Last updated: June 17, 2026
This Privacy Policy describes how Axiom Ops LLC ("Axiom Ops", "we", "us") collects, uses, and shares information when you use the FrostOps mobile application and related services (collectively, the "Service"). FrostOps is a business operations platform for food-and-beverage store owners, managers, and their staff.
Information you provide. Account information including your name, email address, phone number, password (stored as a salted hash), and your role within a store. Business information including store names, locations, schedules, task templates, team rosters, and other operational data you enter into the Service. Communications including team chat messages, support tickets you open, and prompts you send to the in-app AI manager ("Sage"). Photos, videos, and other attachments you choose to attach to tasks, inventory items, or support tickets, and barcodes you scan for inventory. Voice notes and audio recordings you create with the in-app recorder (for example, to describe a task or to annotate its completion), which are uploaded to and stored on our servers as part of the associated task and are visible to other members of your store according to their role.
Information collected automatically. Device and usage data including device model, OS version, app version, language, time zone, and in-app actions used to operate, secure, and improve the Service. Diagnostic data including crash reports and error traces, collected via Sentry, used to fix bugs. If you enable notifications, we store a push notification device token to deliver alerts, briefings, and chat notifications. E-signature audit data: when you electronically sign a regulated document inside the Service (e.g., tax forms, break waivers), we capture your IP address, browser/device user-agent, and timestamp as part of the signature audit trail, as required by applicable e-signature and recordkeeping laws.
Gmail-ingested email content (owner-side feature). With the owner's explicit OAuth grant, and limited strictly to operational reports that match configured patterns (e.g., daily-sales, payroll, and product-mix reports), we parse the content of emails delivered to the owner's Gmail account and extract structured data for use within the Service. See Section 5 for our Gmail Limited Use affirmation and the specific Google OAuth scope we request.
Information from your device that we do not upload. When you invite a teammate, the app may let you pick a phone number from your device's contacts; the selected number is sent only when you complete the invite, and your contact list is never uploaded or stored on our servers. The app accesses photos you explicitly select; we do not scan or upload your photo library. If you enable biometric unlock (Face ID, Touch ID, or fingerprint), the app uses your device's local biometric authentication via expo-local-authentication; biometric data never leaves your device and is not sent to or stored on our servers. The app accesses your microphone only while you are actively recording a voice note. When you use voice dictation to enter text (for example, a task description or completion note), the speech-to-text conversion is handled by your device's built-in operating-system speech recognition (Apple or Google); we do not receive the dictation audio, and any processing performed by your operating system is governed by that provider's privacy policy.
We use the information we collect to provide, operate, and secure the Service (authentication, role-based access, scheduling, task tracking, chat, reporting, AI assistance); send transactional notifications (briefings, alerts, schedule changes, chat messages); diagnose and fix crashes and bugs; respond to support requests; and comply with legal obligations and enforce our Terms of Service. We do not sell your personal information, and we do not use your data to train third-party advertising models.
FrostOps includes an in-app AI manager ("Sage") and other AI-assisted features. When you use these features, the prompts you send and a relevant slice of your operational data (e.g., the store and date range you ask about) are processed by a third-party large-language-model provider on our behalf to generate a response. These providers act as data processors under contract and are not permitted to use your data to train their models.
Within your organization. Data you enter is visible to other members of your store according to their role (owner, manager, team member).
Service providers (processors). Cloud hosting (Amazon Web Services), authentication (Google Sign-In, when you choose it), Gmail ingestion of operational reports (Google LLC, owner-side, with OAuth consent — see Section 5), error monitoring (Sentry), over-the-air app updates (Expo / EAS), and AI inference (our LLM provider). Each operates under a data-processing agreement and may use your information only to provide their service to us.
Legal. When required by law, subpoena, or to protect rights, safety, or property.
Business transfers. If Axiom Ops LLC is involved in a merger, acquisition, or asset sale, information may transfer as part of that transaction; you will be notified of any change in ownership or use of your personal information.
Where the Service uses Google APIs with Gmail scopes (for ingestion of operational reports on the owner side), our use of information received from Google APIs adheres to Google's API Services User Data Policy, including the Limited Use requirements.
The specific Google OAuth scope we request is https://www.googleapis.com/auth/gmail.readonly (read-only access to Gmail messages and settings).
Specifically, and by way of affirmation as required by Google:
FrostOps's use and transfer of information received from Google APIs to any other app will adhere to Google API Services User Data Policy, including the Limited Use requirements.
Concretely, this means: we use Gmail data solely to provide user-facing features of the Service (specifically, the parsing of operational reports such as daily sales, payroll, and product mix); we do not transfer Gmail data to others except as necessary to provide those features, to comply with applicable law, or as part of a merger, acquisition, or sale of assets with notice to users; we do not use Gmail data for serving advertisements; we do not allow humans to read Gmail data except (a) with your explicit consent for specific messages, (b) when necessary for security purposes such as investigating abuse, (c) to comply with applicable law, or (d) when the data has been aggregated and de-identified for internal operations, consistent with Google's policy.
You may revoke our access to your Gmail account at any time by visiting https://myaccount.google.com/permissions. Revocation disables the Gmail-ingestion feature; previously-ingested data will be handled under this Policy's retention rules.
We retain your information for as long as your account is active and as needed to provide the Service. If you delete your account, we delete or anonymize your personal information within 30 days, except where we are required to retain it for legal, accounting, or fraud-prevention purposes. Operational records (e.g., historical sales reports, completed shifts) belonging to a store remain with that store's account even if you, as an individual, leave it.
We use industry-standard safeguards, including TLS encryption in transit, encryption at rest for credentials and tokens, hashed passwords, and least-privilege access controls. No method of transmission or storage is 100% secure; you are responsible for keeping your account credentials confidential.
Depending on where you live, you may have the right to access the personal information we hold about you, correct inaccurate information, delete your account and associated personal information, export a copy of your data, object to or restrict certain processing, and withdraw consent for optional features (e.g., push notifications, contact-picker access) — you can do this at any time in your device settings.
To exercise any of these rights, email privacy@axiomops.ai. We will respond within the timeframe required by applicable law. California (CCPA/CPRA), EEA/UK (GDPR), and other regional residents have additional rights described above; we honor verifiable requests regardless of your jurisdiction.
FrostOps is a workplace tool intended for adults. We do not knowingly collect personal information from children under 16. If you believe a child has provided us with personal information, contact us at privacy@axiomops.ai and we will delete it.
We are based in the United States and process data in the United States and other countries where our service providers operate. By using the Service, you consent to the transfer of your information to these countries, which may have data-protection laws different from your own.
We may update this Privacy Policy from time to time. When we make material changes, we will notify you in-app or by email and update the "Last updated" date above. Your continued use of the Service after a change takes effect constitutes acceptance of the revised policy.
Axiom Ops LLC. For privacy questions or requests, email privacy@axiomops.ai. For general support, email support@axiomops.ai.