Privacy Policy

CanopyRoute may collect information that users provide directly, information generated while using the product, and technical information needed to authenticate users, maintain sessions, secure the service, and operate workspaces.

Account records may include a user's name, email address, authentication method, email verification status, workspace memberships, role, and related sign-in information.

Workspace invitations may include invitee email addresses, invited roles, invitation tokens, expiration dates, and the user who sent the invite.

Workspaces may store customer records, property addresses, access notes, phone numbers, email addresses, quote details, scope of work notes, job schedules, job status, crew assignments, equipment assignments, follow-ups, and operational notes.

This data is used to help workspace members manage tree service operations from lead capture through job completion.

Users may upload job photos or files connected to workspaces, jobs, checklists, progress updates, or operational records.

Uploaded job photos may include before, progress, after, issue, or other job-related images. Users should avoid uploading files they are not authorized to store in the workspace.

Subscription checkout, billing portals, invoices, payment methods, and related billing status are handled by Stripe. CanopyRoute may store Stripe customer IDs, subscription IDs, price IDs, subscription status, and renewal dates.

CanopyRoute does not directly store full payment card numbers.

CanopyRoute uses secure cookies and session data to keep users signed in, protect authenticated routes, remember the currently selected workspace, and support account security.

Authentication may use email magic links, email and password credentials, or Google OAuth where configured.

Data is used to provide the product, authenticate users, enforce workspace permissions, send transactional emails, process billing, store uploaded files, show operational dashboards, support team collaboration, and maintain service security.

CanopyRoute should not use workspace operational data to make legal, safety, arborist, hazard assessment, insurance, or tax decisions for users.

CanopyRoute may use service providers such as Stripe for billing, Resend for email delivery, Cloudflare R2 for file storage, Neon for Postgres database hosting, and Vercel or similar providers for hosting and deployment.

Final privacy text should include any required subprocessors, data processing terms, regions, and links to provider policies.

Final privacy text should describe how long account, workspace, customer, job, quote, photo, communication, billing, and audit data is retained.

Retention may depend on workspace settings, backups, legal obligations, billing records, security needs, and customer deletion requests.

CanopyRoute uses authentication, role-based workspace access, secure cookies, hashed passwords, and workspace-scoped database access patterns to help protect user and workspace data.

No online service can guarantee absolute security. Final privacy text should describe security practices without promising perfect protection.

Final privacy text should describe how users and workspace owners can request access, correction, export, deletion, or other privacy-related handling of personal information, subject to applicable law and workspace ownership rules.

CanopyRoute is intended for business use by tree service companies and is not intended for children or minors.

Final privacy text should include any legally required age threshold and reporting process.

Final privacy text should describe how users will be notified about material policy changes and when an updated policy becomes effective.

Replace this placeholder with the appropriate CanopyRoute support or privacy contact email before launch.