FieldTrack Ai logoFieldTrack AiHome

Privacy Policy

Last updated: April 21, 2026

FieldTrack Ai (“we”, “us”, “our”) helps field professionals plan canvassing routes, capture voice notes at stops, and generate visit reports. This policy explains what data we collect, how we use it, and the choices you have. We do not sell or share your data with third parties for advertising or marketing.

1. Information We Collect

Account Information

When you create an account we collect your email address, full name (optional), and a securely hashed password. If you sign in with a third-party provider (e.g., Google), we receive your name, email, and profile identifier from that provider.

Location Data

With your permission, we access your device location to (a) optimize the order of stops on your route, (b) detect arrival at a stop, and (c) display your position on the route map. Location is processed in real time on your device and stored only as the route start point and the geocoded coordinates of stops you add. We do not run continuous background tracking.

Voice Recordings & Transcripts

When you record a voice note at a stop, the audio is uploaded to our secure backend and sent to a third-party AI transcription provider solely to generate a text transcript and a short summary. Audio files, transcripts, and summaries are stored in your account and visible only to you.

Route & Visit Data

Stop names, addresses, optional property IDs, notes, arrival/completion timestamps, and any CSV exports you generate are stored under your account.

Payment Information

Subscriptions are processed by Paddle, our payment provider. We never see or store your full card details — Paddle returns only a customer ID and subscription status.

2. How We Use Your Information

  • Provide core app features: route optimization, arrival detection, voice transcription, and reporting.
  • Authenticate you and keep your account secure.
  • Process subscription payments and manage billing.
  • Respond to support requests.
  • Diagnose errors and improve reliability.

3. We Do Not Sell or Share Your Data

We do not sell, rent, or share your personal information, location, voice recordings, transcripts, or route data with advertisers, data brokers, or any third party for marketing purposes — full stop.

4. Service Providers (Sub-processors)

We use a small set of trusted providers strictly to operate the app on our behalf:

  • Supabase — secure database, authentication, and file storage.
  • AI providers (Google, OpenAI) — voice transcription and summary generation.
  • Mapping & geocoding services — convert addresses into coordinates and render maps.
  • Paddle — subscription billing and payments.

These providers process data only as needed to deliver their service to us and are bound by their own privacy and security commitments.

5. Data Retention

Your routes, stops, voice notes, and reports remain in your account until you delete them or close your account. Old completed routes may be cleaned up automatically after an extended period to manage storage. When you close your account, your personal data is deleted within 30 days, except where we must retain limited records for legal or billing purposes.

6. Security

Protecting your account, addresses, and voice notes is core to the product. Our security measures include:

  • Encryption in transit and at rest — all traffic uses HTTPS/TLS, and stored data (including voice notes) is encrypted on disk in our managed cloud database and storage.
  • Row-level security (RLS) — database-enforced policies ensure each user can only read or modify their own routes, stops, owners, visits, and voice notes.
  • Two-factor authentication (2FA) — optional time-based one-time passwords (TOTP) via apps like Google Authenticator, Authy, or 1Password. Enable it any time in Security settings.
  • Breach-blocked passwords — passwords are checked against the Have I Been Pwned database on signup and password change; known-leaked passwords are rejected.
  • Hashed passwords — passwords are hashed with bcrypt and never stored in plain text. We can never see them.
  • Email confirmation — new accounts must verify their email address before they can sign in.
  • Private storage for voice notes — recordings live in a private bucket, accessible only via authenticated server functions acting on your behalf.
  • Verified webhooks & authenticated server functions — incoming webhooks (payments, route imports) verify cryptographic signatures, and server-side actions require a valid auth token on every call.
  • Session controls — view your signed-in devices and sign out of every device with a single click in Security settings.
  • Self-serve deletion — delete individual stops, routes, voice notes, or your entire account on demand. Account deletion permanently removes your data within 30 days.

For a plain-English overview see our Security page.

7. Your Rights & Choices

  • Access & export — download your route reports as CSV at any time.
  • Delete — delete individual stops, routes, voice notes, or your entire account.
  • Permissions — revoke location or microphone access in your device settings at any time.
  • Correction — update your account details from the app.

To exercise any right or close your account, email us at admin@ep-strat.com.

8. Children

FieldTrack Ai is intended for professional use and is not directed to children under 16. We do not knowingly collect data from children.

9. International Users

Our infrastructure may process and store data in the United States and other countries. By using the app you consent to this transfer.

10. Changes to This Policy

We may update this policy from time to time. Material changes will be communicated in-app or by email. Continued use of FieldTrack Ai after an update means you accept the revised policy.

11. Contact Us

Questions, requests, or concerns? Email admin@ep-strat.com.

← Back to home