TickFlowBack to home

Privacy Policy

Last updated: April 2026

Orthoplex Solutions ("we", "our", or "us") operates TickFlow, a client ticketing portal and related services. This Privacy Policy explains how we collect, use, disclose, store, and safeguard your information when you use our website, APIs, browser extension, and related tools (collectively, the "Service").

1. Introduction

By using the Service, you agree to this policy. If you do not agree, do not use the Service. We may update this policy; we will post the revised version and update the "Last updated" date. Material changes may be communicated by email or an in-app notice where appropriate.

2. Information we collect

2.1 Information you provide

  • Account and profile: name, email, password (stored hashed), organization name, subdomain choices, and settings you configure in the portal.
  • Support and communications: messages you send us (support, sales, feedback), including any data you include in those messages.
  • Billing (if applicable): billing contact and payment details processed by our payment providers; we receive only what is needed to manage subscriptions.

2.2 Integration credentials (e.g. ClickUp)

When you connect a third-party project management tool such as ClickUp, you provide API tokens or OAuth credentials so we can create and sync tasks on your behalf. These integration secrets are encrypted at rest using industry-standard encryption and access controls. Operational staff cannot freely read plaintext tokens from production systems; access is limited to what is required to operate and secure the Service.

2.3 Ticket content and attachments

TickFlow is not a long-term document repository for your ticket files. Attachments, screenshots, screen recordings, and other files you submit with a ticket are transmitted to your configured project management workspace (for example, ClickUp) as part of creating or updating tasks. We do not retain your client files as a separate file-storage product; your PM provider holds that content subject to their terms and your account settings. We may process such data transiently in application memory or short-lived caches solely to complete the upload and to enforce size and security limits.

2.4 Information collected automatically

  • Log and device data: IP address, browser type, timestamps, and similar diagnostics.
  • Usage data: features used and API activity to operate, secure, and improve the Service.
  • Cookies and similar technologies as needed for sessions, preferences, and security.

2.5 Information from third parties

If you authenticate through a third party (e.g. SSO or identity provider), we receive the identifiers and attributes that provider shares with us in line with your consent and their policy.

3. How we use your information

  • Provide, operate, and secure the Service (including authentication, integrations, and support).
  • Transmit ticket content and attachments to your connected workspace (e.g. ClickUp) as you direct us to.
  • Detect, prevent, and respond to fraud, abuse, and security incidents.
  • Improve reliability and performance; where possible we use aggregated or de-identified data.
  • Send transactional messages (e.g. verification, password reset, security notices) and respond to your requests.
  • Comply with law and enforce our terms and policies.

We do not sell your personal information.

4. Sharing and disclosure

  • Your project tool: We send ticket data and attachments to the integration you configure (e.g. ClickUp) so your team can work items in that system.
  • Service providers: Hosting, infrastructure, email delivery, analytics, and payment processors under contracts that limit use and require appropriate safeguards.
  • Legal: When required by law, court order, or to protect rights, safety, and security.
  • Business transfers: In a merger, acquisition, or asset sale, information may transfer as part of the transaction; we will notify you where required.

5. Data retention

We retain account and operational data as long as your account is active or as needed to provide the Service. After deletion or export requests, we delete or anonymize personal data within a reasonable period, except where we must retain it for legal obligations, disputes, or security (e.g. short-lived logs).

6. Security

We implement technical and organizational measures including encryption in transit (TLS), encryption at rest for sensitive integration credentials, access controls, and monitoring. No method of storage or transmission is 100% secure; we will notify you and regulators where required by law if a breach affects your personal data.

7. International transfers

We may process data in countries where we or our providers operate. Where required (e.g. EEA/UK), we use appropriate safeguards such as Standard Contractual Clauses.

8. Children

The Service is not directed at children under 16 (or higher where local law requires). We do not knowingly collect personal information from children.

9. Your rights

Depending on your location, you may have rights to access, correct, delete, or port your data, restrict or object to certain processing, and to lodge a complaint with a supervisory authority. Contact us at the address below to exercise these rights.

10. California

California residents may have additional rights under the CCPA/CPRA. We do not sell personal information as defined under the CCPA. To submit a request, contact us as indicated below.

11. Changes

We may update this Privacy Policy. The "Last updated" date reflects the current version. We encourage you to review the policy periodically.

12. Contact

For privacy questions or requests, contact us through orthoplexsolutions.com or the details in your account settings.