Privacy Policy
Last updated: March 2026
Chase Freeman, doing business as Myco Ops ("Myco Ops," "we," "our," or "us") is committed to protecting your privacy. This Privacy Policy describes what data we collect, how we use it, and your rights as a user of the Myco Ops platform at GetMycoOps.com.
1. Data We Collect
Account information
When you sign up, we collect your email address, organization name, and the role you assign to your account. We do not collect personal addresses or phone numbers unless you voluntarily provide them.
Production data
The core function of Myco Ops is to store your cultivation records: blocks, batches, recipes, bag types, harvest weights, stage transitions, contamination events, and location data within your facility.
Business data
If you use the deliveries and customer features, we store your customer contact information, delivery records, and invoice data that you enter.
Usage data
We collect server-side logs of API requests (method, path, response code, timestamp) for security monitoring and debugging. We do not use client-side analytics trackers.
2. How We Use Your Data
We use collected data to:
- Provide, operate, and maintain the Myco Ops platform
- Generate reports, dashboards, and analytics within your account
- Send transactional emails (account creation, password reset, billing)
- Diagnose errors and improve platform reliability
- Aggregate anonymized usage patterns to improve product features
We do not use your production or business data for advertising, and we do not sell your data to any third party.
3. Data Storage and Security
All data is stored in AWS infrastructure located in the us-east-1 region (Northern Virginia, USA). We apply the following security measures:
- Encryption at rest using AES-256 (DynamoDB and S3)
- Encryption in transit using TLS 1.2 or higher (all API and CloudFront traffic)
- Tenant data isolation — each farm's data is scoped to their tenant ID and never accessible to other accounts
- Authentication via AWS Cognito with JWT tokens
- Role-based access control (Owner, Manager, Worker, Viewer)
Despite these measures, no system is 100% secure. We encourage you to use a strong, unique password for your account.
4. Data Sharing
We do not sell, rent, or share your data with third parties for marketing purposes. Data may be shared in the following limited circumstances:
- Integrations you enable: If you connect Myco Ops to Shopify, QuickBooks, HubSpot, or other third-party services, data flows to those services as required to provide the integration. You control which integrations are active.
- Legal requirements: We may disclose data if required by law, court order, or to protect the rights and safety of our users.
- Business transfers: In the event of a merger or acquisition, data may be transferred to the successor entity, with notice provided to affected users.
5. Cookies and Local Storage
Myco Ops uses browser localStorage to store your Cognito authentication tokens. This is required for the app to work and is not used for tracking.
We do not set third-party tracking cookies. We do not use Google Analytics, Facebook Pixel, or similar advertising trackers.
6. Third-Party Services
Myco Ops relies on the following third-party services. Each has its own privacy policy.
| Service | Purpose |
|---|---|
| AWS Cognito | User authentication and identity management |
| Stripe | Payment processing and billing management |
| AWS CloudFront / S3 | Content delivery and static asset hosting |
| AWS SES | Transactional email delivery |
7. Data Retention
Data for active accounts is retained for as long as your account is active. If you delete your account, your data is retained for 30 days to allow for recovery, then permanently deleted from all systems.
Server logs are retained for 30 days. Billing records may be retained longer as required by financial record-keeping obligations.
8. Your Rights
You have the right to:
- Access: View the data stored in your account at any time within the platform
- Export: Download your production and business data in machine-readable formats
- Delete: Request deletion of your account and all associated data
- Correct: Update or correct inaccurate account information at any time
To exercise these rights, use the account settings in the platform or contact us at chase@capecodmushroomco.com.
9. Children's Privacy
Myco Ops is not intended for use by anyone under the age of 18. We do not knowingly collect personal information from children. If you believe a minor has created an account, contact us and we will delete it promptly.
10. Changes to This Policy
We may update this Privacy Policy as the platform evolves. When we make material changes, we will notify you by email at least 30 days before the changes take effect. The updated policy will also be posted on this page with a revised "Last updated" date.
Contact
Privacy questions or data requests: chase@capecodmushroomco.com
Chase Freeman, d/b/a Myco Ops