Privacy Policy for Field Boss Pro

Effective Date: May 2, 2026

1. Who We Are

Field Boss Pro ("Field Boss Pro," "we," "us," or "our") is a field-service management platform operated by Fleming USA. This Privacy Policy explains what information we collect through our mobile application and web platform (collectively, the "Service"), how we use and share it, and the choices you have.

Field Boss Pro is intended for business use by service contractors and their staff. The Service is not directed to children under 13, and we do not knowingly collect personal information from children under 13.

2. Information We Collect

From you and your team (account holders and technicians):

• Account information: name, email address, phone number, role.
• Business information: company name, address, service area ZIP codes, tax info needed to issue invoices.
• Authentication tokens managed by Supabase (we do not store passwords in plaintext).
• Device and app usage information: device type, OS version, app version, crash logs, and approximate session timestamps.
• Precise device location (only when you have a job assigned and you have granted location permission to the mobile app). Used to display technician position to dispatchers and to estimate arrival times.
• Photos and attachments you choose to upload from the camera or photo library to a work order.
• Push-notification tokens (so we can send you appointment and message alerts on your device).

About your customers (entered by you, the contractor):

• Customer name, service address, phone number(s), email.
• Work-order details, including appliance type, diagnosis, parts, and appointment scheduling information.
• Inbound and outbound SMS / MMS conversation history with your customers conducted through the Service.
• Voice-call metadata (call duration, status) for calls placed or received through our integrated voice features.
• Payment information processed through Stripe. We never see or store your customers' full card numbers — Stripe handles card data and we receive only tokenized identifiers and transaction status.

3. How We Use Information

• Provide and operate the Service (job dispatch, scheduling, invoicing).
• Send appointment confirmations, reminders, and outreach SMS / voice calls to your customers on your behalf.
• Process payments through Stripe Connect.
• Sync work orders and statuses with the warranty programs you connect (e.g., First American Home Warranty, American Home Shield).
• Improve and secure the Service: prevent abuse, debug errors, monitor usage.
• Comply with legal obligations and respond to lawful requests.

4. Service Providers (Subprocessors)

We do not sell your data and we do not allow our subprocessors to use it for advertising. We share data with the following providers solely to operate the Service:

• Supabase — primary database and authentication (United States).
• Vercel — application hosting and serverless functions (United States).
• Twilio — SMS, MMS, and voice telephony.
• Vapi — voice AI assistant for inbound and outbound customer calls.
• Anthropic — AI processing of inbound SMS messages to suggest replies and book appointments. Customer message content is sent to Anthropic for processing under their no-training data policy for API usage.
• Stripe — payment processing, including Tap to Pay on iPhone where supported.
• Resend — transactional email delivery.
• Google — geocoding addresses for routing and map display.
• First American Home Warranty (FAHW) and American Home Shield (AHS) — when you connect a warranty integration, we exchange work-order data with that warranty company on your behalf.
• Marcone Parts Supply and Reliable Parts — when you place parts orders through the Service, we exchange order data with the supplier.

We may also share information when required by law, in connection with a corporate transaction (e.g., merger or acquisition), or to enforce our terms or protect our rights.

5. Data Retention

We retain account, work-order, and customer data for as long as your account is active and as needed to provide the Service. After you delete your account, we delete or de-identify your data within 30 days, except where we are required to retain it longer for legal, tax, or fraud-prevention reasons (typically up to 7 years for invoice and payment records).

SMS and call conversation history is retained for as long as the related work order exists, plus the legal-retention window above.

6. Your Choices and Rights

• Access and update: You can view and edit your account and customer data inside the Service at any time.
• Account deletion: To permanently delete your account and the data associated with it, email darryl@flemingusa.com with the subject line "Delete my account." We will confirm and process within 30 days.
• Push notifications: You can disable push notifications in your device settings.
• Location: You can revoke location permission in your device settings; the dispatch map and en-route features will not work without it.
• SMS opt-out: Customers receiving SMS from your Service number can reply STOP at any time and we will block further messages to that number.
• California residents (CCPA / CPRA): You may request to know, delete, or correct the personal information we have about you, and to opt out of any "sale" or "sharing" of personal information (we do not sell personal information). Contact us at the email below.
• EU / UK residents (GDPR / UK GDPR): You have rights of access, rectification, erasure, restriction, portability, and objection. Contact us at the email below.

7. Permissions Used by the Mobile App

• Camera and Photo Library — to attach photos to work orders.
• Location (when in use) — to display technician location on the dispatcher map and to estimate arrival times.
• Notifications — to alert you about new appointments, customer replies, and job status changes.
• Near-field communication (NFC) — when supported, to accept contactless payments via Tap to Pay on iPhone (Stripe Terminal). Card data is processed by Stripe and never stored by us.

8. Data Security

We use industry-standard practices to protect your data, including TLS in transit, encryption at rest in Supabase, AES-256-GCM encryption for stored third-party API credentials, row-level security scoped to each tenant, and least-privilege service accounts. No method of transmission or storage is 100% secure.

9. International Data Transfers

Our Service is hosted in the United States. If you access the Service from outside the U.S., your information will be transferred to and processed in the U.S.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Effective Date" at the top and, for material changes, notify you by email or in-app notice.

11. Contact Us

Fleming USA
darryl@flemingusa.com
fieldbosspro.com

Field Boss Pro is a product of Fleming USA.