Privacy Policy

Local-first storage, with optional account sync

Receipt numbers stay on your device in browser localStorage. If you create an account, general case details such as case type, field office, filing dates, and labels may sync securely so your timeline, history, and alerts work across sessions.

localStorage is a browser-native storage mechanism that keeps data on your machine only. Receipt numbers are never synced to GreenLight. Server-side account sync is opt-in and excludes government identifiers such as receipt numbers and A-numbers.

Status decoder privacy

Most common statuses decode locally in your browser. If the local decoder cannot recognize a message, the text passes through GreenLight's decoder API to generate a fallback explanation. We do not log or store that pasted text by default.

Analytics may record that a decode happened, but never the status text itself. If you later choose to log a decoded status to your account history, that status text is then stored as part of your timeline by design.

Anonymous community milestones

When you share milestones to help the community, we strip all identifying information. No user ID, receipt number, or personal details are attached. The milestone data cannot be traced back to you.

What we store: case type (e.g. I-485), field office, milestone name (e.g. "Biometrics"), and days from filing. That's it. No account link, no IP address, no session ID. The database row has no foreign key to your user record.

What we do store server-side

We believe in being upfront. Here is exactly what is stored on our servers:

Authentication: Your email address and a securely hashed password, managed by Supabase Auth. We never see or store your plaintext password.

Subscription status: Whether you are on the Free or Pro tier, your Stripe customer ID, and subscription dates. This is required to manage billing.

Account-based case history: If you create an account and choose to log statuses or sync a case, general case details and saved status history are stored so your timeline and alerts persist across sessions. Receipt numbers remain local-only.

Anonymous milestone contributions: As described above — case type, field office, milestone name, and days from filing. No PII attached.

All server-side data is hosted on Supabase (encrypted at rest, hosted in the US) with row-level security policies. Payment processing is handled by Stripe — we never see or store your card number.

Limited analytics and ads measurement

We use privacy-conscious analytics to understand whether GreenLight is helpful and whether signup or upgrade flows are working.

We may use analytics and ads measurement for page views, clicks, signups, and upgrades. We do not sell user data, use data brokers, or send receipt numbers, A-numbers, saved case details, or pasted status text in analytics events.

Your rights

Delete your account: Go to Account settings and delete your account at any time. This removes your email, subscription data, and auth record from our servers.

Clear local data:Clear your browser's localStorage to remove all case data from your device. Since we never had a copy, there's nothing to request from us.

Full data deletion: Email privacy@greenlighttrack.com to request complete deletion of all server-side data associated with your account.

Questions?

For privacy concerns, email privacy@greenlighttrack.com or visit our contact page.

Want the technical version? Read the privacy architecture breakdown.