PAINTLOGIC PRIVACY POLICY
Version: 1.0
Effective Date: [INSERT DATE]
Last Updated: [INSERT DATE]
Plain English Summary
This Privacy Policy explains what information we collect, how we use it, who we share it with (including AI services that help power our features), and what rights you have. We collect data to provide our service and don't sell your personal information.
1. Introduction
PaintLogic ("we," "us," "our") provides software services to painting contractors for project management, receipt tracking, and property records. This Privacy Policy describes how we collect, use, and share information when you use our website, applications, and services (collectively, "Service").
This policy applies to:
- Contractors who create accounts and use the Service
- Subcontractors who access the subcontractor portal
- Customers who interact with shared schedules or approve change orders
- Website visitors who browse our site
2. Information We Collect
2.1 Information You Provide
| Category | Examples | Purpose |
|---|---|---|
| Account Information | Name, email, password, company name | Account creation, authentication |
| Contact Information | Phone, business address | Communication, address validation |
| Project Information | Customer names, property addresses, project details | Service functionality |
| Financial Information | Receipt images, invoice amounts, payment data | Receipt parsing, budget tracking |
| Subcontractor Information | Contact details, compliance documents, tax IDs | Subcontractor management |
| Communication Content | Support messages, feedback | Customer support |
2.2 Information Collected Automatically
| Category | Examples | Purpose |
|---|---|---|
| Usage Data | Pages visited, features used, click patterns | Service improvement |
| Device Information | Browser type, operating system, device identifiers | Compatibility, security |
| Log Data | IP address, access times, error logs | Security, troubleshooting |
| Cookies | Session cookies, preference cookies | Authentication, personalization |
2.3 Information from Third Parties
| Source | Data Received | Purpose |
|---|---|---|
| OAuth Providers (Google, Microsoft) | Email address, profile name | Account authentication |
| Email Integration | Emails matching paint supplier patterns | Automated receipt import |
| USPS | Validated address data | Address standardization |
2.4 Property and Receipt Data — Special Note
PaintLogic is designed to create permanent property improvement records. This means we collect and retain:
- Property addresses and details
- Detailed receipt information (vendors, products, colors, quantities, prices)
- Project documentation and paint schedules
This data is retained long-term by design to provide the "Carfax for homes" value proposition. See Section 6 for retention details.
3. How We Use Your Information
We use collected information to:
3.1 Provide and Operate the Service
- Process and parse receipts using AI
- Match receipts to projects
- Generate paint schedules and reports
- Facilitate subcontractor management
- Enable change order workflows
3.2 Communicate with You
- Send service-related notifications
- Respond to support requests
- Provide account updates
- Send marketing communications (with consent; you may opt out)
3.3 Improve the Service
- Analyze usage patterns
- Identify and fix bugs
- Develop new features
- Train and improve our AI models using aggregated, anonymized data only
3.4 Ensure Security
- Detect and prevent fraud
- Enforce our Terms of Service
- Protect against unauthorized access
3.5 Legal Compliance
- Comply with applicable laws
- Respond to legal process
- Protect our rights
4. How We Share Your Information
4.1 Service Providers
We share information with companies that help us operate:
| Provider | Purpose | Data Shared |
|---|---|---|
| Anthropic (Claude API) | AI-powered receipt parsing, matching, OCR | Receipt text/images, project descriptions |
| Supabase | Database hosting, authentication | All account and project data |
| Railway | Application hosting | Application logs |
| Google/Microsoft | OAuth authentication, email integration | Email address, authorized emails |
| USPS | Address validation | Property addresses |
4.2 At Your Direction
- Shared Schedules: When you create a shareable link, anyone with the link can view that schedule
- Change Orders: Customer recipients can view change order details
- Subcontractor Portal: Assigned subcontractors can view job information
4.3 Business Transfers
If PaintLogic is acquired or merged, your information may transfer to the new owner. We will notify you before your information becomes subject to a different privacy policy.
4.4 Legal Requirements
We may disclose information if required by law, subpoena, court order, or government request, or to protect our rights, safety, or property.
4.5 Aggregated Data
We may share aggregated, anonymized data that cannot identify you (e.g., "average project costs in the Chicago area").
4.6 We Do Not Sell Personal Information
PaintLogic does not sell your personal information to third parties for their marketing purposes.
5. Third-Party AI Processing
⚠️ THIS SECTION DESCRIBES HOW YOUR DATA IS PROCESSED BY AI SERVICES
5.1 What We Send to Anthropic
When you use AI-powered features, we send data to Anthropic's Claude API:
- Receipt images and text for parsing
- Project descriptions for matching
- Work descriptions for surface detection
- Photo uploads for OCR
5.2 How Anthropic Handles Your Data
Based on our review of Anthropic's terms (as of January 2026):
- API data is not used to train Claude models by default
- Data is processed to provide the service and retained according to Anthropic's policies
- Anthropic maintains SOC 2 Type II certification
5.3 Our Safeguards
- We send only data necessary for the specific feature
- We do not send passwords, payment card numbers, or Social Security numbers to AI processors
- We maintain independent copies of your data
5.4 Changes
AI provider practices may change. We review our data processing practices quarterly and update this policy for material changes.
6. Data Retention
6.1 Active Accounts
We retain your data while your account is active and for a reasonable period afterward.
6.2 Property Records
Project and property data may be retained indefinitely to support the "permanent property record" feature. This is a core service feature, not indefinite surveillance.
6.3 Deleted Data
When you delete specific items (receipts, projects), they are removed from active databases. Backups may retain data for up to 90 days.
6.4 Account Termination
After you terminate your account:
- You may request data export within 30 days
- Data is deleted within 90 days after export period, except as required by law
- Anonymized analytics data may be retained indefinitely
7. Your Rights and Choices
7.1 All Users
You have the right to:
- Access: View and download your data
- Correction: Update inaccurate information
- Deletion: Request deletion of your account and data
- Portability: Export your data in common formats (CSV)
- Objection: Object to certain processing activities
7.2 Email Communications
- Transactional emails (receipts, security alerts) cannot be opted out
- Marketing emails include an unsubscribe link
- Configure email notification preferences in Settings
7.3 Email Integration
You may disconnect Gmail or Outlook integration at any time in Settings. This stops future email scanning but does not delete already-imported receipts.
7.4 Cookies
Most browsers allow you to refuse cookies. Disabling cookies may limit Service functionality.
7.5 Exercising Your Rights
Contact us at privacy@paint-logic.com. We will respond within 30 days (or as required by applicable law).
8. California Privacy Rights (CCPA/CPRA)
If you are a California resident, you have additional rights:
8.1 Right to Know
You may request details about the personal information we've collected, used, and disclosed in the past 12 months.
8.2 Right to Delete
You may request deletion of your personal information, subject to certain exceptions.
8.3 Right to Correct
You may request correction of inaccurate personal information.
8.4 Right to Opt Out of Sale/Sharing
We do not sell personal information or share it for cross-context behavioral advertising.
8.5 Non-Discrimination
We will not discriminate against you for exercising your privacy rights.
8.6 Categories of Information
In the past 12 months, we have collected these categories of personal information:
| Category | Examples |
|---|---|
| Identifiers | Name, email, IP address |
| Commercial Information | Purchase records, receipts |
| Internet Activity | Usage logs, browsing history |
| Professional Information | Contractor license, business name |
| Geolocation | Property addresses |
8.7 How to Submit Requests
Email: privacy@paint-logic.com
We will verify your identity before responding.
9. Security
9.1 Measures We Take
- Encryption in transit (TLS/HTTPS)
- Encryption at rest for sensitive data
- Access controls and authentication
- Regular security reviews
- SOC 2 compliant infrastructure (Supabase)
9.2 Your Role
- Use a strong, unique password
- Enable two-factor authentication when available
- Keep your device and browser updated
- Report suspected security issues to security@paint-logic.com
9.3 Breach Notification
If we discover a data breach affecting your personal information, we will notify you as required by applicable law.
10. Children's Privacy
PaintLogic is not intended for use by anyone under 18. We do not knowingly collect information from children. If you believe we have collected information from a child, contact us immediately.
11. International Users
PaintLogic is operated from the United States. If you access the Service from outside the US, your information will be transferred to and processed in the US, which may have different data protection laws than your jurisdiction.
12. Changes to This Policy
We may update this Privacy Policy periodically. Material changes will be communicated via email or in-app notice. The "Last Updated" date at the top indicates the latest revision.
13. Contact Us
Questions or Requests:
privacy@paint-logic.com
Mailing Address:
PaintLogic
[Physical Address]
[City, State ZIP]
Data Protection Inquiries:
privacy@paint-logic.com
Last reviewed: [DATE]
Attorney Review Status: 🟡 YELLOW — Recommend attorney review for CCPA compliance