Back to JobsBookLegal
// JobsBook

Privacy Policy

Effective date: [PLACEHOLDER: Effective date]

1. Introduction

This Privacy Policy describes how [PLACEHOLDER: Your Company Name] ("we", "our") collects, uses, and protects personal data when you use JobsBook. We aim to be transparent about what we collect and why.

2. Data we collect

When you sign up: your work email and a chosen password (stored hashed, never in plaintext) and your company name. While you use JobsBook: customer records you create (names, phone numbers, emails, addresses, notes), bookings, invoices, staff records (names, optional emails, hashed PINs), and audit metadata (timestamps, IP fingerprint of failed logins).

3. How we use it

We use your data only to operate the service: authenticating you, rendering your dashboard, sending booking-confirmation and invoice emails on your behalf, and computing travel times for jobs. We do not use your data to train AI models or to sell to advertisers.

4. Storage & security

Data is stored in MongoDB hosted on [PLACEHOLDER: provider], encrypted at rest. Connections are TLS-only. Passwords and staff PINs are bcrypt-hashed. JWTs are short-lived (24h) and stored client-side. Each tenant's data is partitioned by company_id at the database driver level.

5. Third-party processors

We use a small number of vetted sub-processors:

  • Resend — transactional email delivery (booking-confirmation, payment-receipt, signup-verification, team-invite, staff-notification emails). Email addresses + email body are sent to Resend.
  • Stripe — subscription billing. We share your business email + an opaque company id with Stripe; payment card data is collected by Stripe directly and never touches our servers.
  • OpenRouteService — driving distance + duration computation for jobs. We send postcode/lat-lng coordinates only.

6. Data retention

Active accounts: data is retained indefinitely for the lifetime of your subscription. Trial accounts that do not upgrade: read-only for 30 days after the trial ends, then permanently deleted. Cancelled paid accounts: retained for 90 days for billing-dispute resolution, then permanently deleted. You can request earlier deletion at any time (see Section 7).

7. Your rights

You have the right to access, correct, or delete personal data we hold about you. To exercise these rights, email us. We respond within 30 days. EU/UK users have additional rights under GDPR including the right to data portability and the right to lodge a complaint with a supervisory authority.

8. Cookies & tracking

JobsBook uses one localStorage entry (jb_token) to keep you signed in. We do NOT use marketing cookies, third-party analytics scripts, or cross-site trackers. The hosted Stripe Customer Portal may set its own cookies — see Stripe's Privacy Policy.

9. Contact

Privacy questions or data-subject requests? Email info@jobsbook.app.

Terms·Privacy·Contact