Privacy policy
Last updated: April 21, 2026
This Privacy policy covers the Littleton's Scheduler web app at littletons.renewwork.now. The scheduler is a private pilot tool built by Renew Work for Littleton's Market in Columbus, OH. It is not a public service.
For the Chrome extension surface of the same product, see the separate CWS-scoped policy at /privacy/littletons-scheduler — it's what the Chrome Web Store listing links to.
Who we are
Renew Work (Nate Lusher, natelusher@renewwork.co) builds and operates the scheduler. Littleton's Market (Alan + Rob Littleton) is the client and the data controller for the operational data the scheduler processes.
What data we collect
The scheduler processes three kinds of data:
- Your email address. We use it to send you a one-time sign-in link
and to recognize you on subsequent visits. The scheduler only works for emails on a short allow-list (currently Camber + Nate).
- Operational data from Toast POS. Historical sales and labor
data for the Littleton's restaurant — shift counts, hours, revenue by day-part. No customer-level data. This flows from Toast's API into our Railway-hosted Postgres database and is the input the Claude agent uses to predict next week's staffing needs.
- Your scheduling corrections. When the manager overrides a
suggested staffing number, we log {suggested, corrected, optional note, timestamp} so the system can learn. No personal notes beyond what the manager chooses to enter.
We do not collect: browsing history, keystrokes, cursor movements, passwords, payment information, or any customer-level data from Toast.
Cookies
The web app sets two cookies:
session_jwt(httpOnly,Secure,SameSite=Lax) — the
signed JWT that proves you're signed in. Lives 30 days, then you sign in again. JavaScript cannot read this cookie; browsers attach it automatically to requests to our backend.
session_email(nothttpOnly) — a companion cookie that holds
your email address so the header bar can render "Signed in as …" without an extra round-trip. No privilege — just a UI hint.
Both cookies are scoped to the web app's host (littletons.renewwork.now) and deleted on sign-out.
Where the data lives
- Email + cookies: our backend at
littletons-scheduler.up.railway.app (Railway; Postgres via Supabase).
- Toast operational data: the same Postgres database, encrypted at
rest.
- Logs + observability: Axiom (logs), Sentry (extension errors),
Healthchecks.io (cron heartbeats). Log records may include your email address as a diagnostic tag; the PII-redaction filter in our log pipeline (app.observability.logger) replaces raw email addresses with an opaque tag (<email:abc123>) before they leave the backend process.
The Chrome extension stores its session JWT in chrome.storage.local, scoped to the extension install. Uninstalling the extension wipes that storage.
Who has access
Inside Renew Work: Nate (sole developer / operator). Inside Littleton's: Alan, Rob, and any manager whose email we add to the allow-list. We do not sell, share, or disclose data to third parties. Vendor access is limited to the infrastructure providers listed above (Railway, Supabase, Anthropic for the Claude agent, Resend for email delivery, Axiom / Sentry / Healthchecks for observability).
Data retention + deletion
- Toast operational data: retained for the life of the pilot.
Deleted within 30 days after the pilot ends or on Littleton's written request.
- Corrections log: same retention as the operational data.
- Logs: Axiom retention is 30 days (free-tier default); Sentry is
90 days.
To delete your account data, email Nate at natelusher@renewwork.co. For Littleton's operational data, contact either Alan or Rob.
Your rights
You can:
- Request a copy of the data we hold on you.
- Request correction or deletion of your data.
- Withdraw your email from the allow-list at any time — email Nate.
Withdrawing from the allow-list makes the app unusable for you; it does not delete the operational data, which is Littleton's business record.
Changes
Material changes to this policy are communicated to the allow-listed users by email before taking effect. The "last updated" date at the top tracks the most recent revision.
Contact
Renew Work — Nate Lusher — natelusher@renewwork.co.