1. Introduction
Field PM ("we," "our," or "us") operates the Field PM construction management platform available at www.field-pm.com and through mobile applications (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.
2. Information We Collect
2.1 Information You Provide
- Account information: name, email address, company name, and password
- Profile information: role, job title, and contact details
- Project data: project names, numbers, budgets, cost codes, and schedules
- Daily reports: work summaries, manhours, equipment usage, safety observations, and quality inspections
- Photos and documents: site photos, drawings, and uploaded files
- Financial data: invoices, change orders, and billing information
- Communications: feedback, support requests, and in-app messages
2.2 Information Collected Automatically
- Device information: browser type, operating system, and device identifiers
- Usage data: pages visited, features used, and interaction patterns
- Log data: IP address, access times, and referring URLs
- Location data: only if explicitly enabled for weather features
2.3 Payment Information
Payment processing is handled by Stripe, Inc. We do not store credit card numbers or bank account details on our servers. Please refer to Stripe's Privacy Policy for details on how they handle payment information.
3. How We Use Your Information
- Provide, maintain, and improve the Service
- Process transactions and send billing notifications
- Generate reports, analytics, and project insights
- Send administrative communications (account updates, security alerts)
- Respond to support requests and feedback
- Enforce our terms of service and protect against misuse
- Comply with legal obligations
4. Data Sharing and Disclosure
We do not sell your personal information. We may share data with:
- Service providers: Supabase (database hosting), Vercel (application hosting), Stripe (payments), Resend (email), and Cloudflare (DNS/security)
- Within your organization: Data is shared among users within the same company account based on role-based access controls
- Legal requirements: When required by law, court order, or governmental authority
- Business transfers: In connection with a merger, acquisition, or sale of assets
5. Data Security
We implement industry-standard security measures to protect your data, including:
- Encryption in transit (TLS/SSL) and at rest
- Row-Level Security (RLS) ensuring data isolation between companies
- Role-based access controls limiting data visibility by user role
- Regular security audits and vulnerability assessments
- Secure authentication with password hashing and session management
6. Data Retention
We retain your data for as long as your account is active or as needed to provide the Service. Upon account deletion, we will remove your personal data within 30 days, except where retention is required by law or for legitimate business purposes (e.g., billing records).
7. Your Rights
Depending on your jurisdiction, you may have the right to:
- Access the personal data we hold about you
- Request correction of inaccurate data
- Request deletion of your data
- Export your data in a portable format
- Withdraw consent for optional data processing
- Lodge a complaint with a data protection authority
To exercise these rights, contact us at [email protected].
8. Cookies and Tracking
We use essential cookies for authentication and session management. We use Vercel Analytics for basic usage metrics. We do not use third-party advertising cookies or trackers.
9. Children's Privacy
The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. Your continued use of the Service after changes constitutes acceptance of the updated policy.