S
Stelid

Privacy Policy

Last updated: March 11, 2026

1. Information We Collect

We collect information you provide directly to us, including:

  • Account information: name, email address, phone number, and password when you create an account.
  • Organization data: company name, logo, branding preferences, and business settings.
  • Job and property data: addresses, job descriptions, photos, GPS coordinates, time entries, and related field service information.
  • Payment information: billing details processed securely through our payment provider (Stripe). We do not store full credit card numbers on our servers.
  • Device information: device type, operating system, browser type, and IP address collected automatically when you use the Service.
  • Location data: GPS coordinates collected during clock-in/clock-out, photo capture, and geofence verification, only when you actively use these features.

2. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service.
  • Process transactions and send related billing information.
  • Verify worker presence through GPS geofencing.
  • Generate AI-powered job summaries, scheduling suggestions, cost estimates, and document drafts from your uploaded photos and data. All AI-generated content is clearly labelled in the interface. See Settings > AI Transparency for full details on each AI feature, the data it processes, and the AI providers used.
  • Send notifications about job assignments, weather alerts, and account activity.
  • Respond to your comments, questions, and support requests.
  • Monitor and analyze usage trends to improve the user experience.

3. Data Storage and Security

Your data is stored securely using industry-standard infrastructure provided by Supabase and cloud storage providers. We implement appropriate technical and organizational measures to protect your personal information, including:

  • Encryption of data in transit (TLS/SSL) and at rest.
  • Row-level security policies ensuring users can only access their own organization's data.
  • Regular security audits and vulnerability assessments.
  • Secure authentication with email verification and magic link support.

4. Data Sharing

We do not sell your personal information. We may share your data with:

  • Service providers: third-party companies that help us operate the Service (see Sub-Processors below).
  • Within your organization: administrators and managers in your organization can view team member data as part of normal Service operation.
  • Client portals: job proof pages and invoices shared with your clients through the Service.
  • Legal requirements: when required by law, subpoena, or government request.

Sub-Processors

Stelid uses the following third-party services to process data on your behalf:

  • Supabase — Database, authentication, and real-time services (data hosting).
  • Vercel — Application hosting and CDN.
  • Stripe — Payment processing. Card data is handled exclusively by Stripe; we never store card numbers.
  • Cloudinary — Image storage, processing, and optimisation.
  • OpenRouter — Primary AI gateway for AI-powered features (job summaries, photo analysis, scheduling).
  • OpenAI — Fallback AI provider for AI-powered features.
  • Mapbox — Map rendering and geocoding services.

5. Cookies and Tracking

We use essential cookies to maintain your authentication session and preferences. We do not use third-party advertising cookies. Analytics data is collected in aggregate form to improve the Service and is not linked to individual user profiles for advertising purposes.

6. Your Rights

You have the right to:

  • Access: request a copy of the personal data we hold about you.
  • Correction: request that we correct any inaccurate or incomplete personal data.
  • Deletion: request that we delete your personal data, subject to legal retention requirements.
  • Export: download a machine-readable (JSON) export of your data at any time from Settings > Security.
  • Opt-out: unsubscribe from non-essential communications at any time.

To exercise any of these rights, contact us at the email address below. We will respond to your request within 30 days.

7. Data Retention

We retain your personal data for as long as your account is active or as needed to provide you with the Service. If you delete your account, we will delete your personal data within 30 days, except where we are required to retain it for legal, accounting, or regulatory purposes. Aggregated, anonymized data may be retained indefinitely for analytics purposes.

  • Account data: Anonymised immediately upon deletion; hard-deleted after 30 days via automated purge.
  • Location data: GPS coordinates from time entries and tracking sessions are deleted after 90 days. Session records (timestamps only) are retained for payroll/compliance purposes.
  • AI audit logs: Records of AI feature usage (model, tokens, timestamps) are retained for 3 years for compliance and billing purposes. No raw user content is stored in audit logs.
  • Backups: Database backups are retained for up to 30 days. Deleted data may remain in backups during this period but cannot be accessed by users or staff.
  • Payment records: Invoice and payment records may be retained beyond 30 days as required by tax and accounting regulations.

8. Children's Privacy

The Service is not intended for use by anyone under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal data from a child under 16, we will take steps to delete that information promptly.

9. Data Processing Agreement

For business customers who require a Data Processing Agreement (DPA) under GDPR Article 28 or equivalent regulations, our standard DPA is available at stelid.com/dpa. The DPA covers our data processing activities, sub-processors, security measures, and your rights as a data controller. For questions, contact us at the email address below.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically for any changes.

11. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at privacy@sitesnap.app.