Privacy Policy

Effective: April 26, 2026 Last updated: April 26, 2026

Introduction

IceOps is a software platform for ice rink operators, provided by Rooilabs, LLC ("Rooilabs," "we," "us," or "our"), a Delaware limited liability company. IceOps is a product brand of Rooilabs, LLC and is not a separate legal entity.

This Privacy Policy explains what information we collect when you visit iceops.io or use the IceOps service, how we use that information, and the choices you have about it.

If you have questions, contact us at hello@iceops.io or by mail at:

Rooilabs, LLC 2093 Philadelphia Pike #2678 Claymont, DE 19703

Who This Policy Applies To

This Privacy Policy covers two groups:

  1. Visitors to iceops.io — anyone who browses our marketing site.
  2. IceOps account holders — rink operators, their staff, and other authorized users of the IceOps platform ("Customers").

It does not cover the personal information that Customers upload to IceOps about their own contacts (for example, the renters, parents, or program participants whose names and contact details a rink enters into the system). For that information, the Customer is the data controller and Rooilabs acts as a service provider. See the section "Data You Upload About Third Parties" below for how we handle that data.

Information We Collect

Information you provide

  • Account information. When you create an IceOps account, we collect your email address and (for password-based accounts) a hashed password. If you create an organization, we collect the organization's name, address, time zone, and operating details you enter during onboarding.
  • Profile information. Your name and role within the organization, if you choose to provide them.
  • Billing information. When you start a paid subscription, our payment processor (Stripe) collects your payment method on our behalf. Stripe stores your full card details; we receive a token, the last four digits of the card, the brand, the expiration date, and your billing address. We do not store full card numbers on our servers.
  • Communications. If you email us at hello@iceops.io, request a preview account, or submit a research form, we keep a record of the message and your reply address.

Information collected automatically

  • Usage information. Pages you visit within the app, features you interact with, and timestamps of those interactions.
  • Device and connection information. IP address, browser type, operating system, and referring URL. We use this for security, fraud prevention, and basic analytics.
  • Cookies and similar technologies. We use a small number of cookies and browser storage entries that are strictly necessary to operate the service — for example, to keep you signed in. We do not use third-party advertising cookies, and we do not allow third-party advertising networks to track you on iceops.io.
  • Analytics. We use Plausible Analytics, a privacy-first website analytics service, to understand aggregate traffic to iceops.io. Plausible does not use cookies, does not collect personal information, and does not track visitors across websites or over time. The data Plausible collects is anonymized and aggregated, and cannot be used to identify individual visitors. You can read more about Plausible's data practices at plausible.io/privacy-focused-web-analytics.

Information from third parties

  • Stripe. When a payment is processed, Stripe sends us metadata about the transaction (amount, status, customer ID, subscription ID).
  • Email delivery. When we send transactional email through our email provider (Resend), we receive delivery, bounce, and engagement events for the messages we send to you.

We do not buy personal information from data brokers and do not enrich your account from outside sources.

How We Use Information

We use the information we collect to:

  • Provide the IceOps service — authenticate you, render your data, save your work, and bill you.
  • Send transactional emails — magic links, password resets, billing receipts, invoices, dunning notices, and important account notifications. These are not marketing emails.
  • Provide customer support and respond to your requests.
  • Detect, investigate, and prevent fraud, abuse, and security incidents.
  • Improve the product — understand which features are used, fix bugs, and make planning decisions.
  • Comply with legal obligations.

We do not sell your personal information, and we do not share it with third parties for their own advertising or marketing purposes.

How We Share Information

We share information only with the following categories of recipients:

Service providers (subprocessors)

We use a small set of third-party service providers to run IceOps. Each one processes personal information only on our instructions and only as needed to deliver their service to us.

Service provider Purpose Data location
Supabase Database, authentication, file storage United States
Google Cloud (Cloud Run) Application hosting United States
Stripe Payment processing, subscription billing United States
Resend Transactional email delivery United States
Plausible Analytics Privacy-first website analytics for iceops.io European Union
AWS Route 53 DNS United States

If we add or change a subprocessor, we will update this list.

Legal disclosures

We may disclose information when we have a good-faith belief that disclosure is required to comply with applicable law, a valid legal process (such as a subpoena), or a request from a government authority; to enforce our Terms of Service; or to protect the rights, property, or safety of Rooilabs, our Customers, or others.

Business transfers

If Rooilabs is involved in a merger, acquisition, financing, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control.

Data You Upload About Third Parties

When you use IceOps, you may upload personal information about people who do not have an IceOps account — for example, the names, phone numbers, and email addresses of ice renters, program participants, parents, or staff candidates. For that information:

  • You are the controller. Your organization decides what to collect, how to use it, and how long to keep it.
  • We are the processor. We store and process the data on your behalf, only to provide the service to you.
  • You are responsible for having a lawful basis to collect and share that information with us, for providing any required notices to those individuals, and for honoring their requests to access, correct, or delete their information. We will assist you in responding to those requests when you ask us to.

If you receive a privacy request from someone whose data you have uploaded to IceOps and you need our help responding, contact us at hello@iceops.io.

Data Storage and Security

IceOps data is stored in the United States, in encrypted databases hosted by Supabase on AWS infrastructure. Data is encrypted in transit (TLS 1.2 or higher) between your browser and our servers, and encrypted at rest in our database.

We restrict access to production data to a small number of authorized personnel, and we use row-level security in our database to enforce that each Customer can only access their own organization's data.

No system is perfectly secure. We do our best, but we cannot guarantee absolute security. If we become aware of a security incident that affects your information, we will notify you in accordance with applicable law.

Data Retention

We retain your information for as long as your IceOps account is active.

If your subscription is cancelled — voluntarily or because of an unresolved payment failure — we preserve your data for 150 days from the cancellation date. During this window, you can reactivate your subscription and your data will be exactly as you left it.

After the 150-day window, we anonymize your data rather than hard-deleting it. This means:

  • Personal identifiers (names, contact details, addresses) are removed or replaced with placeholder values.
  • The structural records (event history, communication logs, contract records) are preserved without the personal information attached.

We use anonymization rather than full deletion because IceOps maintains permanent audit logs of certain operational records (such as renter communications and contract history). Anonymization removes personal information from those records while preserving their integrity as audit history. If you require full deletion of all records, including audit history, contact us at hello@iceops.io and we will work with you on a case-by-case basis.

If your free trial ends without converting to a paid subscription — whether because the trial period expires or because you close the account — we retain your trial data for 90 days from the date the trial ended. During this window, you can return and pick up where you left off by starting a paid subscription. After 90 days, we anonymize your trial data using the same procedure described above. You can request earlier deletion of your trial data at any time by contacting us at hello@iceops.io.

Your Privacy Rights

Depending on where you live, you may have rights with respect to your personal information. We honor the rights described below for all account holders, regardless of state of residence.

Rights you have

  • Access. You can request a copy of the personal information we hold about you.
  • Correction. You can correct inaccurate personal information directly in your account, or by contacting us.
  • Deletion. You can request that we delete your personal information, subject to the limits described in Data Retention above.
  • Portability. You can request a copy of your account data in a machine-readable format.
  • Opt-out of sale or sharing. We do not sell or share personal information for cross-context behavioral advertising. There is nothing for you to opt out of, but you have the right to make this request and we will confirm our practice in response.
  • Non-discrimination. We will not deny service, charge different prices, or provide a different level of service because you exercised a privacy right.

How to make a request

Email hello@iceops.io with the subject line "Privacy Request." We will verify your identity using the email address associated with your account and respond within 45 days. We may extend that period by an additional 45 days if necessary, in which case we will notify you of the extension.

Authorized agents

You may use an authorized agent to make a request on your behalf. We will require written authorization signed by you and may require you to verify your identity directly with us before we act on the agent's request.

California-specific disclosures

If you are a California resident, the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), gives you the rights described above. In the past 12 months, we have collected the categories of information described in Information We Collect for the purposes described in How We Use Information, and disclosed those categories only to the service providers listed under How We Share Information. We have not sold or shared personal information for cross-context behavioral advertising.

Children's Privacy

IceOps is a business tool intended for use by ice rink operators. It is not directed at children, and we do not knowingly collect personal information from anyone under the age of 13.

If you are an IceOps Customer who uploads information about minors as part of your operations (for example, the names of program participants), that data is subject to the Data You Upload About Third Parties section above. You are responsible for any obligations you have under the Children's Online Privacy Protection Act (COPPA) or similar laws.

If we learn that we have inadvertently collected personal information directly from a child under 13, we will delete it.

International Users

IceOps is operated from the United States and is intended for use by ice rink operators in the United States. If you access IceOps from outside the United States, your information will be transferred to and processed in the United States. By using IceOps, you consent to that transfer.

We are not currently offering IceOps to customers in the European Union, the United Kingdom, or other jurisdictions with comprehensive data protection laws beyond the United States, and this Privacy Policy does not address those laws.

Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page. If the changes are material, we will notify you by email or through a notice in the IceOps app before the changes take effect.

Your continued use of IceOps after a change becomes effective means you accept the updated policy.

Contact

For privacy questions or requests:

Email: hello@iceops.io Mail: Rooilabs, LLC, 2093 Philadelphia Pike #2678, Claymont, DE 19703

Rooilabs, LLC · Privacy Policy · April 2026 · v3