VITAL Suite Rich in Thought Solutions
VITAL Suite · Last updated 2026-04-19

Privacy Policy

Rich in Thought LLC ("Rich in Thought," "we," "us") operates the VITAL Suite dashboard product (the "Service") at vitalsuite.richinthought.com. This Privacy Policy explains what information we collect, how we use and protect it, and the choices you have.

This policy is written to be understood, not to be clever. If anything below is unclear, email us at info@richinthought.com and we will answer plainly.

1. Information we collect

We collect three categories of information:

1.1 Account information you give us

1.2 Integration data you authorize us to read

When you connect a third-party service such as QuickBooks Online or Gusto, we receive only the scopes you approve during that service's OAuth consent screen. Our integrations are read-only by design — we never request write scopes and we do not modify data in your connected services. Current integrations and the data we read:

1.3 Usage information

2. How we use your information

We use the information above to:

We do not sell your personal information or your integration data to any third party. We do not share it with advertisers or data brokers.

3. Sub-processors

We rely on the following sub-processors to operate the Service. Each has its own privacy and security posture that you can review at the linked pages:

We review each sub-processor at least annually and after any publicly-disclosed security incident.

4. Where we store your data

All production systems run on AWS-hosted infrastructure in United States regions, managed by Railway (compute) and Supabase (database). We do not operate our own data centers.

5. International data transfers

If you access the Service from outside the United States, your information will be transferred to, stored in, and processed in the United States. For transfers subject to European or UK data protection law, we rely on the Standard Contractual Clauses published by the European Commission and, where applicable, the UK International Data Transfer Addendum.

6. How we protect your data

Additional detail on our security controls is available in our Security Posture document on request at security@richinthought.com.

7. Data retention and destruction

We retain customer data for the duration of your subscription plus 90 days after cancellation for recovery and audit purposes.

On subscription termination or upon your explicit deletion request:

  1. OAuth tokens connecting the Service to QuickBooks Online, Gusto, and any other integration are marked revoked immediately.
  2. Your customer data rows are hard-deleted from all canonical and integration-specific tables within 30 days.
  3. We confirm the deletion in writing to your registered email address.

Database backups are retained for 30 days and then purged. Audit logs are retained for one year. Security incident records are retained per applicable regulations.

8. Your rights

Depending on your location, you may have the following rights regarding your personal information:

To exercise any of these rights, email info@richinthought.com. We will respond within 30 days.

9. Consent and choice

You give us consent to read integration data (QuickBooks, Gusto) at the moment you click Authorize on each service's OAuth consent screen. You can revoke that consent at any time by disconnecting the integration from your Settings page; the revocation also takes effect with the source system immediately.

10. Data breach notification

If we confirm a breach affecting your personal information, we will notify you within 72 hours of confirmation in line with GDPR Article 33. Notification will describe the data exposed, the timeline, our remediation steps, and any action we recommend on your part. Our full incident response procedure is summarized in our Security Posture document.

11. Children's privacy

The Service is designed for businesses, not individual consumers. We do not knowingly collect personal information from anyone under 16. If you believe a minor has provided personal information to us, email info@richinthought.com and we will delete it.

12. Changes to this policy

We may update this policy to reflect changes to our practices, the Service, or applicable law. Material changes will be announced via email to your registered address. The "Last updated" date at the top of this page reflects the most recent revision.

13. Contact

Questions about this policy: