Workspace isolation
Every tenant-owned table in Phloz carries a workspace_id column with Postgres row-level security policies enforcing workspace_id = auth.jwt()→'workspace_id' on every read + write. We can't see your data cross-tenant; neither can anyone else on Phloz.
The same RLS function (phloz_is_assigned_to) enforces per-client access for member + viewer roles when the workspace policy is "Restricted by assignment".
Exporting your data
Clients + tasks export as CSV from each list's Export button. Full workspace export (messages, tracking map JSON, files index) is on the roadmap; reach out via support if you need it sooner.
Deleting your workspace
Owner only. Settings → Workspace → Delete workspace. Cascade-deletes every client, task, message, and tracking node within. The Stripe subscription cancels immediately. There's no recovery — export first if you need a copy.
What we collect
Marketing analytics (GTM + GA4) on the public site only — standard pageviews + UTM. No tracking on app.phloz.combeyond the product analytics you'd expect (PostHog session activity, error reports via Sentry). Both can be opted out via standard browser controls.
We never collect data from your tracking map nodes, your clients, or any of the metadata you put into the platform. That data is yours; we just store it on your behalf.