Privacy policy

1. Who we are

“AI Contractor Studio,” “we,” and “us” refer to the operator of this website and application (you should insert your legal entity name and contact details here). This policy describes how we collect, use, and share personal information when you use our services.

2. Information we collect

• Account data: such as email address and authentication identifiers when you sign in (e.g. via magic link).
• Business data you enter: customers, jobs, estimates, invoices, payments, expenses, notes, and files you upload (e.g. receipts).
• Usage and technical data: basic logs, device/browser type, and similar data needed to operate and secure the service.
• AI interactions: when you use AI-powered features, prompts and related context may be sent to our AI providers to generate responses, subject to our agreements with those vendors.

3. How we use information

We use personal information to provide, maintain, and improve the service; authenticate users; send transactional messages (e.g. sign-in links, invoice notifications where enabled); detect abuse; comply with law; and communicate with you about the product.

4. Service providers (subprocessors)

We rely on third-party infrastructure typical for a modern web application. Your data may be processed by providers such as: Supabase (database, authentication, and file storage), Vercel or similar hosting, Resend (transactional email), Stripe (payments, if enabled), and Anthropic or other AI vendors for assistant and document features. We select vendors with appropriate safeguards but do not control their independent privacy practices—review their policies as needed.

5. Retention

We retain information for as long as your account is active or as needed to provide the service, comply with legal obligations, resolve disputes, and enforce our agreements. You may request deletion of your account subject to applicable law and legitimate business needs (e.g. tax or accounting records).

6. Security

We use industry-standard measures such as encryption in transit, access controls, and row-level security in the database. No method of transmission or storage is 100% secure.

7. Your choices and rights

Depending on where you live, you may have rights to access, correct, delete, or export personal data, or to object to certain processing. Contact us at the email below to make a request. We may need to verify your identity before responding.

8. Children

The service is not directed at children under 13 (or the minimum age in your jurisdiction), and we do not knowingly collect their personal information.

9. International transfers

If you access the service from outside the United States, your information may be processed in the U.S. or other countries where our providers operate. Insert appropriate transfer mechanisms (e.g. SCCs) if you serve EU/UK users at scale.

10. Changes

We may update this policy from time to time. We will post the revised version on this page and, where appropriate, notify you by email or in-product notice.

11. Contact

For privacy questions or requests, contact: [your privacy email].