Last updated: April 2026

Security Policy

OpsCompass360 treats operational information with care and uses practical safeguards appropriate for business support, workflow setup, CRM coordination, and reporting work.

Need-to-work access

Access is limited to what is needed for the agreed service. We do not request broader permissions than the work requires, and we use role-based access where client systems are involved.

Responsible handling of business information

Internal documents, workflow information, CRM data, and operational trackers are treated carefully. Client information is not reused for unrelated purposes, shared externally, or retained beyond what is needed for the agreed work.

Tool and AI boundaries

Practical AI is used only where appropriate and within agreed operational workflows. We do not feed client data into unapproved tools or models. Where AI-assisted processes are part of the service, the approach is discussed and approved with the client first.

Client visibility and approval

New systems, significant workflow changes, or tool integrations can be reviewed with the client where relevant. We favour transparency over surprise — if something changes how your data is handled, you will know about it.

Access cleanup and handover

At project end or role change, access can be removed and process documentation handed over as applicable. We aim to leave your systems in a clean state with clear notes on what was set up and how it works.

Form and website security

Form submissions are protected with a CAPTCHA check and sent directly to the OpsCompass360 inbox. We avoid unnecessary data collection and recommend secure processes where client systems are involved.

Client responsibilities

Report a concern

If you need to report a security concern, email hello@opscompass360.com.