Decision OSBack to home

Privacy Policy

Last updated: May 21, 2026

Who we are

Owner OS ("Decision OS", "the Service") is operated by TM Hyman & Associates, LLC ("we", "us", "our"), the data controller for personal data processed in connection with the Service. You can reach us at privacy@decisionos.live.

What we collect

Account info (email, name, avatar), the decisions and team data you create, usage and device telemetry (including IP address, browser, and pages visited), support correspondence, and limited payment metadata (e.g. transaction ID, billing country, last four digits) returned to us by our payment processor. We never see or store full card numbers.

How we use it and legal bases

We process your data to: (a) provide the Service and your account — legal basis: performance of our contract with you; (b) process payments, send invoices, and prevent fraud — legal basis: performance of contract and legitimate interests; (c) send transactional notifications — legal basis: performance of contract; (d) secure, debug, and improve the Service and generate AI insights you request — legal basis: legitimate interests; (e) comply with legal obligations (tax, accounting, lawful requests) — legal basis: legal obligation. We do not sell your data.

Sharing

We share data only with processors and partners that help us run the Service, bound by appropriate data-protection terms:

Paddle.com Market Limited — our reseller and Merchant of Record. Paddle handles checkout, billing, tax, invoicing, refunds, and chargebacks for every purchase, and acts as an independent controller for that payment data. See Paddle's privacy notice at paddle.com/legal/privacy.
• Hosting and database (Lovable Cloud / Supabase), email delivery, analytics, and AI providers used to generate the insights you request.
• Professional advisers (legal, accounting) and authorities when required by law.

International transfers

Where data is transferred outside your region (for example to the US or EU), we rely on appropriate safeguards such as Standard Contractual Clauses or adequacy decisions where required.

Retention

We retain your data while your account is active. On deletion, we remove your data within 30 days, except where retention is required by law (for example, Paddle and we must retain transaction records for tax and accounting purposes).

Your rights

You may access, export, correct, or delete your data from Settings, or by contacting us. EU/UK users have rights under GDPR (access, rectification, erasure, restriction, portability, objection, withdrawal of consent, and the right to lodge a complaint with a supervisory authority). California users have rights under CCPA, including the right to know, delete, and opt out of sale (we do not sell personal information). We respond within 30 days.

Security

Data is encrypted in transit and at rest. Access is restricted via row-level security and role-based access controls. No system is perfectly secure; report concerns to security@decisionos.live.

Contact

TM Hyman & Associates, LLC — privacy@decisionos.live