OSHAlert

Privacy Policy

Last updated: March 2026

1. Overview

OSHAlert (“we,” “our,” or “us”) operates a subscription service that monitors publicly available U.S. Department of Labor (DOL) OSHA enforcement data and delivers targeted email digests to subscribers. This Privacy Policy explains what information we collect, how we use it, and your rights regarding that information.

2. Information We Collect

Account information

When you sign up, we collect your email address and, if you use Google sign-in, your name and profile picture. We use this information to authenticate your account and deliver your alert digests.

Alert preferences

We store the filter settings you configure: states, industry codes, violation types, minimum penalty threshold, and digest frequency. These are used solely to personalize your email alerts.

Payment information

Billing is handled by Stripe. We do not store your credit card number or full payment details on our servers. We store your Stripe customer ID and subscription status to manage your plan.

Usage data

We log email delivery events (sent, failed, skipped) and the inspections included in each digest. This data is used to prevent duplicate sends and to monitor delivery health.

3. OSHA Data

The violation and inspection data displayed in OSHAlert is sourced from the U.S. Department of Labor's public enforcement database (available at data.dol.gov). This data is public record. OSHAlert does not generate or own this data — we aggregate and present it for convenience. Company names, addresses, and inspection records are part of the public enforcement record and are not private under applicable law.

4. How We Use Your Information

  • To authenticate you and manage your subscription
  • To filter and deliver OSHA alert digests based on your preferences
  • To process payments via Stripe
  • To send transactional emails (sign-in links, account notices)
  • To monitor and improve email delivery reliability

We do not sell, rent, or share your personal information with third parties for marketing purposes.

5. Third-Party Services

  • Stripe — payment processing and subscription management. See Stripe's Privacy Policy.
  • Resend / SMTP — transactional email delivery.
  • Google — optional OAuth sign-in and company contact enrichment via Google Places API.
  • Neon / Vercel — database and application hosting.

6. Email Communications

By subscribing to OSHAlert, you consent to receive alert digest emails based on your configured preferences. You may disable alert emails at any time by visiting Settings → Alert Preferences or by clicking the “Unsubscribe” link in any digest email.

Sign-in emails (magic links) are transactional and are only sent in response to a sign-in request you initiate.

7. Data Retention

We retain your account data for as long as your account exists. If you cancel your subscription, your account and preferences remain on file unless you request deletion. OSHA inspection data is retained indefinitely as it is public record. To request account deletion, contact us at support@oshalert.com.

8. Security

We use industry-standard measures to protect your data, including encrypted connections (HTTPS), secure database hosting, and no storage of raw payment credentials. No system is perfectly secure; please use a strong password or OAuth sign-in.

9. Children

OSHAlert is a business service not directed at children under 13. We do not knowingly collect information from minors.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or a notice in the dashboard. Continued use of the service after updates constitutes acceptance of the revised policy.

11. Contact

Questions about this policy? Email us at support@oshalert.com.