Privacy Policy

GutterFlow ("we", "our", "us") provides a mobile application that helps gutter contractors run their business — estimates, calendar, team management, and customer PDFs. This Privacy Policy explains what we collect, why, and how we keep it safe.

1. Information you give us

When you sign up and use the app, we collect:

• Account data: email address and password (the password is stored hashed; we never see it).
• Company data: company name, phone, license number, address, owner contact, and an optional logo image you upload.
• Customer data you create: client names, phone numbers, emails, and addresses you save for your jobs.
• Estimate data: sketches you draw, materials, prices, totals, install dates, and notes.
• Photos: photos you take of roofs or supplier invoices (only those you explicitly attach to an order).

2. Information collected automatically

• Authentication state: a session token kept securely on your device so you stay signed in.
• Crash logs: if the app crashes, we receive a stack trace via Apple TestFlight / Expo so we can fix it.
• Subscription state: your purchase status (trial / active / expired) is reported by Apple's StoreKit and our payments processor (RevenueCat).

We do not embed third-party analytics, advertising SDKs, or social-media trackers.

3. How we use your data

• To provide the app's features (creating estimates, sharing PDFs, syncing calendar).
• To keep your data isolated from other companies (multi-tenant architecture — each tenant only sees their own rows).
• To send you operational emails: password reset, team invitations, subscription receipts.
• To improve the app by triaging crashes.

4. How your data is stored

Your data lives in a Supabase Postgres database hosted on AWS (US-East region) with row-level security: every query is filtered by your tenant ID, so other companies cannot see your rows. Photos and logos are stored in Supabase Storage, encrypted at rest. Communication with the server is over TLS 1.2+.

5. Sharing

We do not sell your data. We share it only with these processors, strictly to operate the service:

• Apple — TestFlight distribution, push notifications, App Store payments.
• Supabase — database hosting, file storage, authentication.
• Resend — transactional email delivery (password reset, team invites).
• RevenueCat — subscription management.
• Mapbox — geocoding for the address autocomplete (we send a partial address string, no other data).
• Expo / EAS — over-the-air updates for the JS portion of the app and crash reporting.

Each of these providers has its own privacy practices that we have reviewed.

6. Your rights

You can:

• Access your data at any time inside the app.
• Edit or delete any client, estimate, or photo you've created.
• Cancel your subscription at any time via Apple Settings → Subscriptions.
• Delete your account by emailing gutterflowapp@gmail.com. We will permanently remove your tenant and all associated rows within 30 days.

7. Children

GutterFlow is a business tool intended for adults running contracting companies. We do not knowingly collect any data from anyone under 13.

8. Changes to this policy

If we change this policy, we'll update the date at the top and notify active accounts via email or in-app banner. Continuing to use the app after a change means you accept the updated policy.

9. Contact

Questions about your data or this policy? Email gutterflowapp@gmail.com and we'll get back within 2 business days.

© {{YEAR}} GutterFlow · Home · Terms