WhiteLabel

EFFECTIVE JULY 14, 2026

Privacy notice

This notice explains the data handled by the WhiteLabel marketing site and by a separately ordered client portal deployment.

Last updated: July 14, 2026

1. Who operates WhiteLabel

WhiteLabel is operated by One Smart Sheep, LLC. For a managed deployment, the customer generally controls the project data placed in its portal and the Provider processes that data to deliver the agreed service. Exact roles must be stated in the order form or data-processing agreement.

2. Marketing-site inquiries

The inquiry form can collect name, work email, phone number, company, team size, service interest, and message content. Hosting and security providers may also process IP address, browser, device, timestamp, and request-log data needed to deliver and protect the site.

Inquiry data is used to respond, assess fit, prepare a quote, prevent abuse, and keep a business record. It is not sold.

3. Client portal data

A portal may contain account profiles, workspace and project membership, work items, comments, Project Pages, files, activity history, email-delivery records, and operational logs. Data location and access depend on the selected managed or client-owned infrastructure.

The Provider accesses customer content only when needed for implementation, migration, maintenance, security, troubleshooting, or customer-authorized support.

4. Service providers

The marketing site currently uses Vercel for hosting, Cloudflare for domain and security services, and Resend for inquiry email delivery. A client portal may use a separately selected hosting provider, database, object storage, transactional email provider, monitoring provider, and backup destination. The final subprocessor list must match the signed deployment scope.

5. Analytics and advertising

The site does not currently enable optional marketing analytics or advertising pixels. Inquiry forms can include campaign source, medium, and campaign-name parameters from the page URL so the Provider can understand which campaign generated a request. Before optional analytics or advertising pixels are enabled, this notice, consent controls, data destinations, and retention settings will be updated and tested.

6. Retention and deletion

Inquiry records are kept only as long as reasonably needed for follow-up, contracting, security, and legal records. Portal retention, backup retention, export, and deletion are governed by the signed order form. Backup copies can remain until their documented retention period expires.

7. Security and access

The standard deployment can use HTTPS, private workspaces and projects, role-based workspace and project access, controlled invitations, configured session duration, and private storage. No certification, SSO, SCIM, LDAP, custom audit export, backup service, or incident-response target is implied unless separately licensed, implemented, and contracted.

8. Choices and requests

Use the inquiry form to request access, correction, deletion, export, or privacy information. The Provider may need to verify identity and coordinate with the customer that controls a portal workspace.