Privacy Policy

Last updated: March 27, 2026

1. What We Collect

  • Account information: phone number, role (Customer/Provider), profile name, and email address (optional).
  • Order data: service requests, saved addresses, photos/descriptions, timestamps, and order status.
  • Job records: photos or verification logs submitted by Providers to resolve disputes.
  • Payment data: handled securely by Stripe, Inc. We do not store full card numbers, CVCs, or sensitive authentication data on our servers.
  • Device & usage data: basic logs (IP address, timestamps, device identifiers) for security, fraud prevention, and diagnostics.
  • Location data: location timestamps from Providers to verify service delivery, enable matching, and ensure compliance with our Terms of Service.
  • Phone numbers: collected for the purpose of sending verification codes (OTP) and service-related notifications.
  • Provider credentials (Providers only): professional license documents (Journeyman, Master, or Contractor License), including license photos, license numbers, issuing states, and expiration dates, collected for platform onboarding verification.
  • Insurance documentation (Providers only): Certificate of Insurance (COI) photos, policy numbers, and expiration dates, collected to verify that Providers maintain independent general liability insurance coverage.
  • Tax information (Providers only): Social Security Number (SSN) or Employer Identification Number (EIN) submitted through Stripe Connect for IRS 1099-K tax reporting compliance. This data is processed and stored securely by Stripe and used solely for tax reporting purposes as required by law.
  • Stripe Connect financial data (Providers only): bank account information and payout details submitted through Stripe Connect Express onboarding. This data is processed and stored by Stripe; Plumbr does not have direct access to sensitive financial account details.
  • Independent Contractor Agreement records (Providers only): electronic signature images, cryptographic verification data, IP address, device information, and timestamp captured at the time of agreement signing, stored as immutable legal records.
  • Team coordination data (Providers only): if you operate within a Team under a verified business entity, your real-time location, online status, job assignment history, and service performance metrics are collected for operational coordination and dispatch purposes.

2. How We Use It

  • Service Delivery: provide and improve the Service (booking, matching Providers, notifications, customer support).
  • Payments: process payments and generate receipts (via Stripe).
  • Verification: verify Provider credentials and insurance for platform onboarding and ongoing compliance.
  • Support: support and issue resolution (messages you send us).
  • Safety: safety, fraud prevention, and enforcement of our Terms of Service.
  • Tax Reporting: tax reporting compliance (1099-K filing through Stripe).

3. Sharing Your Data

  • Providers: only what is necessary to fulfill a job (address, job details, contact information as required).
  • Payment processing: Stripe for payment processing, payouts, and tax reporting.
  • Legal/Safety: if required by law, court order, or governmental regulation, or to protect the rights, property, or safety of Plumbr, its users, or the public.
  • No mobile information will be shared with third parties or affiliates for marketing or promotional purposes. All the above categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.
  • Business Entity Teams: If you operate within a Team under a registered business entity, your job statuses, approximate location, online/offline status, service performance metrics, and dispute records may be visible to the entity's designated Team Manager for operational coordination. All earnings from team-assigned services are routed to the business entity's connected payment account.

4. Storage & Retention

  • Data is stored on secure, encrypted cloud servers compliant with industry standards.
  • Payment methods and financial data are stored and processed by Stripe in accordance with PCI DSS Level 1 standards.
  • Retention periods: We retain data as long as reasonably necessary for service delivery, legal, and accounting obligations:
    • Account data: retained for the duration of your account, plus a reasonable period after deletion for legal/financial obligations.
    • Financial and tax records: retained for a minimum of seven (7) years as required by IRS regulations.
    • Provider license and insurance records: retained for a minimum of five (5) years for state regulatory compliance.
    • Dispute and support records: retained for three (3) years for legal defense and audit purposes.
  • You may request deletion of your account at any time through the app Settings.

5. Security

  • Industry-standard transport encryption (HTTPS/TLS) for all data in transit.
  • Access controls and role-based permissions for administrative tools.
  • OTP verification codes are stored using bcrypt hashing; plaintext codes are never retained.
  • Private storage buckets with signed URLs for sensitive documents (licenses, insurance).
  • No system can guarantee absolute security. We employ commercially reasonable measures to protect your data, but cannot guarantee that unauthorized access will never occur.

6. Your Choices & Account Deletion

  • Notifications: manage in-app toggles and device settings.
  • Saved addresses: add, edit, and delete; set one as default.
  • Order history: active orders can be cancelled (fees may apply per our Terms); completed and cancelled orders can be deleted from your view.
  • Support messages: you can contact us through Help & Support; messages are securely retained for reference.
  • Account deletion: You may request to delete your account and all associated personal data at any time.
    • In-App: Available in Settings -> Account -> Delete Account.
    • Via Web/Email: If you have uninstalled the app or cannot access your account, please email your request along with your registered phone number to [email protected]. We will process your request within 48 hours.
    Deletes your account and personal data, subject to the retention periods described in Section 4 (e.g., transaction records for tax compliance).

7. Children

The Service is not intended for users under 18 years of age. We do not knowingly collect personal information from children under 18.

8. California Privacy Rights (CCPA)

  • If you are a California resident, you have the right to: (a) know what personal information we collect about you; (b) request deletion of your personal information; (c) opt out of the sale of your personal information (Plumbr does not sell personal information); and (d) not be discriminated against for exercising your privacy rights.
  • To exercise these rights, contact us through the in-app Help & Support feature or email [email protected].

9. Changes to This Policy

We may update this Privacy Policy from time to time. Updated versions will be posted within the app with a revised "Last updated" date. Your continued use of the Service after the posting of changes constitutes your acceptance of such changes.

10. Contact

For privacy questions or support:

Plumbr Inc.
30 N Gould St Ste N
Sheridan, WY 82801