Privacy Policy

SPHIOR Ops Console for Monday

This Privacy Policy explains how SPHIOR ("SPHIOR", "we", "us", "our") handles data when you use SPHIOR Ops Console for Monday (the "App"), a monday.com marketplace application. It explains what we access, why, how long we keep it, and the choices you have. It applies to your use of the App within monday.com and to this website.

1. Who we are

SPHIOR is the publisher of SPHIOR Ops Console for Monday. Contact: support@sphior.com. Website: https://ops-console.sphior.com

2. Data we access and process

· monday content: When you run an action (deduplicate, find & replace, bulk archive, export, or recurring items), we read and, where you direct, modify the relevant board and item data. We request the minimum scopes: boards:read, boards:write, account:read, me:read, and notifications:write (to notify you about scheduled-job results). · Google Drive (only if you connect it): the drive.file scope, which limits access to files this App creates. We use it solely to deliver your exports to your own Drive. · Account / configuration: your plan, timezone, schedules, and job settings. · Authentication tokens: OAuth tokens for monday and (if connected) Google, stored in monday's SecureStorage. · Anonymous usage counts: aggregate event counts (e.g. number of previews or exports) with no personal data and no board content, used to improve the product.

3. What we do NOT store

· We do not retain your board or business data. Content is processed transiently — in memory or short-lived staging — and deleted immediately after the operation completes or after delivery to your chosen cloud. · The only exception is Undo snapshots. Before a destructive action (duplicate merge, bulk archive, or find & replace) we capture a snapshot so you can recover. Snapshots are stored encrypted with a 30-day time-to-live (TTL) and are then automatically deleted. · We do not sell your data and do not use it to train AI models.

4. How we use data

We use data to perform the actions you request, run the schedules you configure, deliver exports to your cloud, notify you of job outcomes, enforce plan limits, and secure and improve the service. We never sell your data or use board content to train models.

5. Legal bases (where applicable, e.g. EEA / UK)

Performance of a contract (providing the App you installed), our legitimate interests (security and product improvement via anonymous metrics), and your consent (e.g. connecting Google Drive).

6. Hosting and sub-processors

The App runs on monday code (monday.com infrastructure). Exports are delivered to your own third-party cloud (e.g. Google Drive) at your instruction. We do not operate a separate external database. monday.com's privacy practices apply to data stored in monday Storage and monday SecureStorage — see https://monday.com/l/privacy/privacy-policy/.

7. Data retention

Configuration (schedules, job settings) and tokens are kept while the App is installed. Undo snapshots are retained for 30 days, then auto-deleted. Anonymous usage counts are retained in aggregate. On uninstall, we delete your account's stored configuration, tokens, and snapshots.

8. Security

Least-privilege scopes; tokens stored in monday SecureStorage; transient handling of board content; encrypted Undo snapshots with automatic 30-day expiry; and no long-term storage of customer business data. See our Security page at https://ops-console.sphior.com/security for details. The App is subject to monday.com's marketplace security review.

9. Your rights and choices

Disconnect Google Drive at any time in the App's Settings. Review and delete Undo snapshots. Uninstall the App to remove your data. Depending on your location, you may have rights to access, correct, delete, or port your data — contact us at support@sphior.com.

10. Data deletion

Uninstalling the App deletes your account's stored configuration, OAuth tokens, and any Undo snapshots. To request deletion sooner, email support@sphior.com; we will act within 30 days. See also https://ops-console.sphior.com/data-deletion.

11. International transfers

Data may be processed in the regions where monday code and your chosen cloud operate. Where required, we rely on appropriate safeguards. Refer to monday.com's Privacy Policy for details on how monday.com itself handles regional data residency.

12. Children

The service is for business use and is not directed to children under the age of 16.

13. This website's cookies

This marketing / legal site uses only essential cookies (and privacy-respecting analytics if enabled). It does not track you across other sites.

14. Changes to this Policy

We may update this Policy from time to time. The "Last updated" date at the top of this page will reflect any change; material changes will be posted here with a new effective date.

15. Contact

SPHIOR · support@sphior.com · https://ops-console.sphior.com

Last updated: 2026-07-11