Pulse: Privacy Policy

Last Updated: 11th March 2026

1. Introduction

Pulse is operated by Thrive Organisational Consulting Ltd (“we,” “our,” “us,” or “Company”), which is committed to protecting your privacy. This Privacy Policy explains how Pulse collects, uses, discloses, and otherwise processes personal information in connection with our web application and services.

Pulse is a financial management application designed for agencies. The application helps users manage job data, invoices, expenses, and financial projections through a secure web interface.

2. Information We Collect

2.1 Information You Provide Directly

Application Data: When you use Pulse, we collect and store information that you input into the application:

  • Job names and descriptions
  • Client names and contact information
  • Invoice amounts, dates, and payment status
  • Expense descriptions and amounts
  • Contractor information
  • Salary and dividend records
  • Financial projections and forecasts
  • Any other data you choose to enter into Pulse
  • User preferences and settings

Authentication Information:

  • Email address (used for login via email verification code)
  • Session tokens and authentication credentials

User Actions:

  • Data modifications you make through the Pulse interface
  • Reports you generate or view
  • Application settings and preferences

2.2 Information Collected Automatically

Application Usage:

  • Log entries recording actions within the application (login events, data modifications, errors)
  • Timestamps of your activities
  • Session information (start time, duration, last activity)
  • Application performance metrics

Technical Information:

  • Your IP address
  • Browser type and version
  • Device type (desktop, mobile, tablet)
  • Operating system
  • Approximate location (based on IP address)

3. How We Use Your Information

Pulse uses the information collected for the following purposes:

3.1 Primary Purposes

  1. Provide Core Functionality
    • Store and display your job, invoice, and expense data
    • Allow you to create, edit, and delete records
    • Generate financial reports and forecasts
    • Track payment status and manage workflows
    • Enable you to access your data from any authorized device
  2. Authentication & Security
    • Verify your identity via email
    • Maintain secure sessions
    • Detect and prevent unauthorized access
    • Log security events for audit purposes
    • Protect against fraud and abuse
  3. Application Improvement
    • Understand how you use Pulse
    • Identify and fix bugs
    • Improve features and user experience
    • Monitor application performance and reliability

3.2 Secondary Purposes

  1. Compliance & Legal Obligations
    • Respond to lawful requests from authorities
    • Enforce our Terms of Service
    • Protect the rights, property, and safety of users
  2. Communication
    • Send important service notifications
    • Respond to your support requests
    • Inform you of updates or changes to the service

4. Data Retention and Deletion

4.1 How Long We Retain Your Data

Your Application Data (jobs, invoices, expenses, etc.):

  • Retained for as long as your account is active
  • Automatically deleted 30 days after account deletion
  • You can request immediate deletion at any time

Session & Authentication Data:

  • Active sessions are retained for 90 days of inactivity
  • Expired sessions are automatically deleted
  • Verification codes are deleted immediately after use or after 10 minutes of expiration

Application Logs:

  • Log entries are retained for 90 days from the date they are created
  • Logs older than 90 days are automatically deleted
  • This includes login records, data modification logs, and error logs

Backup & Recovery:

  • We maintain automatic backups of your data for system recovery purposes
  • Backups are retained for up to 30 days
  • Deleted data is removed from all backups after 30 days

4.2 How to Request Data Deletion

Delete Your Data:

You can delete your Pulse data in the following ways:

  1. Delete Individual Records:
    • Use the Pulse interface to delete specific jobs, invoices, expenses, etc.
    • Deletions are immediately reflected in your account
  2. Request Deletion:
    • Email us at data@pulsedashboard.co.uk
    • Include your email address associated with your Pulse account
    • We will delete all your data within 7 days
    • You will receive confirmation when deletion is complete

Permanent Deletion Timeline:

  • Individual records: Deleted immediately when you remove them
  • Account data: Deleted within 24 hours of account deletion
  • Sessions: Automatically deleted after 90 days of inactivity
  • Logs: Automatically deleted after 90 days
  • Backups: Deleted after 30 days (no manual action needed)

4.3 What Happens After Deletion

Once your account is deleted:

  • All your data is permanently removed
  • You cannot recover your data (this is permanent)
  • You will no longer have access to Pulse
  • You can create a new account if you wish (it will be a fresh start)

5. Legal Basis for Processing

We process your personal information on the following legal bases:

  1. Performance of a Contract – To provide Pulse services you’ve requested
  2. Legitimate Interests – To improve our services, detect fraud, and ensure security
  3. Consent – You have consented to this Privacy Policy by using Pulse
  4. Legal Obligation – To comply with applicable laws and regulations

6. Data Security

6.1 Security Measures

Pulse implements the following security measures:

  • Email Verification: We use email verification codes for secure user authentication
  • Session Management: Secure session tokens are generated and expire after 90 days of inactivity
  • Secure Communication: All data transmissions use HTTPS/TLS encryption
  • Google Sheets Security: Data is stored in Google Sheets with Google’s built-in encryption
  • Access Controls: Only authorized backend systems can access the Google Sheets
  • Audit Logging: All data access and modifications are logged for audit purposes
  • Regular Security Reviews: We regularly review security practices and Google’s security features
  • Code Review: Application code is reviewed for security vulnerabilities

6.2 Data Storage Location

Pulse data is stored in Google Sheets spreadsheets hosted in our (Thrive Organisational Consulting Ltd) Google account. We maintain industry-standard security practices including:

  • Secure Google account with restricted access
  • Two-factor authentication on the account
  • Regular security reviews
  • Restricted access to the backend spreadsheets
  • Google’s built-in encryption for data at rest and in transit

6.3 Infrastructure

Pulse relies on the following Google services:

  • Google Sheets – For data storage
  • Google Apps Script – For web application backend and processing
  • Google Authentication – For email verification codes and session management

We do not use other third-party services to store or process your data. All your data remains within Google’s infrastructure in our secured Google account.

7. Data Sharing and Disclosure

7.1 We Do NOT Share Your Data

Pulse does not:

  • Sell or rent your personal information
  • Share your data with third parties for their own purposes
  • Use your data for marketing or advertising purposes
  • Combine your data with other users’ data
  • Share data with analytics services that track individual users
  • Use your data to build machine learning models

7.2 When We May Disclose Your Data

We may disclose your information only in the following circumstances:

  1. Legal Requirements: When required by law, court order, or government authority
    • We will notify you of such requests when legally permitted
    • We will only disclose the minimum necessary information
  2. Protection of Rights: To protect the security, safety, and rights of Pulse, our users, or the public
    • Protecting against fraud or abuse
    • Enforcing our Terms of Service
    • Responding to security threats
  3. Business Transfers: If Pulse is acquired, merged, or assets are sold
    • Your data may be transferred as part of the business assets
    • You will be notified of any such change
    • You will have the option to delete your data

7.3 Data Processing

All data processing occurs:

  • In Google Sheets spreadsheets within our Google account
  • Using Google Apps Script for processing and backend logic
  • With secure authentication and authorization controls
  • With comprehensive audit logging of all access

8. Data Storage Location and Transfer

Pulse stores your data in Google Sheets within our Google account. Google maintains data centers in multiple countries. When you access Pulse, your data may be processed through Google’s infrastructure which may involve data transfers across regions. Google implements appropriate safeguards including Standard Contractual Clauses and other mechanisms to protect international data transfers in compliance with applicable law.

9. Your Rights

Depending on your location, you may have the following rights:

9.1 General Rights (All Users)

  • Right to Access: Request access to your personal information. We provide this through your Pulse account dashboard.
  • Right to Correction: Update or correct inaccurate information through your account settings
  • Right to Deletion: Request deletion of your data (see Section 4.2 for instructions)
  • Right to Account Export: Export your data in a standard format (available in Account Settings)
  • Right to Revoke Consent: Withdraw consent at any time by deleting your account

9.2 GDPR Rights (EU/EEA Residents)

If you are in the European Union or European Economic Area, you have the following additional rights:

  • Right to Data Portability: Receive your data in a structured, commonly used format
  • Right to Restrict Processing: Request restrictions on how we process your data
  • Right to Object: Object to certain types of processing
  • Right to Lodge a Complaint: File a complaint with your local data protection authority

9.3 CCPA Rights (California Residents)

If you are a California resident, you have the following rights under the California Consumer Privacy Act:

  • Right to Know: Request what personal information we collect, use, or disclose
  • Right to Delete: Request deletion of your personal information
  • Right to Correct: Request correction of inaccurate information
  • Right to Opt-Out: Opt out of the sale or sharing of your personal information (we do not sell or share your data)
  • Right to Non-Discrimination: You will not be discriminated against for exercising your rights

9.4 Exercising Your Rights

To exercise any of these rights, contact us at data@pulsedashboard.co.uk with:

  • Your email address associated with Pulse
  • A clear description of your request
  • Proof of identity (for sensitive requests)

We will respond within 30 days (or as required by applicable law).

10. Children’s Privacy

Pulse is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If we learn that we have collected information from a child under 13 without parental consent, we will delete that information immediately.

If you are a parent or guardian and believe we have collected information from your child, please contact us at .

11. Third-Party Links and Services

Pulse may contain links to third-party websites and services. This Privacy Policy does not apply to third-party websites or services, and we are not responsible for their privacy practices. Please review their privacy policies before providing any personal information.

12. Data Retention Summary Table

Data TypeRetention PeriodAuto-DeletionDeletion Method
Application Data (jobs, invoices, etc.)Until you delete accountYes (30 days after deletion)Manual deletion or account deletion
Session Records90 days of inactivityYesAutomatic after 90 days
Verification Codes10 minutes or until usedYesAutomatic after expiration or use
Application Logs90 daysYesAutomatic after 90 days
Login/Logout Events90 daysYesAutomatic after 90 days
Backups30 daysYesAutomatic after 30 days

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by:

  • Posting the updated policy on our website
  • Updating the “Last Updated” date at the top of this document
  • Sending you an email notification (for material changes)

Your continued use of Pulse after any changes constitutes your acceptance of the updated Privacy Policy.

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

Email: data@pulsedashboard.co.uk
Mailing Address:
Thrive Organisational Consulting Ltd
7a Waterside Business Park, Chesham, HP5 1PE, United KIngdom
Data Protection Officer: Paul Muggeridge-Breene, CEO
Response Time: We will respond to your inquiry within 30 days.

15. Google API Scope and Usage

15.1 Email Verification Authentication

Pulse uses email verification codes for user authentication. This means:

  • You log in using an email address and verification code
  • No Google account login is required
  • We do not store passwords
  • Session tokens are securely generated and managed

15.2 Google API Scope Usage

Pulse requests the following Google API scope:

  • https://www.googleapis.com/auth/spreadsheets

Why We Need This Scope:

Pulse requires the spreadsheets scope to:

  • Access and manage the Google Sheets spreadsheets where your data is stored
  • Read and write job, invoice, and expense data
  • Manage sessions and audit logs within the backend sheets
  • Maintain data integrity and perform automated operations

This scope allows Pulse to function as designed – storing and managing your data in Google Sheets.

15.3 Google Sheets Data Storage

Your data in Pulse is stored directly in Google Sheets spreadsheets within our Google account. The spreadsheets scope is necessary for this core functionality:

  • Your job and invoice data is stored in our Google Sheets
  • Our backend system (via Google Apps Script) reads and writes to these sheets
  • You access this data through the Pulse web interface
  • The data is backed up within Google’s infrastructure

15.4 You Cannot Revoke Just Pulse’s Access

Unlike typical OAuth applications where you might revoke access to your personal Google account, Pulse is different:

  • Your data is stored in our Google account (not your personal account)
  • Revoking access would require account deletion (see Section 4.2)
  • You cannot selectively revoke Pulse’s access to a Google Sheet you own, because you don’t own the sheets – we do

To stop using Pulse and delete your data, delete your Pulse account through the application settings.

15.5 Google Data Use Restrictions

As required by Google’s API Services User Data Policy, we confirm that Pulse:

✓ Uses the spreadsheets scope only to store and manage user application data
✓ Does not use Google API access for advertising, marketing, or analytics purposes
✓ Does not share user data with third parties beyond what is necessary for data storage
✓ Does not combine user data with other data sources outside of Pulse operations
✓ Limits API access to the minimum necessary for the application to function
✓ Stores all user data securely within encrypted Google Sheets
✓ Implements appropriate access controls and audit logging

16. Glossary

Personal Information: Any information that can be used to identify you, including your email address, session data, and account information.

Application Data: Information you enter into Pulse, including job data, invoices, expenses, and financial information.

Processing: Any operation performed on your data, including collection, storage, use, modification, or deletion.

Session: Your active connection to Pulse from login to logout.

Log: A record of events within Pulse, including logins, data modifications, and errors.

Google Sheets: Cloud-based spreadsheet application used by Pulse to store all user data.

Google Apps Script: Backend programming environment used to build and run the Pulse application.

17. Acknowledgment

By using Pulse, you acknowledge that you have read this Privacy Policy and agree to its terms. If you do not agree with our privacy practices, please do not use Pulse.