Privacy Policy

Effective date: May 8, 2026 · Last updated: May 26, 2026

This Privacy Policy explains how iBuildPro ("we," "us," "our") collects, uses, shares, and protects information when you use the iBuildPro mobile and web applications (the "Service"). iBuildPro is an operating platform for residential and light-commercial contractors. By using the Service you agree to this Policy.

1. Scope and roles

iBuildPro is offered as multi-tenant software as a service. Each contractor company that signs up is a tenant ("Customer"). Most personal information processed through the Service is supplied by Customers about their own contacts, employees, vendors, and projects. In that capacity, the Customer acts as data controller and iBuildPro acts as data processor, processing information on the Customer's behalf and in accordance with their agreement with us.

For information we collect directly from Customer admins and end users (account credentials, billing, support requests, telemetry of how the Service is used), iBuildPro acts as data controller.

2. Information we collect

Information you provide

• Account information — name, email, phone, role, company affiliation, password (hashed).
• Customer-supplied data — contacts, projects, opportunities, estimates, contracts, invoices, payments, bills, photos, documents, schedule items, chat messages, audit history, and other records the Customer enters or imports.
• Communication content — emails, SMS, WhatsApp messages, voice/video call metadata, chat threads, and uploaded files relating to the Customer's projects.
• Billing information — collected by our payments processor; we receive plan, status, and last-4 of card data, never the full card number.
• Support requests — content of any messages you send us.

Information collected automatically

• Device and browser information — operating system, app version, screen size, language, time zone, IP address.
• Usage telemetry — pages and features used, session duration, idle/active intervals, click events, error logs.
• Cookies and similar technologies — used for authentication and session continuity. We do not use third-party advertising cookies.
• Push notification tokens — issued by Apple or Google when the user enables push.

3. How we use information

• To provide, operate, and maintain the Service.
• To authenticate users and protect accounts from unauthorized access.
• To deliver email, SMS, WhatsApp, and push notifications that the Customer or end user has configured.
• To process payments and subscriptions.
• To respond to support requests and notify users of service changes, security incidents, and policy updates.
• To monitor performance, debug errors, and improve the Service.
• To enforce our Terms of Service and comply with legal obligations.

4. When we share information

We do not sell personal information. We share information only as follows:

• Within a Customer's tenant — users in the same Customer company can see records the Customer has authorized for that role.
• With Customers' end users — through the Customer Portal and Salesperson Portal, which are accessed via token-authenticated magic links the Customer issues.
• With our service providers — listed in section 5, who process data on our behalf under contract.
• For legal reasons — to comply with law, lawful legal process, or to protect rights, property, or safety.
• With successors — if we are involved in a merger, acquisition, financing, or sale of assets, information may transfer with the business.

5. Third-party processors

We use the following processors to deliver the Service. Each has its own privacy practices governing the data it handles for us:

• Supabase, Inc. — managed PostgreSQL database, authentication, file storage, real-time, and edge functions.
• Netlify, Inc. — web hosting and content delivery for the web application.
• Resend — transactional email delivery (account, portal, and notification email).
• Twilio Inc. — SMS messaging and voice telephony.
• Green API — WhatsApp messaging integration on the Customer's behalf.
• OneSignal, Inc. — mobile push notifications via APNs (Apple) and FCM (Google).
• Google LLC — Firebase Cloud Messaging (push), optional Google Calendar two-way sync.
• Apple, Inc. — Apple Push Notification service, Sign in with Apple.
• Anthropic, PBC — Claude large language models for AI features (estimate generation, AI assistant, AI column mapping).
• OpenAI, Google AI — additional AI providers for specific features.
• 100ms — audio and video calling.
• PhoneBurner — outbound dialing for telephony-enabled Customers.
• Stripe, Inc. — payment processing for subscription billing and (where enabled) customer payments.
• QuickBooks (Intuit Inc.) — optional accounting sync, when the Customer connects.
• HighLevel, LLC ("GoHighLevel") — optional CRM sync, when the Customer connects.
• Sentry, Datadog, or similar — error monitoring and performance observability.

6. Mobile-specific permissions and data

When you install the iBuildPro mobile app, it may request the following operating-system permissions. Each is used only for the purpose described:

• Camera — to capture project photos and document scans.
• Photo library — to attach existing photos to projects, contacts, and documents.
• Microphone — to record audio notes and during voice/video calls.
• Location (when in use and always) — to detect when a salesperson arrives at or approaches a scheduled appointment. When the user grants "Always" permission, the app monitors a small geographic region around each appointment address during a 60-minute window before the appointment time; monitoring stops 30 minutes after the appointment. Background location is used exclusively for appointment-arrival detection and is never collected continuously or outside appointment windows.
• Push notifications — to deliver appointment reminders, message alerts, and project updates.
• Contacts — only when the user explicitly imports contacts; we do not silently read the address book.
• Files / storage — to upload contracts, invoices, and other documents.

Background location — appointment arrival detection

When a salesperson installs iBuildPro and grants "Always Allow" location permission, the app registers a geofence region around each of the salesperson's upcoming appointment addresses. Regions are registered no earlier than 60 minutes before the scheduled appointment time and are automatically deregistered 30 minutes after the appointment. The app does not record or transmit GPS coordinates on a continuous basis. The only data transmitted is a structured event (appointment ID, event type of "approach" or "arrival," and the salesperson's approximate coordinates at the moment of crossing the boundary) sent to iBuildPro's backend at the time the boundary is crossed. This event is used solely to send a notification to the salesperson's company dispatcher and/or admin as configured by the company administrator. Salespersons may opt out of geofence monitoring at any time from the app's Settings → Privacy screen; this immediately stops all background location activity for that device.

Location data collected through this feature:

• Is shared only with the salesperson's own company within iBuildPro (the Customer's tenant).
• Is stored in iBuildPro's database for 90 days to support the Geofence Report and audit trail, then purged.
• Is never sold, shared with advertisers, or used to build profiles outside the Customer's tenant.
• Is covered by the same Row-Level Security and tenant-isolation controls described in Section 10 (Security).

Each permission can be revoked at any time in iOS Settings or Android Settings.

7. SMS and WhatsApp messaging

iBuildPro supports outbound and inbound SMS through Twilio (under iBuildPro's A2P 10DLC brand) and WhatsApp through Green API. When a Customer sends a message to one of their contacts, that contact's phone number, message content, delivery status, and (for inbound) reply content are stored in the Customer's tenant.

SMS recipients can reply STOP to opt out at any time, which is enforced at the Twilio carrier level. Our consent and opt-out practices are described at /docs/sms-consent.html.

8. Artificial intelligence and machine learning

Several Service features use large language models from Anthropic (Claude), OpenAI, and Google. When you invoke an AI feature, the relevant content (the question or document you submit, plus a scoped subset of your data needed to answer) is sent to the model provider for processing.

• We do not use Customer data to train third-party models. Our agreements with model providers prohibit training on submitted content.
• AI calls are logged in ai_token_usage for billing and audit, with company, feature, model, token count, and cost.
• AI is role-aware: the AI Assistant only sees data the requesting user is authorized to see under tenant access rules.

9. Retention and deletion

Account data is retained for as long as the Customer subscription is active and for a reasonable period after termination to allow restoration. Financial records use a soft-delete pattern (deleted_at + deleted_by) to preserve audit history; deleted rows are filtered from all UI but remain queryable by an administrator. A Customer may request hard deletion of all their tenant data after subscription termination.

End users may request access, correction, or deletion of their personal information by writing to the contact in section 15.

10. Security

We use the following safeguards:

• Transport encryption (TLS) for all data in transit.
• Storage encryption at rest (provided by Supabase, Netlify, and other infrastructure partners).
• Row-Level Security (RLS) at the database tier, enforcing tenant isolation on every query.
• Role-based access controls within tenants (Super Admin, Admin, Manager, Project Manager, Finance Manager, Salesperson, Appointment Setter, Production Approver, Viewer).
• Soft-delete with audit trail on all financial records.
• Pagination-safe queries; least-privilege service accounts; secret rotation.

No service can guarantee absolute security. If you suspect a security incident affecting your account, please contact us immediately.

11. Your rights

Depending on where you live, you may have the following rights:

• Access — request a copy of personal information we hold about you.
• Correction — ask us to fix inaccuracies.
• Deletion — request that we delete your information.
• Portability — receive your information in a portable format.
• Objection or restriction — object to or limit certain processing.
• Withdrawal of consent — for processing that relies on consent.
• Complaint — lodge a complaint with your local data protection authority.

Customer end users (those whose data is in a Customer's tenant) should direct rights requests to the Customer that holds their data, since the Customer is the data controller. We will support Customers in responding.

12. Children

The Service is not intended for children under 16. We do not knowingly collect information from children under 16. If you become aware that a child has provided us information, please contact us so we can delete it.

13. International users

iBuildPro is operated from the United States. If you access the Service from outside the U.S., your information will be transferred to and processed in the U.S. By using the Service you consent to this transfer.

14. Changes to this Policy

We may update this Policy from time to time. When we make material changes we will post the revised version with an updated effective date and, where appropriate, notify Customers by email or in-app banner.

15. How to contact us

For privacy questions, requests, or complaints:

• Email: chanan@ibuildpro.ai
• Web: https://crm.ibuildpro.co