Trades Support
​
Privacy Policy
Privacy Policy for Trades Support
Last Updated: December 23, 2025
1. Introduction
Trades Support ("we," "us," or "our") operates the Trades Support mobile application (the "App"), an all-in-one project management tool designed for trades businesses. This Privacy Policy explains how we collect, use, disclose, retain, and safeguard your personal information when you use our App and related services across iOS, Android, and web platforms. By using the App, you acknowledge that you have read and understood this Privacy Policy and consent to the practices described herein.
2. Information We Collect
2.1 Account Information
When you create an account, we collect:
- Full name
- Email address
- Phone number
- Password (stored securely in hashed form)
- Account role (Owner, End User, or Field Staff)
2.2 Profile Information
You may optionally provide:
- Company/business name
- Industry
- Specializations
- Profile photograph
- Business documents
2.3 Project Data
When you create or participate in projects, we collect:
- Project names and descriptions
- Scope of Work (SOW) documents
- Bill of Materials (BOM) details
- Project milestones and progress updates
- Project status and workflow information
- Scheduled visits and appointments
- Project contacts and assigned personnel
2.4 Media and Attachments
The App may collect and store:
- Progress photos uploaded for projects
- Receipt images and documents
- File attachments (PDFs, spreadsheets, images)
- Chat messages, including text, images, and file attachments
- Cover photos for projects
2.5 Financial Information
For payment processing and project management, we collect:
- Estimated costs and revenue figures
- Actual costs and material expenses
- Proposal and quote amounts
- Payment status and transaction records
- Fee tier information
Note: We do not store full credit card numbers, CVV codes, or other sensitive payment credentials. All payment processing is handled by our PCI DSS-compliant third-party payment processor (Stripe).
2.6 Time Tracking Data
For field staff and project management:
- Clock-in and clock-out timestamps
- Time entry records linked to specific projects
- Work duration calculations
- Payment status of time entries
2.7 Device and Technical Information
We automatically collect:
- Device type and operating system
- Platform information (iOS, Android, web)
- Firebase Cloud Messaging (FCM) tokens for push notifications
- App version information
- Crash reports and diagnostic data (via Firebase Crashlytics)
2.8 Communication Data
- In-app notifications and their read status
- Push notification preferences
- Chat message history within projects
- @mention data for team communication
3. How We Collect Information
3.1 Information You Provide
Most information is collected directly from you when you:
- Create an account and complete your profile
- Create or manage projects
- Upload photos, documents, or attachments
- Send chat messages within projects
- Enter time tracking records
- Update your account settings
3.2 Automated Collection
We automatically collect certain technical data through:
- Firebase Analytics for app usage patterns
- Firebase Crashlytics for error reporting and diagnostics
- Firebase Cloud Messaging for notification delivery
3.3 Third-Party Services
We receive information when you:
- Sign in using Google Sign-In or Sign in with Apple
- Complete payments through Stripe
4. How We Use Your Information
4.1 Core App Functionality
- To create and manage your user account
- To enable project creation, tracking, and collaboration
- To facilitate communication between project participants
- To process and display project-related documents and media
- To track time entries for field staff
- To manage project workflows and approvals
4.2 Payment Processing
- To process project payments through Stripe
- To calculate and display financial summaries
- To manage commission fees and fee tiers
- To generate payment receipts and records
4.3 Communications
- To send push notifications about project updates
- To deliver in-app notifications
- To enable chat functionality within projects
- To send transactional emails (password resets, email link sign-in)
4.4 Security and Operations
- To verify your identity and authenticate access
- To enforce role-based access controls
- To prevent fraud and unauthorized access
- To maintain and improve app security
- To debug issues and improve app performance
4.5 Service Improvement
- To analyze usage patterns and improve features
- To identify and fix bugs and technical issues
- To develop new features based on user needs
5. Information Sharing and Disclosure
5.1 Within Projects
Information is shared with authorized project participants based on their role:
- Owners: Full access to all project data, including financial information
- Field Staff: Access to project details, ability to upload receipts and track time
- End Users: Access to shared project information, ability to approve proposals
5.2 Third-Party Service Providers
Firebase (Google)
- Firebase Authentication: User account management
- Cloud Firestore: Database storage
- Firebase Storage: File and media storage
- Firebase Cloud Messaging: Push notification delivery
- Firebase Crashlytics: Crash reporting and diagnostics
- Cloud Functions: Backend processing
- Firebase App Check: Security verification
Stripe
- Payment processing for project payments
- Commission fee collection
- Payment sheet and checkout functionality
Google (via Google Sign-In)
- Authentication when you choose to sign in with Google
Apple (via Sign in with Apple)
- Authentication when you choose to sign in with Apple on iOS devices
5.3 Legal Requirements
We may disclose your information when required to:
- Comply with applicable laws, regulations, or legal processes
- Respond to lawful requests from public authorities
- Protect our rights, privacy, safety, or property
- Enforce our Terms of Service
5.4 Business Transfers
In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.
5.5 No Sale of Personal Information
We do not sell, rent, or trade your personal information to third parties for their marketing purposes.
6. Device Permissions
6.1 Camera Access
- Required for taking progress photos directly within the app
- Required for uploading profile pictures
- Required for capturing receipt images
6.2 Photo Library Access
- Required for selecting existing photos to upload
- Required for choosing profile pictures from your gallery
6.3 Push Notifications
- Required for receiving project updates and alerts
- Can be disabled in your device settings or app preferences
Note: You can manage these permissions through your device settings. Denying certain permissions may limit app functionality.
7. Data Security
7.1 Technical Safeguards
- All data transmitted between the App and our servers uses TLS/SSL encryption
- Passwords are securely hashed before storage
- Firebase Security Rules enforce role-based access controls
- Firebase App Check protects against unauthorized API access
- Payment data is processed through PCI DSS-compliant Stripe infrastructure
7.2 Access Controls
- Role-based permissions restrict data access (Owner, Field Staff, End User)
- Project data is only accessible to authorized participants
- User data is only accessible to the account owner and authorized administrators
7.3 Security Limitations
While we implement industry-standard security measures, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security of your information.
8. Data Retention
8.1 Account Data
- Your account information is retained as long as your account is active
- Deleted accounts may be retained for up to 30 days for recovery purposes
- After permanent deletion, residual data may remain in backups for up to 90 days
8.2 Project Data
- Project data is retained for the duration of the project and as long as project participants maintain accounts
- Completed projects may be archived but remain accessible to authorized users
- Project deletion by the owner removes the project and associated data
8.3 Time Tracking Data
- Time entries are retained for payroll, audit, and reporting purposes
- Historical time tracking data may be retained for tax and legal compliance
8.4 Chat Messages
- Chat messages within projects are retained as part of project records
- Messages are accessible to all project participants with appropriate permissions
8.5 Crash Reports and Analytics
- Crash reports and diagnostic data may be retained for up to 90 days
- Aggregated analytics data may be retained longer for service improvement
9. Your Rights and Choices
9.1 Access and Correction
You can access and update your personal information through the Account screen in the App, including:
- Name and contact information
- Company and industry details
- Profile photo
- Notification preferences
9.2 Data Deletion
You can delete your account through the App's Account settings. This will:
- Remove your user profile from our active database
- Remove your access to all projects
- Not automatically delete project data where you are a participant (projects remain for other participants)
9.3 Notification Preferences
You can manage notification preferences within the App:
- Enable or disable app notifications
- Enable or disable project update notifications
- Manage push notification settings on your device
9.4 Data Portability
To request a copy of your personal data, please contact us at the email address below.
9.5 Withdrawing Consent
You may withdraw consent for data processing where consent is the legal basis. Note that withdrawing consent may affect your ability to use certain features of the App.
10. International Data Transfers
Our services use Firebase and other cloud infrastructure that may process and store data in data centers located outside your country of residence. By using the App, you consent to the transfer of your information to countries that may have different data protection laws than your jurisdiction.
11. Children's Privacy
The App is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided us with personal information, we will take steps to delete such information.
12. California Privacy Rights (CCPA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):
- Right to know what personal information we collect and how it is used
- Right to request deletion of your personal information
- Right to opt-out of the sale of personal information (we do not sell personal information)
- Right to non-discrimination for exercising your privacy rights
To exercise these rights, please contact us at the email address below.
13. European Privacy Rights (GDPR)
If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR):
- Right to access your personal data
- Right to rectification of inaccurate data
- Right to erasure ("right to be forgotten")
- Right to restrict processing
- Right to data portability
- Right to object to processing
- Rights related to automated decision-making
Our legal basis for processing your data includes:
- Performance of a contract (providing app services)
- Your consent (for optional features like push notifications)
- Legitimate interests (improving our services, security)
- Legal compliance
To exercise these rights or for GDPR-related inquiries, please contact us at the email address below.
14. Third-Party Links
The App may contain links to third-party websites or services (such as opening files in external applications). We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal information.
15. Push Notifications and FCM Tokens
15.1 How Push Notifications Work
We use Firebase Cloud Messaging (FCM) to deliver push notifications about project updates, messages, and other important information.
15.2 FCM Token Storage
When you enable push notifications, we store:
- A unique FCM token associated with your device
- Platform information (iOS, Android, or web)
- Timestamp of token registration
15.3 Managing Notifications
You can disable push notifications by:
- Adjusting notification preferences in the App settings
- Disabling notifications in your device's system settings
- Signing out of your account
16. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes:
- We will update the "Last Updated" date at the top of this policy
- We may notify you through in-app notifications or other means
- Your continued use of the App after changes constitutes acceptance of the updated policy
We encourage you to review this Privacy Policy periodically for any updates.
17. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:
Email: support@tradessupport.com
For data protection inquiries or to exercise your privacy rights, please include "Privacy Request" in your subject line.
18. Consent
By creating an account and using the Trades Support App, you acknowledge that you have read and understood this Privacy Policy and consent to the collection, use, and disclosure of your information as described herein. You may indicate your acceptance of this Privacy Policy through the account settings in the App.
---
Note: This Privacy Policy is provided for informational purposes and does not constitute legal advice. We recommend consulting with a legal professional to ensure compliance with applicable privacy laws in your jurisdiction.