.
  • Optional Data: Jira data or SLE documentation you choose to share for enhanced analysis.

How We Use Your Data

We use the information we collect for the following purposes:

  • Delivering Diagnostic Services: Analyzing your responses to generate diagnostic scores, root cause analysis, and actionable recommendations.
  • Report Generation: Creating your personalized diagnostic report with executive summaries and action plans.
  • Communication: Sending diagnostic results, support messages, and administrative notifications via email using Resend as our email service provider.
  • Payment Processing: Processing transactions through Stripe for TAD services.
  • Platform Improvement: Analyzing usage patterns and feedback to enhance our diagnostic algorithms and user experience.
  • Legal Compliance: Meeting legal or regulatory requirements.

Data Storage & Security

Your data is stored securely on Supabase-hosted infrastructure with the following protections:

  • Encryption at Rest: All diagnostic and organizational data is encrypted at the database level.
  • Encryption in Transit: Data transmitted to our platform is encrypted via HTTPS/TLS.
  • Access Controls: Access to data is restricted to authorized personnel and limited to what is necessary for their role.
  • Regular Updates: We maintain current security patches and conduct regular infrastructure reviews.

While we implement industry-standard security measures, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security, but we are committed to protecting your information with reasonable safeguards.

Third-Party Services

We use trusted third-party services to deliver our platform and services:

Stripe

Payment processing. Stripe handles all payment information in compliance with PCI-DSS standards.

Resend

Email delivery service for diagnostic reports, notifications, and support communications.

Vercel

Platform hosting and CDN services for the TAD application.

These services have their own privacy policies. We require all third parties to maintain appropriate security and confidentiality measures. We do not authorize them to use your data for purposes other than providing services to us.

Cookies

TAD uses minimal cookies to maintain session security and user authentication:

  • Admin Session Cookie: An httpOnly, secure session cookie that expires after one week of inactivity. This cookie is essential for maintaining your authenticated session and cannot be accessed by client-side JavaScript.
  • No Tracking Cookies: We do not use third-party analytics, marketing, or tracking cookies.

You can disable cookies in your browser settings, though this may affect your ability to use certain features of the TAD platform.

Data Retention

We retain your data as follows:

  • Assessment Data: Diagnostic responses and generated reports are retained for up to 2 years to support rescoring, trend analysis, and improvement tracking.
  • Account Data: Contact information is retained as long as your account is active.
  • Logs: Server logs are typically retained for 30 days.

You may request deletion of your data at any time by contacting us. We will honor deletion requests within 30 days, except where retention is required by law.

Data Sharing & Selling

We do not sell your data to third parties. Your diagnostic information, organizational data, and responses remain confidential and are used solely to deliver TAD services to you. We will not share your data with third parties except as required by law, to enforce our terms, or to protect the safety and rights of our users and the public.

Your Rights

Depending on your location, you may have certain rights regarding your personal information:

  • Access: The right to request what personal data we hold about you.
  • Correction: The right to correct inaccurate information.
  • Deletion: The right to request deletion of your data.
  • Portability: The right to receive your data in a portable format.

To exercise any of these rights, please contact us at transformation@theagilitydoctor.com.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by updating the effective date above and posting the revised policy on our website. Your continued use of TAD following these changes constitutes your acceptance of the updated Privacy Policy.

Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at transformation@theagilitydoctor.com. We will respond to your inquiry within 14 days.

TAD Delivery Intelligence

A product of The Agility Doctor