Privacy Policy

Effective date: 10/17/2025
Company: Contractor Booked
Legal entity: Contractor Booked LLC
Contact: Al@contractorbooked.com

1) What we are

We help contractors capture missed inquiries by sending instant messages and booking links, placing confirmed jobs on your calendar, and requesting reviews after service. For your customers’ data, we act as a service provider/processor to you (the contractor). For our website and our own marketing, we are a business/controller.

2) Information we collect

From contractors (our clients):

• Business & account data (name, email, phone, company, billing).

• Settings & content you provide (services, scripts, booking rules, calendar connections).

• Usage data (log-ins, actions, IP, device/browser).

From your leads & customers (processed on your behalf):

• Contact info they share (name, phone, email).

• Message content across channels (SMS, website chat, DMs, Google Business Messages).

• Booking details (selected time slot, job type, address/area).

• Post-job feedback (review request responses, star ratings, comments).

• Metadata (timestamps, channel, delivery status).

Automatically via our site/app:

• Cookies and similar tech (page views, referring URLs, basic analytics).

• Device and network data (IP, browser, OS).

3) How we use information

• Instant reply & follow-up: send messages after a missed call or inbound message; share your booking link; nudge unconfirmed leads.

• Scheduling: show your available slots; place bookings on your Google/Outlook/iCal per your rules.

• Review requests & routing: ask for reviews after jobs; send positive feedback to public review links; route issues privately to you.

• Service operation & safety: authentication, fraud prevention, troubleshooting, logs.

• Business communications: account notices, onboarding, product updates (you can opt out of non-essential emails).

• Legal compliance: tax, accounting, responding to lawful requests.

 

We do not “sell” personal information. We don’t use your customers’ data for our ads.

4) Lawful bases (GDPR/UK GDPR, where applicable)

• Contract: to provide the service you asked for.

• Legitimate interests: product security, support, improvement.

• Consent: where local law requires it (e.g., marketing texts/emails).

• Legal obligation: tax, accounting, lawful requests.

5) Sharing & processors

We share data with vendors who help us run the service, for example:

• Messaging & telephony (e.g., SMS gateways),

• Calendars & productivity (Google/Microsoft/Apple when you connect),

• Hosting/infra & analytics,

• Payment processing (if/when you pay us).
  They only use data to provide their part of the service, under contract.

We may disclose data to comply with law, protect rights, or in a merger/acquisition (with notice where required).

6) Text messaging & communications

By providing a phone number, you (or your customer) may receive transactional texts (e.g., booking links, confirmations, reminders, review requests).

• Stop anytime: reply STOP to opt out of texts; HELP for help.

• Message & data rates may apply.

• Frequency varies by activity (inquiry, booking, reminder, review request).
  Contractors are responsible for collecting any required consent from their customers in their market.

7) Cookies & analytics

We use essential cookies to run the site and optional analytics to improve it. You can control cookies in your browser. Where required, we’ll present a consent banner.

8) Data retention

• Client account data: kept while your account is active and for a reasonable period after (e.g., 12–24 months) unless you request deletion sooner.

• Lead/customer records we process for you: retained per your settings or your instructions; we can delete or export upon your request.

• We may retain limited logs/backups as required by law or for security.

9) Security

We use reasonable administrative, technical, and physical safeguards (encryption in transit, access controls, logging). No system is 100% secure; please use strong passwords and protect your credentials.

10) Your rights

Depending on your location, you may have rights to access, correct, delete, restrict, or export your personal information.

• California (CCPA/CPRA): right to know/access, delete, correct, and opt out of “sale”/“sharing” (we don’t sell). Limit use of sensitive data.

• EU/UK: access, rectification, erasure, portability, objection, restriction; lodge a complaint with your supervisory authority.
  To exercise rights, email [privacy@yourdomain.com]. If you’re a customer of a contractor, contact the contractor first; we’ll assist them as their processor.

11) Children

Our service isn’t for children under 13 (or other local age thresholds). We don’t knowingly collect children’s data.

12) International transfers

If we transfer data across borders, we use legal mechanisms (e.g., SCCs) and take appropriate safeguards.

13) Third-party links

Our site may link to other sites. Their privacy practices are their own—review their policies.

14) Changes to this policy

If we make material changes, we’ll update the date at the top and notify you where required.

15) How to contact us

Email: [privacy@yourdomain.com]
Mail: [Company legal name, address]

Controller vs. Processor (plain English)

• For your customers’ messages, bookings, and review requests, we act as your service provider/processor and only handle that data to deliver the features you enable.

• For our website visitors, your billing/subscription, and our own marketing, we are the business/controller.

Not legal advice

This policy is a template tailored to your service. Laws change by jurisdiction. Have your counsel review before publishing.

Implementation tips (quick):

• Put this at /privacy.

• Add “Text STOP to opt out” near any phone/email capture.

• Link to this policy in your footer, forms, and SMS templates.

• Add your DPA (data processing addendum) link for business clients if you have one.