Privacy Policy

1. Information We Collect

We collect information necessary to provide and operate the Service:

Account Information

When an account is created for you, we collect your name, email address, and assigned role within the platform. If you request access, we also collect your phone number, company name, and any notes you provide.

Technician Profile Data

For technician accounts, administrators may enter additional information including home base address, geographic coordinates, phone number, skills, certifications, working hours, and maximum service radius. This data is used to match technicians with jobs based on location, availability, and qualifications.

Job and Scheduling Data

The Service stores job-related information including service addresses, job types, time windows, assigned technicians, and job status. Availability data such as schedule blocks and associated reasons may also be recorded.

Usage and Activity Data

We maintain audit logs that record actions performed within the platform, including login events, data modifications, and system operations. This data is used for security monitoring, compliance, and troubleshooting.

Communications Data

If SMS or messaging features are enabled, we process phone numbers, message content, delivery status, and responses in order to facilitate job dispatch notifications and technician confirmations.

2. How We Use Your Information

We use the information we collect for the following purposes:

• To provide and operate the Service, including scheduling, technician matching, and dispatch coordination
• To calculate distances, travel times, and service coverage areas using geocoding
• To send job-related notifications and dispatch communications
• To maintain audit trails for security, accountability, and compliance
• To provide customer support and respond to inquiries
• To monitor, maintain, and improve the performance and reliability of the Service

3. Third-Party Service Providers

We use trusted third-party service providers to operate the Service. These providers process data only as necessary to perform their functions and are bound by their own privacy and security obligations:

• Supabase, Inc. — Database hosting and user authentication. Data is stored in secure, encrypted cloud infrastructure in the United States.
• Google LLC — Mapping, geocoding, and address autocomplete services. Address data is processed by Google to provide location-based features.
• Vercel Inc.— Application hosting and content delivery. The Service is hosted on Vercel's infrastructure in the United States.
• Twilio Inc. — SMS and messaging services for job dispatch notifications and technician communications (when enabled).

We do not sell, rent, or trade your personal information to third parties. Our service providers are used solely to operate and deliver the Service.

4. Data Retention

We retain your data for as long as your organization maintains an active subscription to the Service. Specific retention periods include:

• Account and profile data: Retained for the duration of the subscription.
• Job and scheduling data: Retained for the duration of the subscription and available for historical reporting.
• Audit logs: Retained for up to two (2) years for compliance and security purposes.
• SMS and messaging logs: Retained for up to one (1) year for compliance and operational review.

Upon termination of your subscription, your data will be available for export for thirty (30) days. After this period, data will be permanently deleted within ninety (90) days unless a longer retention period is required by law.

5. Data Security

We implement industry-standard security measures to protect your data:

• All data is encrypted in transit using TLS/HTTPS
• Database access is controlled by row-level security policies that restrict data visibility based on user roles
• Authentication is managed through secure token-based sessions
• Role-based access controls ensure users can only access data relevant to their role
• No public-facing data endpoints exist — all data access requires authentication

While we take reasonable measures to protect your information, no method of electronic transmission or storage is completely secure. We cannot guarantee absolute security but are committed to promptly addressing any security incidents.

6. Your Rights

You have the following rights regarding your personal information:

• Access: You may request a copy of the personal information we hold about you.
• Correction: You may update or correct inaccurate information through the platform or by contacting us directly.
• Deletion: You may request deletion of your account and associated personal data, subject to any legal retention requirements.

To exercise any of these rights, please contact your organization's administrator or reach out to us directly at the contact information below.

7. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify users of material changes by posting the updated policy with a revised “Last updated” date. Continued use of the Service after changes are posted constitutes acceptance of the updated policy.