Your data stays yours.
LeanOS (“LeanOS”, “we”, “us”) is a B2B SaaS platform for manufacturing teams (5S audits, defect tracking, A3 problem-solving, kaizen with verified savings, AI-grounded fix plans). This policy applies to both the LeanOS web application at getleanos.com and the LeanOS Android mobile application. We are the data fiduciary under India's Digital Personal Data Protection Act, 2023 (the “DPDP Act”) and the data controller under the EU General Data Protection Regulation (the “GDPR”) for data of customer organizations and their authorized users.
1. Scope
This policy covers personal data we collect from authenticated users of LeanOS and operational data customer organizations create inside LeanOS (zones, audits, defects, photos, kaizens, A3 cases, fix plans, leaderboards, scores, audit logs).
When a customer organization (the “Customer”) subscribes to LeanOS, they are the data controller / data fiduciary for their employees' data they upload into the service. LeanOS is the data processor acting on the Customer's instructions for that data.
2. Data we collect
Account data — your email, hashed password (bcrypt via Supabase Auth), full name, role within your organization, organization / workspace name.
Operational data — zones, audits and audit findings, defect descriptions and photos, kaizen submissions and savings figures, A3 problem-solving cases (5-Whys, Fishbone, countermeasures), fix plans, audit logs of actions taken inside the workspace, and the area-owners you invite or assign.
Authentication metadata — timestamps of sign-in events, authenticated session tokens, IP address of the most recent session, basic device information (operating system version, app version) for diagnostics.
Communications — email messages you send to founder@getleanos.com, and our replies, are retained for support and legal record purposes.
We do not collect or store your phone contacts, calendar, location, browser history, financial information, or any data not needed to operate the audit / defect / kaizen / A3 workflow.
3. Lawful basis for processing
We process your data on the following legal bases:
- Contract — to deliver the LeanOS service to your Customer organization under the applicable Master Services Agreement or Pilot order.
- Legitimate interest — to investigate errors, secure the service against abuse, prevent fraud, and operate the service responsibly.
- Consent — for any optional features that require it (none currently; we do not run advertising, analytics tracking, or third-party pixels).
- Legal obligation — to comply with applicable law (DPDP Act, GDPR, IT Act 2000, tax laws, lawful court orders).
4. How we use your data
To provide the LeanOS service: render your audits, surface open defects to the right person, suggest categorizations for new defect photos, generate fix plans, drive A3 problem-solving steps, roll up reporting at the org / site / plant level.
To improve reliability: investigate errors, debug crash reports, identify performance issues. Aggregated metrics (e.g., total active orgs, average score) may be reviewed for capacity planning, but are never tied to any specific Customer.
We do not use Customer Data to train any machine-learning models. We do not sell personal data. We do not share personal data with advertising or marketing networks.
5. AI use disclosure
LeanOS uses Anthropic's Claude (vision and language models) to:
- Categorize defect photos into 7 TPM defect types.
- Suggest root causes during A3 5-Whys and bucketize 6M Fishbone branches.
- Generate fix-plan drafts grounded in your plant's past data.
- Compute Plant Coach insights and suggested next actions.
All AI outputs are advisory only. The auditor, plant manager, or assigned owner reviews and confirms every AI suggestion. No AI output triggers an automated action that affects Customer operations.
Anthropic, by their commercial terms, does not train on data submitted via their API. Defect photos and short text payloads we send to the Claude API are processed in the United States (Anthropic's data centers).
You may request that AI features be disabled for your workspace by emailing founder@getleanos.com. When AI is disabled, defect categorization, fix-plan generation, and AI-assisted A3 features are not available; all other modules continue to function.
6. Mobile app permissions
The LeanOS Android app requests these permissions:
- Camera — used only when you explicitly tap to capture a defect photo. The camera is not accessed in the background.
- Photos / Media — used only when you explicitly tap to attach an existing photo. We read only the file you select; we do not scan your gallery.
- Internet — required to sync your audits, defects, and photos to the LeanOS backend and to call the AI vision categorization service (Anthropic).
7. Subprocessors
We use the following third-party services (subprocessors) to operate LeanOS. The full list, including data residency, is maintained at getleanos.com/subprocessors.
- Supabase (database, file storage, authentication) — encrypted in transit and at rest.
- Vercel (application hosting and edge serving) — does not have access to the database or Customer Data at rest.
- Anthropic (Claude AI models for categorization and generation).
- Resend (transactional email — sign-in links, audit summaries, kaizen notifications).
We will notify Customers via email or in-app banner at least 30 days before adding a new material subprocessor.
8. Data residency & international transfers
Customer Data at rest is stored in Supabase's primary region (configurable on enterprise plans). The web application is served via Vercel's edge network. Transactional email is sent via Resend's United States infrastructure. AI inference requests to Anthropic are processed in the United States.
For users in the EU/EEA, transfers outside the EEA rely on the European Commission's Standard Contractual Clauses (SCCs) with Anthropic, Vercel, Supabase, and Resend.
For Customers requiring India-only data residency or EU-only data residency, contact founder@getleanos.com. Available on enterprise plans.
9. Data retention schedule
| Category | Retention |
|---|---|
| Account data (active workspace) | Lifetime of subscription |
| Operational data (audits, defects, kaizens, A3 cases) | Lifetime of subscription |
| Defect photos | Lifetime of subscription |
| Audit logs (RBAC + data changes) | 7 years from event |
| Authentication / session metadata | 90 days |
| After workspace cancellation — primary data | 30 days grace, then permanent deletion |
| After workspace cancellation — backups | Up to 90 days |
| Email correspondence with founder@getleanos.com | 5 years |
You can delete any zone, defect, kaizen, A3 case, or member from inside the app — deletions are immediate. Supabase backups are purged on the schedule above.
10. Your rights
Under the DPDP Act, GDPR, and equivalent laws, you have the following rights with respect to your personal data:
- Access — request a copy of personal data we hold about you.
- Correction — request that we correct inaccurate or incomplete personal data.
- Erasure — request deletion of your personal data, subject to limitations where we are required to retain it (legal obligations, Customer's instructions to retain workspace data).
- Portability — request an export of your personal data in a machine-readable format (JSON / CSV).
- Restriction / objection — restrict or object to specific processing activities.
- Consent withdrawal — withdraw any consent you have given (e.g., to receive marketing email).
- Complaint — lodge a complaint with your local supervisory authority (India: Data Protection Board of India once notified; EU: your country's data protection authority).
To exercise any of these rights, email founder@getleanos.com from the email address registered to your account. We will acknowledge within 7 days and action within 30 days. We will not charge a fee for reasonable requests.
11. Security
All data in transit is encrypted with TLS 1.2 or higher. Passwords are hashed by Supabase Auth using bcrypt. Photos are served through signed URLs that expire and are scoped to authenticated session holders. Postgres row-level security (RLS) policies enforce org-level isolation on every database query — a user can only read or write rows belonging to their organization.
See getleanos.com/security for the full security architecture.
12. Personal data breach notification
If we become aware of a personal data breach affecting your data, we will notify the affected Customer organization (administrator email on the workspace) and, where required by law, the relevant supervisory authority. Under the DPDP Act and GDPR, our target notification window is 72 hours from awareness, unless the breach is unlikely to result in risk to affected persons.
13. Cookies
LeanOS uses strictly necessary cookies only — for authentication session management (Supabase Auth) and CSRF protection. We do not use advertising, marketing, or third-party analytics cookies. We do not track you across other websites.
14. Children's privacy
LeanOS is a workplace tool intended for use by employees of manufacturing organizations. It is not directed to children under the age of 18 (or the equivalent minimum age in your jurisdiction). We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child, we will delete it.
15. Changes to this policy
We will update the “Last updated” date when this policy changes. For material changes (new categories of data collection, new subprocessors that materially affect data sharing, changes affecting data subject rights), we will notify active Customer administrators via email at least 30 days before the change takes effect.
16. Contact & Grievance Officer
For privacy questions, data subject rights requests, or to raise a grievance under the DPDP Act:
The contact email above also serves as the address of our designated Grievance Officer under section 8(9) of the DPDP Act, 2023. The Grievance Officer is reachable during Indian business hours (Mon–Fri, 09:30–18:30 IST).