Privacy Policy

1. Overview

FieldForge ("App") is operated by Paul Funston t/a Funstar Digital ABN 30 577 818 671 ("we", "us", "our"). We handle your personal information in accordance with the Australian Privacy Act 1988 and the thirteen Australian Privacy Principles (APPs). This policy explains what we collect, how we use it, where it is stored, who else processes it, how long we keep it, and how you exercise your rights.

2. Information We Collect

Account Information: Email address, business name, and password (passwords are stored as a one-way hash by Firebase Authentication — we never see your password in plaintext).

Business Data: Customers, properties, quotes, invoices, payments, jobs, scheduled work, recurring schedules, vehicles, fuel and service records, equipment, equipment maintenance records, crew members, timesheets, spray records, pool service records, chemicals, expenses, route sessions (GPS km), and the documents and photos you attach to any of these (registration documents, pesticide licences, safety data sheets, customer signatures, photo evidence).

Device & Diagnostic Data: Crash reports and anonymous performance data via Firebase Crashlytics. This includes device model, OS version, app build, and the stack trace of any crash — but not your business data.

Location Data: When you grant location permission, the App tracks GPS coordinates to calculate route kilometres for fuel and mileage reporting. Location data is stored in your account and used only by you — it is not shared with us or any third party for marketing or analytics.

Payment Data: Payment processing is handled entirely by Stripe. We never see or store credit card numbers, bank account details, or full payment instruments. We retain the payment metadata Stripe returns (last 4 digits, amount, currency, status, receipt URL) so you can reconcile your accounts.

3. How We Use Your Information

• To provide and maintain the App's features and functionality.
• To send transactional emails and SMS on your behalf (quotes, invoices, reminders, scheduling confirmations).
• To process subscription payments through Stripe.
• To generate PDFs (quotes, invoices, receipts, compliance reports, BAS summaries) at your request.
• To power AI features when you explicitly invoke them (Scan Registration, Scan Pesticide Licence, AI Help, AI Smart Suggestions) — see Section 5.
• To provide customer support when you contact us.
• To improve the App based on anonymous crash and performance reports.

4. Where Your Data Is Stored

Your business data is stored in Australia. The FieldForge production project's Cloud Firestore database and Cloud Storage bucket both operate in Google Cloud's australia-southeast1 region (Sydney). Cloud Functions (the stateless processing layer that reads and writes the Firestore data) operate in the us-central1 region (Iowa, United States); they hold no customer data themselves — they only process requests in transit. Web hosting (fieldforge.com.au) and the Apple-Maps geocoding cache may use other Google-provided regions automatically.

All data is encrypted at rest by Google Cloud and in transit using TLS. We rely on Google Cloud's SOC 2 / ISO 27001-certified infrastructure for physical and operational security, and on Firebase Authentication and Firestore security rules for per-user access control — every record carries the user's UID and rules reject any read or write that does not match the signed-in user.

If strict Australian data residency for every layer of the stack (including stateless function processing) is a hard requirement for your business, please contact us before subscribing — we can discuss options.

5. Third-Party Services (APP 8 — Cross-Border Disclosure)

The App relies on the following processors. Each is contractually bound by its own privacy policy. We do not sell your data to any of them.

• Google Firebase (United States) — Authentication, database, cloud functions, hosting, storage, crash reporting. Firebase Privacy.
• Stripe (United States; Australian-licensed) — Subscription billing and customer payment processing. Stripe Privacy.
• Resend (United States) — Transactional email delivery (quotes, invoices, signup notifications, daily ops alerts). Recipients' email addresses and message contents are sent through Resend's API. Resend Privacy.
• Twilio (United States) — Optional SMS delivery (quotes, invoices, scheduling reminders) when you enable SMS in Settings. Customer phone numbers and message contents are sent through Twilio's API. Twilio Privacy.
• Anthropic (United States) — Claude API for AI Help, Smart Suggestions, and document scanning (Scan Registration, Scan Pesticide Licence, Scan Document). When you invoke an AI feature, the photo or text you submit is sent server-side to Anthropic. Anthropic's commercial API does not retain prompts or completions for model training; data is used only to generate the response and is discarded after the request. Anthropic Privacy.
• WeatherAPI.com (United Kingdom) — Weather forecast for weather-aware scheduling. Only your configured forecast coordinates and a day count are sent; no personal information. WeatherAPI Privacy.
• Apple MapKit / CoreLocation (Apple) — In-app map display, address autocomplete, and reverse geocoding. Address lookups are sent to Apple Maps for resolution under Apple's privacy terms. We do not receive your map interactions. Apple Privacy.

6. Data Sharing

We do not sell, trade, or rent your personal information to third parties. Data is shared only with the processors listed in Section 5 strictly to deliver the features you use. We may disclose information when required by law (court order, valid subpoena, regulatory request) or to protect the rights and safety of users.

7. Your Rights Under the Australian Privacy Principles

You have the following rights at any time:

• Access (APP 12): View all your data inside the App. Use Settings → Data & Privacy → Export My Data to download a complete machine-readable archive of every customer, quote, job, invoice, payment, expense, vehicle, equipment, spray record, pool record, document, and photo in your account, plus signature blobs.
• Correction (APP 13): Edit any record in the App directly, or contact us if a system field needs adjustment.
• Deletion: Use Settings → Account → Delete Account to begin the two-stage account deletion described in Section 8.
• Restriction: Sign out at any time to halt sync. Use the in-app archive (Recently Deleted) for soft deletes you may want to recover later.
• Complaint: If you believe we have mishandled your personal information, contact us first at privacy@fieldforge.com.au. If we cannot resolve your complaint to your satisfaction, you may lodge it with the Office of the Australian Information Commissioner at oaic.gov.au.

8. Data Retention

Active accounts: Your business data is retained for as long as your subscription is active or your free trial is in good standing.

Soft delete (Recently Deleted): When you delete a customer, quote, job, invoice, or similar record inside the App, it is moved to a tombstone state ("Recently Deleted") for 30 days. You can restore the record from Settings → Recently Deleted any time within that window.

Tax records (5-year retention): Invoices, credit notes, payment records, and BAS evidence are retained for five years regardless of soft-delete state, in accordance with the Australian Taxation Administration Act 1953. They appear in the Compliance & Retention section of the App with a clear marker. You can export them at any time but cannot purge them before the 5-year retention period ends.

Account deletion: Choosing Delete Account begins a two-stage process. Stage 1 marks your account for deletion and immediately revokes new access; you have 30 days to cancel by contacting support@fieldforge.com.au. Stage 2 (after 30 days) permanently purges all remaining business data, account information, and uploaded files from Firestore and Cloud Storage. We strongly recommend you export your data via Export My Data before initiating account deletion. Crash and diagnostic data attributable to your account is retained for up to 90 days by Firebase Crashlytics in line with Google's policies.

9. Children's Privacy

FieldForge is a business tool intended for trade-business operators and is not directed at children. We do not knowingly collect personal information from anyone under the age of 13, consistent with the United States Children's Online Privacy Protection Act (COPPA), nor from anyone under 18 without verified parental consent in jurisdictions where that is required. If we learn that we have inadvertently collected such information, we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top of this page reflects the most recent revision. Material changes will be notified through the App or by email to the address on your account.

11. Contact Us

For privacy-specific inquiries, APP access or correction requests, and complaints, contact privacy@fieldforge.com.au.

For general support, contact support@fieldforge.com.au.

Postal: Paul Funston t/a Funstar Digital, ABN 30 577 818 671 — Australia.