Test beta — RequestHarbor is in a private testing period. All data will be wiped before public release.

Privacy policy

Last updated: May 3, 2026

Overview

RequestHarbor (“we,” “us,” or “our”) provides a client request portal for professional teams and their clients. This policy describes how we collect, use, disclose, and safeguard information when you use our websites, applications, and related services (collectively, the “Service”).

Information we collect

Account and organization data

When you register or are invited to an organization, we collect identifiers and profile information such as name, email address, organization name, and role. We use this to authenticate you, administer your workspace, and communicate about the Service.

Service usage and content you provide

We process the data you submit to operate the Service, including client and contact records, request templates, checklist items, form responses, comments, approvals, activity timelines, and files you or your clients upload. Metadata such as timestamps and status changes may be recorded to provide history, notifications, and reporting.

Client portal access

End clients may access a request through a secure link without creating a full account. We may collect technical identifiers (for example, session tokens or device and browser signals) needed to secure that access and prevent abuse.

Billing

Subscription and payment processing are handled by our payment processor (Stripe). We receive billing-related information such as plan, subscription status, and limited payment metadata; we do not store complete payment card numbers on our servers.

Optional integrations

If you connect third-party calendar or scheduling tools (for example, Calendly or Google Calendar), we process the data needed to provide those features, which may include OAuth tokens, calendar identifiers, and event metadata as permitted by your integration settings and the third party’s terms.

Technical and security data

Like most web services, we collect log and diagnostic information such as IP address, approximate location derived from IP, user agent, referring URLs, and error reports. We use cookies and similar technologies where necessary for session management, preferences, security, and fraud prevention.

How we use information

We use the information above to:

  • Provide, maintain, and improve the Service;
  • Authenticate users, enforce permissions, and protect accounts;
  • Send service-related and transactional messages (including reminders you configure);
  • Process subscriptions and invoices through our payment processor;
  • Operate optional integrations you enable;
  • Detect, investigate, and help prevent security incidents and misuse; and
  • Comply with law and respond to lawful requests.

Where required by applicable law, we rely on appropriate legal bases such as performance of a contract, legitimate interests (for example, securing the Service and understanding aggregate usage), consent where we ask for it, and compliance with legal obligations.

How we share information

We share information with service providers who assist us in operating the Service (for example, hosting, email delivery, analytics, error monitoring, and payment processing). These providers are permitted to use your information only as instructed by us and subject to appropriate confidentiality and security obligations.

Within your organization, members you authorize can see organization and request data according to their roles. When you invite clients to a portal, content you designate as client-visible may be shown to those recipients.

We may disclose information if we believe in good faith that disclosure is required by law, legal process, or government request, or to protect the rights, property, or safety of RequestHarbor, our users, or others.

We do not sell your personal information as that term is commonly understood in U.S. state privacy laws.

Retention

We retain information for as long as your account or organization is active and as needed to provide the Service. We may retain certain records after closure where required for legal, tax, or security purposes, or as documented in your agreement with us.

Security

We implement technical and organizational measures designed to protect information against unauthorized access, loss, or alteration. No method of transmission or storage is completely secure; you are responsible for safeguarding your credentials and for the security of data you choose to collect from your own clients.

Your choices and rights

Depending on where you live, you may have rights to access, correct, delete, or export personal information, or to object to or restrict certain processing. You can update much of your profile data in the application. To exercise other rights, contact us using the details below. You may also have the right to lodge a complaint with a supervisory authority where applicable.

International transfers

We may process and store information in the United States and other countries where we or our service providers operate. When we transfer personal data across borders, we take steps consistent with applicable law to ensure appropriate protection.

Children

The Service is not directed to children under 16, and we do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us so we can delete it.

Changes to this policy

We may update this policy from time to time. We will post the revised policy on this page and update the “Last updated” date. Where changes are material, we will provide additional notice as required by law.

Contact

For privacy questions or requests, contact us at the support or privacy email address published for RequestHarbor on our website or in your account settings. If no address is published, use the primary contact channel for your workspace administrator.