JungleOS
Scope

Privacy Policy

Last updated: June 26, 2026

Welcome to JungleOS. This Privacy Policy explains how Amos RF LLC dba AJA Software Solutions(“AJA,” “we,” “us,” or “our”) collects, uses, and shares information about you when you use JungleOS and its modules (collectively, the “Service”).

By using the Service, you agree to the collection and use of information in accordance with this policy.

1. Our Role: Data Controller vs. Data Processor

It is important to understand our role with respect to your data.

We are the Data Controller for the information we collect from you to provide and manage your JungleOS account — such as your name, email address, and usage data.

Your Organization is the Data Controllerfor the content your organization creates and stores within the Service, such as project estimates, client profiles, rate cards, and uploaded documents (“Workspace Data”). We do not access or control this data for our own purposes. In this capacity, we act as a Data Processor, handling Workspace Data only on your behalf and according to your instructions, as described in the Data Processing Agreement embedded in our Terms of Service.

2. Information We Collect

Account Information

When you or your organization creates an account or accepts an invitation, we collect your full name, email address, organization name, and your role within the organization (admin or member). If you sign in via Google or Microsoft OAuth, we may receive your name, email, and profile photo from that provider.

Legal basis: Performance of a contract.

Workspace Data

Information you create or upload within the Service — including project estimates, customer profiles, questionnaire answers, integration lists, rate cards, uploaded documents (such as RFPs and statements of work), and organizational configuration. You control this data; we store and process it only to provide the Service to you.

Legal basis: Performance of a contract.

Subscription and Billing Information

We collect information to manage your subscription, including plan type, billing cycle, and payment status. Payment card details are processed directly by our billing provider (Zoho) and are not stored on our systems.

Legal basis: Performance of a contract.

Technical and Usage Data

We automatically collect certain technical information when you use the Service: IP address, device type and browser, login dates and times, pages and features accessed, and error logs. This data is used to operate, secure, and improve the Service. It is not used to build individual behavioral profiles for advertising.

Legal basis: Legitimate interest.

Communications Data

When you contact us for support or send feedback, we retain your name, email address, and the content of your message in order to respond and improve the Service.

Legal basis: Legitimate interest.

A Note on Sensitive Data

The Service is not designed to collect or store sensitive personal data (e.g., health information, racial or ethnic origin, financial account credentials). While you can input information into your Workspace, we urge you not to store sensitive personal data on the platform.

3. Cookies and Similar Technologies

Cookies are small text files stored on your browser or device. We also use similar browser storage (such as localStorage and sessionStorage) for limited in-app functionality. JungleOS uses these technologies to operate the Service — not for advertising, cross-site tracking, or building marketing profiles.

Cookies we set

  • Authentication (essential). When you sign in, our authentication provider (Supabase) sets session cookies so you remain logged in and your account stays secure. These are required to use the Service.
  • Practice area selection (functional). We store your currently selected practice area in a cookie (canopy_pa_id) so the app opens to the right workspace context on return visits.
  • Organization invitations (essential). If you follow an invite link before you have an account, we may store a short-lived cookie (pending_invite) so you can complete signup or sign-in and join the organization you were invited to.

When you sign in with Google or Microsoft, those providers may also set their own cookies during the OAuth redirect flow. Their use of cookies is governed by their respective privacy policies.

Browser storage (not cookies)

Some in-app preferences and coordination data — such as onboarding help checklist progress and estimate edit-lock state — are stored in your browser's localStorage or sessionStorage. This data stays on your device and is used only to support those features.

What we do not use

We do not use advertising cookies, retargeting pixels, or third-party analytics cookies (such as Google Analytics) on the Service today. If we introduce non-essential cookies in the future, we will update this policy and, where required by law, ask for your consent before they are placed.

Your choices

Most browsers let you block or delete cookies. Blocking essential cookies may prevent you from signing in or using core features. To clear in-app browser storage, you can use your browser's site-data or clear-storage controls for JungleOS.

Legal basis (where applicable): Performance of a contract and legitimate interest in providing a secure, functional Service.

4. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service
  • Authenticate users and enforce access controls within your organization
  • Process subscription payments and manage billing
  • Send transactional emails (account setup, invitations, password resets, billing notifications) via our email provider
  • When AI features are enabled, transmit relevant Workspace Data to our AI provider to power those features (see Section 5)
  • Respond to support requests and troubleshoot issues
  • Detect and prevent fraud, abuse, and security incidents
  • Comply with legal obligations and enforce our Terms of Service
  • Send product updates and service notices (you may opt out of non-essential communications at any time)

We do not sell your personal data. We do not use your Workspace Data to train AI models or build competing products.

5. How We Share Your Information

We share data only with third parties who help us operate and improve the Service. Each provider acts as a data processor on our behalf. When user-facing AI features are introduced, we will update this policy and designate the relevant provider before any Workspace Data is transmitted.

Supabase

We use Supabase for database hosting and user authentication. File storage for uploaded documents is planned and will use Supabase-managed infrastructure when available. All application data — including account information and Workspace Data — is stored in Supabase-managed infrastructure in the United States. See the Supabase Privacy Policy.

Vercel

Our application is hosted and served via Vercel's edge network. Vercel may process request metadata (IP addresses, headers) as part of delivering the Service. See the Vercel Privacy Policy.

Zoho

We use Zoho for subscription billing, customer relationship management, service desk (support tickets), and back-office reporting and analytics. This includes sharing account and billing contact information to manage your subscription and support requests. See the Zoho Privacy Policy.

Resend

Transactional emails are delivered via Resend. Resend receives recipient email addresses and email content for delivery purposes only. See the Resend Privacy Policy.

Other Disclosures

We may also disclose information:

  • In connection with a merger, acquisition, or sale of all or a portion of our business (we will notify you before your data is transferred to a new entity under a different privacy policy)
  • When required by law, court order, or governmental authority
  • To protect the rights, property, or safety of AJA, our users, or the public

6. Data Security and Retention

Security. We implement appropriate technical and organizational safeguards to protect your personal data, including encryption in transit (TLS) and at rest, row-level security in our database, hashed password storage, and access controls limiting employee access to customer data. No security system is impenetrable; we cannot guarantee the absolute security of your information. In the event of a data breach affecting your personal information, we will notify you in accordance with applicable law.

Retention. We retain your personal data and Workspace Data for as long as your account is active. Following termination or cancellation, Workspace Data is retained for up to 90 days (allowing you to retrieve data or reactivate your account) and then permanently deleted. Billing records and transaction logs are retained for as long as required by applicable law, typically seven years.

7. International Data Transfers

Our Service is hosted and operated in the United States. If you are using the Service from outside the United States, your information will be transferred to, stored, and processed in the US. We take steps to ensure that your data is treated securely and in accordance with this Privacy Policy when transferred internationally. Where required by applicable law (including GDPR for EEA users), we rely on appropriate safeguards such as standard contractual clauses.

8. Children's Privacy

Our Service is intended for adults running professional businesses and is not directed to individuals under the age of 18. We do not knowingly collect personal information from minors. If we become aware that we have inadvertently collected such information, we will take steps to delete it promptly.

9. Your Privacy Rights

You have rights regarding your personal data. You can exercise most of these rights directly from your account settings.

  • Right to Access: You can request a copy of the personal data we hold about you.
  • Right to Rectification: You can correct inaccurate personal data through your account settings.
  • Right to Erasure: You can request that we delete your account and associated personal data, subject to our legal obligations.
  • Right to Object: You can object to our processing of your data for marketing purposes.
  • Right to Data Portability: You can request a copy of your data in a machine-readable format.
  • Right to Restrict Processing: You can request that we restrict processing of your data in certain circumstances.

California Residents

The California Privacy Rights Act (CPRA) grants you additional rights:

  • Right to Know: You have the right to know what personal information we have collected, used, and disclosed about you.
  • Right to Opt-Out of Sale/Sharing:We do not “sell” or “share” (for cross-context behavioral advertising) your personal information.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.

To exercise any of these rights, please contact us at privacy@ajasoftwaresolutions.com. We will respond within 30 days.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy on this page, updating the “Last updated” date, and sending an email notice at least 14 days before the change takes effect. Continued use of the Service after the effective date constitutes acceptance of the revised policy.

11. Contact Us

If you have any questions about this Privacy Policy, please contact us:

Amos RF LLC dba AJA Software Solutions
5009 Branded Oaks Ct, Tallahassee, FL 32311, USA
privacy@ajasoftwaresolutions.com
+1 713-589-9382

If you are located in the European Economic Area and believe we have not adequately addressed your concern, you have the right to lodge a complaint with your local data protection authority.