Digital First Report
Incident Reporting
Legal

Privacy Policy

This page is maintained by Digital First Report to answer common privacy questions about Digital First Report. It is app-owned editable content and not an independent legal certification.

Effective date: June 30, 2026

1. Who we are

Digital First Report LLC (“Digital First Report,” “we,” “us,” or “our”) provides incident reporting and OSHA recordkeeping software. Our principal place of business is 123 Main St, City, State ZIP.

For privacy questions or to exercise your rights, contact matt@digitalfirstreport.com.

2. What information we collect

We collect only the information reasonably needed to respond to inquiries, operate the site, and improve the service.

  • Contact/demo inquiries. When you use the demo request form, your name, role, organization, email address, and message are submitted through your own email client. We receive and process those emails.
  • Review feedback. When authorized review mode is active (?review=token), the feedback tool may collect your comment, an optional name, the page URL, a CSS selector of the clicked element, viewport dimensions, user agent, and an optional screenshot. This is used only for internal review and improvement.
  • Technical data. Our hosting platform logs standard HTTP request data (such as IP address, browser type, requested pages, and timestamps) for security, reliability, and debugging purposes.

3. How we use your information

We use the information we collect to:

  • Respond to demo requests and other inquiries.
  • Operate, maintain, and improve the site and service.
  • Detect and prevent fraud, abuse, and security incidents.
  • Comply with legal obligations and protect our rights.

4. Cookies and analytics

We do not currently use third-party analytics, advertising trackers, or cookies for marketing purposes. We may use essential cookies or local storage needed for site functionality (for example, remembering review-mode preferences). If we add analytics in the future, we will update this policy and, where required, obtain appropriate consent.

5. Hosting, storage, and subprocessors

Digital First Report is built on the Lovable Cloud platform, which provides hosting, database, authentication, and storage infrastructure. Lovable Cloud uses Supabase on the backend. This is a shared-responsibility arrangement: Lovable Cloud manages the platform infrastructure and security controls, while Digital First Report manages the application data, access controls, and content on top of that platform.

We do not sell your personal information. We may share data with service providers only to the extent necessary to operate the site and service, and only under appropriate confidentiality and security obligations.

6. Data retention

We keep contact and demo inquiry data until you ask us to delete it. Review feedback and technical logs are retained for a reasonable period to support internal review, security, and operations, then deleted or anonymized when no longer needed.

7. Your privacy rights

Depending on your location, you may have rights to access, correct, delete, restrict, or object to the processing of your personal information. You may also have the right to request a copy of data you have provided to us.

To exercise any of these rights, email matt@digitalfirstreport.com. We will respond within a reasonable timeframe and may need to verify your identity before processing your request.

8. Security

We implement reasonable administrative, technical, and physical safeguards to protect information from unauthorized access, disclosure, alteration, or destruction. However, no internet transmission or storage system can be guaranteed to be 100% secure. We encourage users to use strong passwords and keep their credentials confidential.

9. Children's privacy

The Digital First Report service is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us and we will delete it.

10. International data transfers

Our infrastructure is hosted in the United States. If you access the site from outside the United States, you acknowledge that your information may be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your jurisdiction.

11. Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will revise the effective date at the top of this page. We encourage you to review this policy periodically.

12. Contact us

For privacy questions or requests, please contact us at: matt@digitalfirstreport.com