Privacy Policy

Last updated: April 6, 2026

1. Information We Collect

Account Information

When you create an account, we collect your email address, name, phone number, and company name. If you sign up via Google OAuth, we receive your email and profile name from Google.

Contractor License Information

If you provide your contractor license number, we store it to verify your eligibility and personalize your experience.

Payment Information

Payment is processed by Stripe. We do not store your credit card number, expiration date, or CVV on our servers. Stripe provides us with a tokenized reference and basic billing details (last four digits, card brand, billing address).

Usage Data

We collect information about how you use the Service, including pages viewed, leads accessed, territories selected, and feature usage.

2. Public Records Data

The Service aggregates and displays data from publicly available sources, including:

• Building permit records from municipal and county open data portals
• Property assessor records (owner names, property details, mailing addresses)
• Contractor license filings from state licensing boards
• Business entity registrations

This data is sourced from 75+ government APIs and is publicly available. We process and enrich it to provide value to our users.

3. How We Use Your Information

• Service delivery: To provide, maintain, and improve the Service
• Communication: To send account notifications, updates, and support responses
• Billing: To process payments and manage your subscription
• Analytics: To understand usage patterns and improve the product
• Security: To detect and prevent fraud or abuse

4. Third-Party Processors

We share information with the following service providers, who process data on our behalf:

• Stripe — Payment processing and subscription management
• SendGrid — Transactional email delivery (account confirmations, notifications)
• Twilio — SMS notifications (if opted in)
• Google — OAuth authentication

These providers only receive the data necessary to perform their functions and are contractually obligated to protect your information.

5. Data Retention

• Active accounts: Your data is retained for as long as your account is active
• Deleted accounts: Upon account deletion, your personal data is purged within 30 days. Anonymized usage analytics may be retained
• Payment records: Billing history is retained as required by applicable tax and financial regulations

6. Your Rights

You have the right to:

• Access the personal data we hold about you
• Correct inaccurate or incomplete information
• Delete your account and associated personal data
• Export your data in a portable format

To exercise any of these rights, email support@onsiteapp.info. We will respond within 30 days.

7. CCPA Notice (California Residents)

If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with additional rights regarding your personal information. You have the right to know what data we collect, request its deletion, and opt out of the sale of your personal information. We do not sell your personal information.

8. GDPR Notice (EU/EEA Residents)

If you are located in the European Economic Area, you have additional rights under the General Data Protection Regulation (GDPR), including the right to data portability, the right to restrict processing, and the right to lodge a complaint with your local data protection authority. Our legal basis for processing is contract performance (to provide the Service) and legitimate interest (to improve and secure the Service).

9. Cookies and Local Storage

Onsite uses minimal client-side storage. We store a single authentication token in localStorage to keep you signed in. We do not use tracking cookies, advertising cookies, or third-party analytics cookies.

10. Security

We implement industry-standard security measures including encrypted connections (TLS), secure password hashing, JWT-based authentication, and rate limiting. While we strive to protect your information, no method of transmission over the internet is 100% secure.

11. Children

The Service is not directed to individuals under 18. We do not knowingly collect personal information from children.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through the Service. Continued use after changes constitutes acceptance of the updated policy.

13. Contact

For questions about this Privacy Policy or your data, contact us at support@onsiteapp.info.