Privacy Policy

1. Introduction

BizRocket (“we,” “us,” or “our”) provides a field service management platform for home service businesses, including a web application for office and dispatch use and mobile applications for technicians and field workers (collectively, the “Service”).

This Privacy Policy applies to:

• Our marketing website at bizrocketapp.com;
• Our web application at app.bizrocketapp.com; and
• Our BizRocket mobile apps for iOS (bundle ID: com.sesjr94.BizRocket) and Android (package: com.sesjr94.bizrocket).

Privacy and legal inquiries: shawn@bizrocketapp.com.

By using the Service, you acknowledge that you have read this Privacy Policy. If you do not agree, please do not use the Service.

2. Who this applies to

This policy applies to:

• Business users — company administrators, dispatchers, managers, and technicians who access BizRocket through an account provisioned by their employer or service company;
• Prospective customers — individuals who visit our website or request a trial; and
• End customers of our business customers — homeowners and other individuals whose contact details, service addresses, job information, and related data are entered into BizRocket by the service company that serves them.

BizRocket is a business-to-business (B2B) platform. Individual technicians typically do not sign up independently; their employer creates and manages access.

3. Roles and responsibilities

For most job, customer, and employee data stored in a company’s BizRocket account, the service company (your employer or contractor) decides what data to collect and for what purposes. BizRocket processes that data on the company’s instructions to provide the Service.

For personal information your company stores about its customers, employees, and jobs, your company is generally the data controller (or “business” under U.S. state privacy laws), and BizRocket acts as a service provider / processor, processing that information only on your company’s instructions to provide the Service. For account, billing, and platform operations data, BizRocket may act as a controller. Where required by law, we enter into data processing terms with business customers.

If you are an end customer of a home service company, please contact that company directly for questions about how they use your personal information. BizRocket will assist our business customers with technical and contractual obligations as described in our agreements with them.

4. Information we collect

We collect information in the categories below, depending on how you use the Service.

4.1 Account and identity data

• Name, email address, phone number, and role (e.g., technician, dispatcher, manager, administrator);
• Company or employer association (e.g., company identifier, company name);
• Profile photo (avatar) and optional home or office address on your user profile;
• Authentication credentials and session data managed through Supabase Auth (email and password sign-in; session tokens stored on your device for a limited time).

4.2 Customer and job data (provided by the business)

• Customer names, phone numbers, email addresses, and physical service addresses;
• Job details: titles, schedules, status (e.g., unscheduled, scheduled, en route, on site, completed), service type, notes, duration, and photos;
• Estimates and invoices (amounts, line items, payment status, and payment method recorded in the app—such as cash, check, credit card, or other);
• Equipment, inventory, checklists, and maintenance contract records where applicable.

Payments: Your company may record payment method and status in BizRocket (cash, check, credit card, or other). When enabled, Stripe processes customer invoice payments via payment links and checkout (Stripe Connect). Card data is handled by Stripe, not stored directly in BizRocket. Field teams may also record payments received offline without card processing.

4.3 Device permissions and mobile app data

When you use the BizRocket mobile app, we may access the following with your permission:

Our Apple App Privacy disclosures state that we do not use data for cross-app tracking (NSPrivacyTracking: false). Data types such as name, email, phone, physical address, user ID, coarse location, photos/videos, and other user content are collected for App Functionality, linked to your identity for operating the Service, and not used for advertising or tracking.

4.4 Offline and local storage

The mobile app uses a local database (WatermelonDB) for offline-first operation. A sync queue stores pending changes until you are back online. Authentication sessions are stored on your device with expiration and security controls appropriate to the platform.

4.5 AI chat content

If you use BizRocket AI chat (mobile or web), your messages are sent to a Supabase Edge Function (bizrocket-ai-chat on mobile; the web app may use gemini-chat or the same function), which processes them server-side using Google Gemini. API keys for AI services are not embedded in client apps.

4.6 Communications metadata and content

• Email — estimates, invoices, booking confirmations, and reminders sent through our backend or edge functions;
• SMS — primarily automated “on the way” / en route texts to end customers when your technician triggers that notification (via the send-sms edge function). Other job updates are usually sent by email. Message and data rates may apply to recipients. Your company is responsible for obtaining any required consent before messaging customers.

4.7 Usage, logs, and technical data

• Device type, operating system, app version, and general diagnostic or security logs;
• IP address, browser type, and similar technical data when you use the website or web app;
• Support inquiries and correspondence with us.

We do not use the mobile app to record audio: the camera plugin disables microphone access, and Android blocks RECORD_AUDIO in the app manifest.

5. How we use information

We use personal information to:

• Provide, operate, maintain, and improve the Service (scheduling, dispatch, invoicing, time clock, photos, notes, maps, offline sync, and related features);
• Authenticate users and secure accounts;
• Enable optional features such as live location sharing, AI chat, email and SMS communications, and third-party integrations requested by your company;
• Provide customer support and respond to inquiries;
• Monitor for fraud, abuse, and security incidents;
• Comply with law and enforce our terms; and
• Analyze aggregated or de-identified usage to improve reliability and product design.

6. Legal bases (EEA, UK, and similar regions)

BizRocket is primarily offered to businesses in the United States. If you access the Service from the European Economic Area, United Kingdom, or other regions with similar requirements, the legal bases below apply to you.

Where applicable privacy law requires a legal basis, we rely on:

• Contract — to provide the Service to you or your employer under our agreement;
• Legitimate interests — to secure, improve, and support the Service, in balance with your rights; and
• Consent — where required for optional features (e.g., certain device permissions, marketing communications, or SMS where consent is mandated).

7. Location data

Location data is collected only while the app is in use (when-in-use permission). The mobile app does not collect background location on iOS or Android.

Location supports maps, routing to job sites, and optional live technician location shared with managers or teammates in your company account when that preference is enabled (for example during clock-in or active field work).

You can limit location collection by:

• Adjusting location permissions for the BizRocket app in your device settings (iOS Settings or Android Settings);
• Disabling in-app preferences for live location sharing, where available; and
• Not using location-dependent features such as live tracking or navigation.

Some features may not function without location access when in use.

8. Sharing and disclosure

We do not sell your personal information. We may share information:

• Within your company account — with other authorized users at your employer (e.g., dispatchers viewing technician location or job details);
• With service providers — who process data on our behalf under contractual obligations (see Section 9);
• For legal reasons — if required by law, court order, or governmental request, or to protect rights, safety, and security; and
• Business transfers — in connection with a merger, acquisition, or sale of assets, subject to appropriate confidentiality protections.

9. Third-party service providers

We use the following categories of providers to operate the Service. They may process personal information only as needed to perform services for us:

• Supabase — authentication, database, file storage (app-uploads bucket for photos and uploads), and edge functions. Data is hosted in the United States.
• Google Maps — maps, geocoding, routing, and navigation (via react-native-maps and related APIs)
• Google Gemini (via Supabase) — AI chat through bizrocket-ai-chat / gemini-chat edge functions
• Stripe — invoice payment links and checkout when your company enables online payments (where deployed on your account)
• Resend — transactional email (job confirmations, en route notices, completions, estimates, invoices, appointment and payment reminders) via edge functions such as send-email, send-job-confirmation, and send-estimate-invoice-email
• Blooio — automated operational SMS (primarily “on the way” / en route) via the send-sms edge function
• PDFMonkey — PDF generation for estimates and invoices (server-side, when configured)
• Expo / EAS — mobile app build, updates, and distribution (project builds via Expo Application Services)
• Apple App Store / Google Play — distribution of mobile applications
• Cloudinary — optional/legacy image hosting for some branding assets; new uploads use Supabase Storage

Third-party services may have their own privacy policies. We encourage business customers to review integrations they enable.

10. Data retention

We retain personal information for as long as needed to provide the Service, comply with legal obligations, resolve disputes, and enforce agreements.

Business customers generally control how long job, customer, and employee records remain in their account. When an account is terminated, we delete or anonymize data according to our agreements and operational schedules.

• Active accounts: data is retained while your company’s subscription is active and as needed to provide the Service.
• After termination: company administrators may request export for 30 days after closure; we delete or anonymize production account data within 90 days, except where law requires longer retention.
• Backups: encrypted backups may retain residual data for up to 90 days before overwrite.
• Support and security logs: typically retained up to 24 months.
• Marketing site inquiries: retained as needed to respond and for a reasonable period thereafter.

11. Security

We implement reasonable administrative, technical, and organizational safeguards designed to protect personal information, including encryption in transit, access controls, and secure authentication practices. No method of transmission or storage is completely secure; we cannot guarantee absolute security.

You are responsible for safeguarding your login credentials and notifying your administrator or us promptly if you suspect unauthorized access.

12. Children

The Service is not directed to children under 13 (or under 16 where applicable law sets a higher age). We do not knowingly collect personal information from children. If you believe we have collected such information, contact us and we will take appropriate steps to delete it.

13. Your rights and choices

Depending on where you live, you may have rights to access, correct, delete, restrict, or port your personal information, or to object to certain processing.

Business users: Many requests are best handled through your employer, which administers your BizRocket account. You may also contact us directly.

End customers: Contact the service company that holds your data in BizRocket.

To exercise rights or ask questions, email shawn@bizrocketapp.com or use our contact page. We may need to verify your identity before responding.

We honor applicable rights under U.S. federal and state laws (including California CCPA/CPRA), and where applicable, the EU/UK GDPR. We aim to respond to verified requests within 30 days (or the period required by law, with notice if an extension is needed).

14. California privacy rights

If you are a California resident, you may have rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), including rights to know, delete, and correct personal information, and to limit use of sensitive personal information where applicable.

We do not sell personal information and we do not share personal information for cross-context behavioral advertising. We do not sell or share personal information as defined under California’s “Shine the Light” law. California residents may contact us at shawn@bizrocketapp.com with requests.

15. International transfers

BizRocket is based in the United States. If you access the Service from outside the U.S., your information may be processed in the U.S. and other countries where our providers operate.

Primary hosting and processing occur in the United States through Supabase and our other U.S.-based subprocessors. If you access the Service from outside the U.S., you understand that your information may be transferred to, stored in, and processed in the U.S. Where required for EEA/UK users, we rely on appropriate safeguards such as Standard Contractual Clauses or equivalent mechanisms offered by our providers.

16. What we do not do

• We do not sell personal information.
• We do not use cross-app advertising tracking on our mobile apps.
• We do not sell user data to data brokers.
• We do not record audio through the mobile app in core workflows.

17. Changes to this policy

We may update this Privacy Policy from time to time. We will post the revised policy on this page and update the “Last updated” date below. Material changes may also be communicated through the Service or by email where appropriate.

18. Contact us

For privacy questions or requests:

• Shawn Scott — shawn@bizrocketapp.com
• Phone: 614-400-3527
• Support: bizrocketapp.com/contact