Privacy Policy

    Updated: October 14, 2024

    Introduction

    At Pool Pro, we take your privacy seriously and are committed to protecting the personal information you provide when using our platform. This Privacy Policy outlines the types of personal information we collect, how we use and protect it, and your rights regarding your data.

    Gathering of Personal Information

    We currently do not collect personal data from visitors to our site outside of what is gathered through Google Analytics 4, which provides anonymous insights into site usage. However, once you sign up for Pool Pro or download our app on your phone, we will collect personal information necessary to provide our services. This may include:

    • • Name
    • • Email address
    • • Contact information
    • • Business details (for pool service professionals)
    • • Service preferences and records

    Once you download our app, Pool Pro, we may also require access to certain functionalities on your phone, such as location, camera, and photos, to enhance your experience. We will always ask for your explicit consent before accessing any personal identifiable information through these features.

    Use of Personal Information

    We collect and use your personal information only for the purposes of providing and improving our services, including:

    • • Managing your account
    • • Providing customer support
    • • Enhancing our platform based on usage analytics
    • • Communicating with you about updates, offers, or new features
    • • Monitoring usage patterns to improve website functionality and user experience

    Note: We do not share your personal data with advertisers or third-party marketing services.

    Advertising Practices

    While we do not currently run advertisements, we may introduce advertising features in the future. However, we will never share or sell your personal information to advertisers. Our advertising will be based on site interactions and aggregated, anonymous data, in accordance with applicable laws. If advertising partners are used in the future, we will update this policy and provide notice before any significant changes.

    Analytics, Advertising, and Cookies

    We use Google Analytics 4 to understand how visitors interact with our website. Google Analytics collects information such as:

    • • Pages visited
    • • Duration of visit
    • • Browser type
    • • IP address (anonymized)

    This data is aggregated and does not identify individual users. Google Analytics uses cookies to track this information. You can disable cookies through your browser settings, though doing so may affect the functionality of our site.

    For more information about how Google collects and processes data, please visit Google's Privacy Policy.

    We also use the Meta Pixel (Facebook) to measure the effectiveness of our advertising and to show relevant ads to people who have visited our site. The Meta Pixel may collect information about your browser, device, and actions taken on our site (such as page views and sign-ups). This information is shared with Meta Platforms, Inc. You can learn more or opt out of Meta's ad targeting at Meta's Privacy Policy or via Your Online Choices.

    Protection of Personal Information

    We prioritize the security of your personal data and employ industry-standard measures to protect it from unauthorized access, alteration, or disclosure. This includes:

    • • Secure Sockets Layer (SSL) encryption
    • • Regular security audits and updates
    • • Restricted access to personal data
    • • Ongoing employee training on data privacy and security

    In the event of a data breach, we will notify affected users promptly and in compliance with applicable laws.

    Sub-Processors

    Pool Pro relies on the following third-party sub-processors to deliver the service. Each is bound by a Data Processing Agreement and handles only the data necessary for the listed purpose. Personal data may be transferred to these processors' data centers, primarily in the United States.

    • Supabase, Inc. (United States) — primary database, authentication, file storage, and serverless functions. All Pool Pro tenant data lives here.
    • Stripe, Inc. (United States) — payment processing, subscription billing, and Connect payouts. Stores card numbers, billing addresses, and invoice records.
    • Resend, Inc. (United States) — transactional and marketing email delivery. Receives recipient email + message content.
    • Twilio, Inc. (United States) — SMS delivery for service notifications. Receives recipient phone + message body.
    • SendBird, Inc. (United States / South Korea) — chat infrastructure between admins, employees, and customers. Stores chat messages outside Supabase.
    • OpenAI, L.L.C. (United States) — powers the optional AI Assistant. When the AI feature is enabled, your prompts and the assistant's replies are sent to OpenAI and may be retained by them for up to 30 days for abuse monitoring per their API data usage policy. We do not send your data for model training.
    • Amazon Web Services, Inc. (United States) — AWS Location Service powers route optimization. Receives customer addresses and pool coordinates only when route planning is run.
    • Vercel / AWS Amplify (United States) — static frontend hosting + CDN. Receives standard web request metadata (IP, user-agent, request path).

    The current sub-processor list is also published at /security-policy. We'll give you 30 days' notice via email or in-app banner before adding any new sub-processor that handles personal data.

    Data Location & Transfers

    Pool Pro's primary database and file storage are hosted in the United States. If you access Pool Pro from outside the US, your personal data is transferred to and processed in the US. We rely on Standard Contractual Clauses (SCCs) and the EU–US Data Privacy Framework with our sub-processors where applicable for cross-border transfers.

    Data Retention

    We retain personal data for as long as necessary to provide our services and meet legal or regulatory obligations. Specific retention windows by category:

    • Customer profile + service history: retained for the lifetime of your account, plus 30 days after deletion (recovery window).
    • Financial records (payments, invoices, ledger entries): 7 years to satisfy tax / accounting obligations; the customer's personal identifiers are anonymized on erasure request, but financial amounts and aggregate ledger entries are kept.
    • Audit log: 2 years for SOC 2 + general security investigations.
    • Notification events / in-app messages: 90 days.
    • Edge function + server logs: 30 days, scrubbed of PII at write-time where possible.
    • Chat history (SendBird): retained per the connected business's settings; deleted within 24 hours of an erasure request.

    You may request the deletion of your personal data at any time. See the Your Rights section below.

    Your Rights

    You have the following rights regarding your personal information:

    • Right to Access: You can request a copy of your personal information that we hold.
    • Right to Rectification: You can request that we correct any inaccurate or incomplete information.
    • Right to Erasure: You can request that we delete your personal data, subject to legal limitations.
    • Right to Restrict Processing: You can ask us to stop processing your personal data under certain circumstances.
    • Right to Object: You have the right to object to our processing of your data for direct marketing purposes.
    • Right to Data Portability: You can request a copy of your data in a structured, machine-readable format.

    To exercise any of these rights, please contact us via our Contact Page or email security@pool-pro.app.

    Self-service options. If you have an active Pool Pro account, you can also exercise these rights directly:

    • Download your data (Article 20 portability) via Settings → Data Export — produces a machine-readable JSON archive of everything we hold about you.
    • Delete your data (Article 17 erasure) via the Delete Account flow in Settings — anonymizes your personal identifiers across our systems and deletes your sign-in credentials.

    We respond to written requests within 30 days. There is no charge for routine requests.

    AI Assistant

    Pool Pro offers an optional AI Assistant that helps technicians with chemistry calculations and troubleshooting. When enabled by your business's administrator, your conversations with the assistant are processed by OpenAI under their API data usage policy. By default, OpenAI does not use API data to train models, but they retain it for up to 30 days for abuse monitoring.

    AI-generated responses are advisory only. Always verify critical numbers (chemical dosages, dollar amounts, safety advice) before acting on them. Pool Pro is not liable for actions taken solely on the basis of AI output.

    Security

    We follow industry best practices including TLS encryption in transit, encryption at rest for all primary databases, mandatory two-factor authentication for administrators, append-only audit logs for high-impact actions, and field-level encryption for highly sensitive data (such as gate codes). For full details, see our Security Policy. To report a vulnerability, email security@pool-pro.app.

    Third-Party Links

    Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of those websites. Please review their privacy policies separately.

    Privacy Policy Changes

    We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. Any changes will be posted on this page, and if significant changes are made, we will notify you by email or through a notice on our website.

    Contact Us

    If you have any questions or concerns about this Privacy Policy, or if you wish to exercise your data rights, please contact us at:

    • • Contact us via our Contact Page
    • • Business Information: Batson Ventures LLC DBA Pool Pro, Riverside County, California, United States