Skip to main content

Privacy Policy

Effective February 23, 2026

Overview

This Privacy Policy explains how 1404 ("we," "us," or "our"), operated by Holden Bryce, collects, uses, stores, and protects data in connection with the Mission Control platform and related services ("Services").

We take data privacy seriously. Your data belongs to you, and we handle it with the care and security it deserves. This policy is written to be clear and straightforward — not 50 pages of legalese.

What Data We Collect

Operational Data

Through the Mission Control platform, we may collect and process the following data on your behalf:

  • Accounting data — financial records, invoices, payments, and chart of accounts synced from QuickBooks Online
  • Email and calendar data — messages, appointments, and contacts accessed through Microsoft 365 integration
  • Project data — project details, timelines, budgets, status updates, and associated documents
  • Time tracking data — employee hours, labor allocations, and timesheet records
  • Employee data — names, roles, assignments, and contact information for workforce management

Account Data

When you use our Services, we collect basic account information including names, email addresses, and roles for platform access and authentication.

Website Data

The 1404.io website does not use cookies, tracking pixels, or analytics services. We do not collect any data from website visitors. If you contact us via email, we retain that correspondence to respond to your inquiry.

How We Use Your Data

We use your data exclusively to:

  • Provide and operate the Mission Control platform for your company
  • Generate reports, dashboards, and analytics specific to your operations
  • Power AI-assisted monitoring, analysis, and operational recommendations
  • Maintain and improve the quality and reliability of the Services
  • Communicate with you about your account and the Services

We do not sell your data. We do not use your data for advertising. We do not use one client's data to benefit another client. Your data is used solely to provide Services to your company.

How We Store Your Data

All client data is hosted on Amazon Web Services (AWS) in the US-East-1 (Northern Virginia) region. Our security practices include:

  • Encryption at rest — all stored data is encrypted using AES-256 encryption
  • Encryption in transit — all data transmission uses TLS 1.2 or higher
  • Client isolation — each client's data is isolated in a separate environment using Linux user-level separation, ensuring no cross-client data access
  • Credential management — API tokens and integration credentials are stored in AWS Secrets Manager with strict access controls
  • Access controls — access to client environments is restricted to authorized personnel only

Who Can Access Your Data

Access to your data is limited to:

  • Your team — authorized users within your company, as defined by your account administrators
  • 1404 personnel — Holden Bryce and designated 1404 team members who require access to provide the Services
  • AI agents — automated AI systems (powered by Anthropic Claude) that have read access to your data within your isolated environment for generating queries, reports, and operational insights

We do not provide access to your data to any other parties unless required by law or with your explicit consent.

Third-Party Services

The following third-party services may process your data as part of delivering the Services:

Amazon Web Services (AWS)

Infrastructure, hosting, and data storage. Data resides in US-East-1.

AWS Privacy Policy

Intuit QuickBooks Online

Accounting data synchronization. We read and write financial data through their API with your authorization.

Intuit Privacy Policy

Microsoft 365

Email and calendar integration. We access messages and calendar events through the Microsoft Graph API with your organization's authorization.

Microsoft Privacy Statement

Anthropic Claude

AI-powered analysis and reporting. Client data may be processed by Claude to generate queries, reports, and operational insights. Anthropic does not train on data submitted through their API.

Anthropic Privacy Policy

Data Retention

We retain your data for as long as your service agreement is active and for 30 days following termination to allow for data export.

After the 30-day post-termination period, all client data is permanently deleted from our systems, including backups, unless retention is required by applicable law.

You may request a complete export of your data at any time during the service agreement. Exports are provided in standard, machine-readable formats (CSV, JSON, or equivalent).

Your Rights

You have the right to:

  • Access — request a copy of the data we hold about your company
  • Correction — request correction of inaccurate data
  • Deletion — request deletion of your data, subject to any legal retention obligations
  • Export — receive your data in a portable, machine-readable format
  • Revoke access — disconnect any third-party integration at any time

To exercise any of these rights, contact us at holden@1404.io. We will respond to requests within 30 days.

Security Incidents

In the event of a data breach that affects your information, we will notify you within 72 hours of becoming aware of the incident. Notification will include the nature of the breach, the data affected, the steps we are taking to address it, and recommended actions on your end.

Children's Privacy

The Services are designed for business use and are not directed at individuals under the age of 18. We do not knowingly collect personal information from children.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify active clients of material changes via email at least 30 days before they take effect. The effective date at the top of this page reflects the most recent revision.

Contact

If you have questions about this Privacy Policy or how we handle your data, contact us at:

1404
Holden Bryce
holden@1404.io
Detroit, MI