Skip to content
Legal · Privacy

Privacy Policy

Last updated: April 13, 2026

This policy explains what data Covision collects, how we use it, and your rights. We do not sell your data, and we do not use your business data to train AI models.

1. Who we are

Covision Consultants ("Covision," "we," "our," "us") operates covisionperformance.com and the Covision software platform. Our registered address is 330 Town Center Dr, Suite 330, Dearborn, MI 48126, US. For privacy-related inquiries, contact info@covisionconsultants.com.

2. Information we collect

2.1 Information you provide

  • Account data: name, email, phone, organization name, role.
  • Billing data: handled by Stripe; we store only the billing contact and plan reference.
  • Business data you enter into Covision: goals, meeting notes, scorecards, clients, invoices, documents, messages.
  • Communication data: messages you send us via support forms, email, or SMS.

2.2 Information collected automatically

  • Technical data: IP address, browser type, device type, operating system, referrer.
  • Usage data: pages visited, features used, actions performed (via PostHog analytics).
  • Error data: crash reports and stack traces (via Sentry).
  • Cookies and similar technologies: see Cookies section below.

2.3 Information from integrations

When you connect third-party services, we receive data scoped to your authorization: QuickBooks (expenses, accounts, vendors), Plaid (bank transactions, account balances), Google Calendar (events, availability), Stripe (payments, subscriptions).

3. How we use your information

  • To provide and operate the Covision platform.
  • To authenticate you and secure your account.
  • To send transactional communications (receipts, confirmations, account notifications).
  • To send marketing communications — you can opt out at any time.
  • To improve the product via aggregated, de-identified analytics.
  • To comply with legal obligations and enforce our Terms.

4. QuickBooks (Intuit) data handling

When you connect QuickBooks Online to Covision, we access a limited, user-authorized scope: expenses, accounts, and vendors (read and write). We do not access payroll data, customer lists beyond what you explicitly sync, or any data outside the permitted scope.

  • QuickBooks data is never used to train any AI model.
  • QuickBooks data is never sold or shared with third parties.
  • Access is limited to the authenticated user's organization and Covision personnel strictly for support, with your explicit request.
  • You can disconnect QuickBooks at any time in Settings → Integrations. Disconnection revokes our access immediately.
  • Upon disconnection, synced QBO data is retained only as required to complete in-flight operations (e.g., an invoice post) and is deleted within 30 days on request.
  • Data is encrypted in transit (TLS 1.2+) and at rest (AES-256).

5. SMS (Twilio A2P 10DLC) data handling

Covision sends SMS messages to users who have explicitly opted in via a signup or in-product consent checkbox. Message types include: one-time passcodes, appointment reminders, task notifications, and account alerts.

  • Opt-in: consent is collected via a clearly labeled checkbox at signup, which is unchecked by default and links to our SMS Terms.
  • Opt-out: reply STOP to any message to unsubscribe from non-transactional SMS. One-time passcodes are transactional and not subject to opt-out, per carrier regulations.
  • Help: reply HELP for contact information and support options.
  • Message frequency: up to 10 messages per month per user, except where you trigger additional messages by your own actions.
  • Rates: message and data rates may apply based on your carrier.
  • Carrier liability: carriers are not liable for delayed or undelivered messages.
  • SMS consent timestamp and IP address are retained for compliance audit purposes.

See our full SMS Terms for program details required under Twilio A2P 10DLC.

6. Cookies and tracking

  • Essential cookies: session, authentication, CSRF. Cannot be disabled.
  • Analytics: PostHog, anonymized by default. You can opt out via the cookie banner.
  • Error tracking: Sentry. No PII is sent; stack traces only.
  • We do not use advertising cookies on this site.

7. How we share information

We do not sell your personal data. We share data only with service providers strictly necessary to operate Covision:

  • Infrastructure: Cloudflare, Convex.
  • Payments: Stripe.
  • Communications: Resend (email), Twilio (SMS).
  • Analytics: PostHog, Sentry.
  • Integrations: Plaid, QuickBooks, Google, OpenAI — only data you explicitly sync or prompt with.

We may also disclose data when required by law or to protect rights, property, or safety.

8. Data retention

We retain your account and business data for as long as your account is active. On account closure, data is retained for 30 days and then deleted, except where we must retain records for legal or tax compliance (financial records: 7 years).

9. Your rights

Depending on where you live, you may have the right to:

  • Access the personal data we hold about you.
  • Request correction or deletion of your data.
  • Export your data in a portable format.
  • Object to or restrict certain processing.
  • Withdraw consent at any time.
  • Lodge a complaint with a supervisory authority.

To exercise these rights, email info@covisionconsultants.com or visit /data-deletion.

10. GDPR (EEA, UK)

Our legal bases for processing are: performance of a contract (service delivery), legitimate interest (security, improvement), consent (marketing, SMS, analytics cookies), and legal obligation (tax and compliance records). Covision acts as a data controller for account data and a data processor for customer business data.

11. CCPA (California)

We do not sell or share your personal information for cross-context behavioral advertising. California residents may exercise their rights under the CCPA by contacting us at the address above.

12. Children's privacy

Covision is not intended for individuals under 16. We do not knowingly collect data from children.

13. International transfers

Our infrastructure is US-based. If you access Covision from outside the US, your data is transferred to, processed, and stored in the United States under appropriate safeguards.

14. Security

We maintain reasonable technical and organizational safeguards: TLS 1.2+ in transit, AES-256 at rest, role-based access, audit logs, regular third-party security reviews, and a documented incident response plan.

15. Changes

We may update this policy. When we do, we'll revise the "Last updated" date above and, for material changes, notify you by email or in-product banner at least 30 days before the change takes effect.

16. Contact

Questions? Email info@covisionconsultants.com or write to Covision Consultants, 330 Town Center Dr, Suite 330, Dearborn, MI 48126, US.