Workhand Privacy Policy
Last updated: 2026-05-09
Workhand is operated by Innovative Ops LLC. This policy explains what we collect when you use the Workhand mobile app or website, why we collect it, and the choices you have. We don't sell your data and we don't share it with advertisers.
1. Who this policy covers
This policy applies to:
- Account holders — contractors, project managers, employees, sales staff, and subcontractors who sign up for Workhand.
- Customer recipients — the homeowners or property owners who receive an estimate or invoice from a Workhand user. We process limited data about you (your name, address, email, and the document content) on behalf of the contractor who hired you.
- Job collaborators — anyone added as a member of a Workhand job (employees, subs, clients).
Your contractor is the controller of their company data; Workhand is a processor on their behalf.
2. What we collect
You give us directly:
- Account info: name, email address, phone (optional), avatar color, password (stored hashed).
- Company info (owners only): company name, address, phone, EIN, contractor license number, sales tax rate.
- Subcontractor info (subs only): trade, sub-business name, EIN, insurance documents (General Liability, Workers' Comp, W-9).
- Job content: chat messages, daily-log notes, photos uploaded to jobs, estimate line items, invoices, costs, bids, materials, design files, punch-list items, schedule events, job documents (contracts, permits, drawings), expense receipt photos, and pinned messages.
- Customer records you create: customer names, emails, phone numbers, addresses, notes — for your own customers.
- Lead records: name, email, phone, message, and UTM parameters submitted through your public profile contact form, plus any leads you enter manually.
- Time + mileage entries: clock-in / clock-out timestamps, optional odometer readings or distances, optional start/end addresses you type in (we do not use background GPS).
- Public profile content (optional): bio, trades, service area, years in business, slug — only when you opt in to a public profile at workhand.app/c/<slug>.
- Reviews: star ratings and comments customers leave through the review-request links you send them.
We collect automatically:
- Push notification tokens if you grant the permission. Used only to deliver in-app notifications.
- Basic usage data — when you signed in, which screens you opened. We use this for product analytics and debugging only.
- Device info required by Expo / iOS / Android (OS version, device model). Not associated with your account by us.
We collect from third parties:
- Stripe — when you start a paid plan, Stripe sends us your subscription status, plan tier, billing period, and a customer ID. Stripe handles your payment method directly; we never see your card number.
- Intuit / QuickBooks Online (optional) — when you connect QuickBooks, Intuit sends us OAuth access and refresh tokens for your QuickBooks company plus a "realm ID". We use these only to push your customers, invoices, and payments into your own QuickBooks account. We do not pull other QuickBooks data, and you can disconnect at any time from Settings → QuickBooks Online.
- Read receipts on your shared documents — when a customer opens an estimate or invoice link you sent, we record a timestamp and increment a view count. No information about the viewer's device, IP, or location is stored.
3. How we use it
- Provide the service. Show you your jobs, route messages, deliver notifications, generate estimates and invoices, etc.
- Send transactional email. When you tap "Send to customer", we email the document via Resend. We send password-reset emails. We don't send marketing email without your opt-in.
- Process payments. Stripe processes subscription payments for Workhand plans. We use Stripe's Checkout and Customer Portal flows; we don't store any card data.
- Improve the product. Aggregate, anonymized usage patterns help us prioritize features. We never analyze your job content or customer data for product purposes.
- Comply with the law. Respond to lawful subpoenas, court orders, or fraud / abuse investigations.
4. Who we share with
We share data with the following processors, only as needed to run the service:
| Processor | Purpose | Data shared |
|---|---|---|
| Supabase | Database, auth, file storage, edge functions | All app data |
| Stripe | Subscription billing | Email, name, company id |
| Resend | Transactional email delivery (estimates, invoices, review requests, recurring invoices) | Recipient email, message body |
| Expo Push | Push notification delivery | Device push token, notification body |
| Intuit / QuickBooks Online | Accounting sync (only when you connect) | Customer name, email, phone, address; invoice line items, totals, payment dates |
| Cloudflare | DNS + public viewer hosting | Public estimate/invoice/profile/job-portal content (only the recipient's view) |
| Sentry | Crash and error reporting | Error stacks (no customer/job data) |
We do not sell or rent your data to anyone. We do not share it with advertisers or data brokers.
5. Public links (estimates, invoices, job portal, profile)
Workhand generates several kinds of token-based public links:
- Estimate / invoice viewer —
workhand.app/estimate/<token>andworkhand.app/invoice/<token>. The token is a random UUID and the link is sent to the customer by email. - Customer-facing job portal —
workhand.app/j/<token>. Shows the homeowner project status, hero photo, and progress photos. Only generated when the contractor explicitly taps "Share with customer". Can be revoked any time. - Public profile —
workhand.app/c/<slug>. Only created if the contractor opts in. Shows business info, trades, service area, and aggregated review stats. Includes a contact form that captures inquiries as leads. - Calendar feed —
workhand.app/calendar/<token>for subscribing in Google or Apple Calendar. Includes job titles, addresses, and dates. Token can be rotated to revoke any prior subscriber.
Treat any of these links like passwords — only share with the intended recipient. Owners can rotate or disable any token in the app.
6. Job collaborators see job content
When a contractor adds you to a job, you can see chat messages, daily logs, and other content on that job. Your contractor controls who is added. Subs and clients only see the content scoped to their role on the job; they do not see internal cost data, margins, or other companies' jobs.
7. Your rights
You can:
- Update your account — full name, phone, email — in Settings → Account.
- Delete your account — in Settings → Delete account. This permanently removes your profile, sub_profile (if any), push tokens, notifications, and uploaded files. Job and company data you own is also deleted unless ownership is transferred first.
- Export your data — in Settings → Export your data. We provide CSVs of your jobs, customers, estimates, invoices, and more.
- Request a copy of your data or correction of inaccuracies — email [email protected].
- Opt out of analytics — email [email protected] and we'll exclude your account.
If you live in California (CCPA), the EU/UK (GDPR), or another jurisdiction with comparable rights, the above also serves as your right to access, correct, and delete. We don't sell personal information.
8. Data retention
- While your account is active, we keep your data so the service works.
- When you delete your account, we delete your personal data within 30 days. Backups roll off within 90 days.
- Stripe payment records are retained per Stripe's policy (typically 7 years) for tax and audit reasons.
9. Children
Workhand is for business use and is not directed to children under 13. We don't knowingly collect data from children.
10. Security
- All data is transmitted over HTTPS / TLS.
- Passwords are stored using Supabase Auth's bcrypt-based hashing.
- Stripe handles all payment processing; we never store card numbers.
- Access to your data is gated by row-level security in Postgres.
- We can't promise a breach will never happen, but we follow industry-standard practices.
11. Changes to this policy
We'll update the "Last updated" date when we change anything material. For substantial changes, we'll notify you via in-app notice or email.
12. Contact
Questions, requests, or concerns:
- Email: [email protected]
- Mailing address: Innovative Ops LLC, [add mailing address before publishing]