OverviewOperationsVisibilityControl
Sign inSee the system
Privacy Policy

Privacy Policy

How Cephron LLC processes information in connection with the authenticated Cephron platform, operational workflow execution, and operational SMS.

Public Reference

This page is part of Cephron's public legal, trust, and reviewer reference package for organizations, approved business contacts, authorized users, and external reviewers.

Last updated: April 23, 2026

On This Page

01

Overview

Cephron LLC ("Cephron," "we," "our") provides operational workflow software used by businesses to coordinate internal processes. This Privacy Policy explains how we process information in connection with the Cephron platform.

Cephron operates as a service provider to organizations. In most cases, those organizations control the operational data, user accounts, and business contact records processed through the platform.

This page is written to describe the active public and authenticated Cephron runtime in restrained terms for organizations, business contacts, and external reviewers.

Public Position

Cephron does not sell personal information.

Mobile phone numbers and SMS consent data are used solely for delivering operational messages.

Cephron does not sell, rent, or share mobile numbers or SMS consent with third parties or affiliates for marketing or promotional purposes.

02

Scope

  • Authorized users who log in to the Cephron console
  • Approved business contacts entered into operational workflows
  • Operational workflow records submitted by organizations
  • System, session, device, and service telemetry generated while the platform is used
  • Does not govern how organizations use data outside Cephron
03

Information We Process

Identity And Account Data

Email address, role, store association, organization association, and related account identifiers.

Session And Device Data

Session state, request metadata, device or browser information, and technical logs used to operate and secure the service.

Operational Workflow Data

Tickets, service requests, sales requests, timestamps, notes, assignments, and status changes created in the normal course of store operations.

Communication Provider Data

Phone numbers, consent state, message status, provider message identifiers, callback metadata, and related audit context for operational SMS.

Audit And Support Data

Workflow history, related event records, and support or troubleshooting context needed to investigate operational issues.

04

SMS Data and Communication Handling

When organizations use Cephron's operational SMS workflow, Cephron may process phone numbers stored as operational contact records and related communication data required to send, monitor, and audit those messages.

Mobile phone numbers and SMS consent data are used solely for delivering operational messages.

Mobile phone numbers and SMS consent data are used solely for delivering operational messages. Cephron processes SMS-related data including contact records, consent status, timestamps, delivery status, and message metadata solely for operational delivery, auditing, troubleshooting, and system reliability purposes. This data is not used for profiling, advertising, resale, or other promotional activity.

Consent is required prior to any SMS being sent. Contacts begin in a pending state and are not eligible to receive messages until explicit opt-in is completed.

Operational Contact Records

Business contact name, role label, store relationship, email address, and phone number.

Phone numbers are stored as operational contact records for authenticated workflow communication.

Consent Proof Storage

Consent status, consent source, consent method, timestamp, IP address, user agent, and consent language version where available.

Consent proof is stored to demonstrate when, how, and from where explicit opt-in was completed.

Message Logs And Delivery Metadata

Template-rendered SMS text, delivery status, provider message identifiers, failure metadata, and related workflow or event metadata.

Message logs and delivery metadata are retained to support auditing, troubleshooting, and service reliability.

Provider Interaction

Cephron uses Twilio to deliver operational SMS and receive delivery-status callbacks tied to message records.

Provider interactions are limited to the data necessary to route, confirm, and audit operational communication.

Cephron does not sell, rent, or share mobile numbers or SMS consent with third parties or affiliates for marketing or promotional purposes.

Additional detail about the live SMS program appears on the SMS page.

05

How We Use Data

  • Operate the Cephron platform for internal business workflow coordination
  • Authenticate users and enforce access control
  • Track service and sales activity across stores and organizations
  • Deliver communications and preserve auditability for those communications
  • Monitor reliability, investigate incidents, and detect misuse

Cephron uses phone numbers only for operational and transactional SMS workflows described in the SMS Communication Policy.

Mobile numbers and consent records are not repurposed for advertising, promotional outreach, or unrelated communications activity.

06

Purpose Limitation

All collected data is used exclusively for operational workflow execution, system access control, service delivery, and auditability.

Cephron does not use collected data for profiling, advertising, or resale.

07

Sharing

Cephron shares information only with service providers required to run the platform or support the related communications workflow.

Examples include Supabase for database and authentication services, Twilio for SMS delivery, Vercel for hosting and deployment, and Sentry for application error monitoring when configured in the active environment.

Cephron does not sell, rent, or share mobile numbers or SMS consent with third parties or affiliates for marketing or promotional purposes. Current provider disclosures are listed on the subprocessors page.

08

Organization Control

Organizations control their data, users, and permissions within the platform.

Cephron acts on organization instructions in connection with the data processed through organization environments, including operational SMS contact records and consent workflows.

Organizations are responsible for determining which users, stores, and approved business contacts are placed into the system and for ensuring that the contact relationship is legitimate before a consent request is sent.

09

Retention

Information is retained as needed for operational, support, audit, and security purposes. Retention can vary based on the type of record, the organization relationship, and the need to investigate service or consent history.

SMS contact records, consent events, and message logs may be retained to demonstrate when consent was requested, how consent was completed or revoked, and how operational communication was delivered.

10

Security

  • Authenticated access to the operational console
  • Role-based access in application logic
  • Store-scoped data handling with row-level security in the database
  • Transport encryption and provider-backed storage protections
  • Workflow, consent, and system logging for review and troubleshooting

Public legal and SMS consent pages are separate from the authenticated console and are limited to the information necessary to review legal disclosures or complete a specific consent action.

More detail appears on the Security page.

11

Changes

Cephron may update this Privacy Policy from time to time, and the latest version will always be posted on this page.

12

Contact

contact@cephron.com

Public contact route: /contact

Cephron LLC