Privacy Policy

Effective Date: February 25, 2026

Opsite Solutions LLC ("Opsite," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our construction project management platform at useopsite.com and related services (the "Service").

By using our Service, you consent to the data practices described in this Privacy Policy. If you do not agree with the practices described in this Privacy Policy, please do not use the Service.

1. Information We Collect

1.1 Information You Provide to Us

We collect information you provide directly, including:

  • Account Information: Name, email address, phone number, password, and profile information
  • Business Information: Company name, business address, contractor license numbers, tax ID/EIN
  • Financial Information: Bank account details for payment processing, credit card information (processed by our payment providers)
  • Project Data: Job details, client information, contracts, invoices, purchase orders, change orders, and financial records
  • Documents: Files you upload including photos, permits, contracts, plans, and other construction documents
  • Communications: Messages you send through the Service, support requests, and feedback
  • Biometric Information: If you use facial recognition or fingerprint authentication features on your device to access the Service, we may process biometric identifiers solely for authentication purposes. We do not store raw biometric data.
  • Audio/Visual Data: Voice recordings if you interact with voice-enabled features, and photographs or video you upload as project documentation
  • Referral Data: If you refer another contractor to Opsite, we collect the name and contact information you provide for the purpose of sending the referral invitation only

1.2 Information Collected Automatically

When you use the Service, we automatically collect:

  • Usage Data: Features used, pages viewed, actions taken, time spent on pages
  • Device Information: IP address, browser type and version, operating system, device identifiers
  • Location Data: General location based on IP address; precise location only with your permission for map features
  • Log Data: Access times, error logs, referring URLs
  • Cookies and Tracking Technologies: See our Cookie Policy for details

1.3 Information from Third Parties

We may receive information from third-party services you connect:

  • QuickBooks: Customer information, invoice status, payment information
  • Google: Calendar events, contacts (with your permission), authentication data
  • Identity Providers: Authentication information when you sign in with Google or other providers

Google API Services User Data Policy

Opsite's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Data we access from Google: When you sign in with Google, we receive your name and email address. If you connect Google Calendar, we access your calendar events to display them within Opsite.

How we use Google data: Google user data is used solely to authenticate your identity and provide Opsite's core functionality (account creation, login, and calendar integration). We do not use Google data for advertising, marketing, analytics, AI model training, or any purpose beyond operating and providing the Service to you.

Sharing: We do not share Google user data with third parties except as necessary to provide the Service (e.g., storing your account in our database). We do not sell Google user data.

Storage and deletion: Google authentication data is stored only for as long as your account is active. You may revoke Opsite's access to your Google data at any time through your Google Account permissions.

2. How We Use Your Information

We use your information for the following purposes:

2.1 Provide and Operate the Service

  • Create and manage your account
  • Process transactions and send related information
  • Enable project management, invoicing, and financial tracking features
  • Facilitate integrations with third-party services
  • Generate reports and analytics for your business

2.2 Improve and Develop the Service

  • Analyze usage patterns to improve functionality
  • Develop new features and services
  • Train and improve our AI features (using anonymized/aggregated data)
  • Conduct research and analytics

2.3 Communicate with You

  • Send service-related notices and updates
  • Respond to your inquiries and support requests
  • Send marketing communications (with your consent)
  • Notify you of changes to our policies

2.4 Security and Legal Compliance

  • Detect and prevent fraud, abuse, and security incidents
  • Enforce our Terms of Service
  • Comply with legal obligations
  • Protect our rights and the rights of others

2.5 AI-Specific Processing

Our AI features (including the Lino assistant, document categorization, smart scheduling, and automated recommendations) process your data in real-time to provide personalized assistance. Specifically:

  • Your project data, communications, and documents may be sent to our AI service provider (currently Anthropic) for real-time processing via API
  • We implement retrieval-augmented generation (RAG) using vector embeddings of your data to provide contextually relevant responses
  • AI-generated outputs (proposals, summaries, recommendations) are based on your data and our proprietary prompt engineering
  • We do not use your individual data to train or fine-tune general-purpose AI models
  • You may opt out of AI features at any time through your account settings, though this may limit certain Service functionality

3. Legal Basis for Processing (GDPR)

If you are in the European Economic Area (EEA), UK, or Switzerland, we process your personal data based on:

  • Contract Performance: Processing necessary to provide the Service you requested
  • Legitimate Interests: Processing for our legitimate business interests (improving the Service, security, fraud prevention) where not overridden by your rights
  • Legal Obligation: Processing required to comply with applicable laws
  • Consent: Processing based on your explicit consent (e.g., marketing communications)

4. How We Share Your Information

We do not sell your personal information. We only share your information in the following circumstances:

4.1 Service Providers

We share information with third-party vendors who help us operate the Service, including:

  • Cloud Infrastructure: Vercel (hosting), Supabase (database)
  • Payment Processing: Stripe (payment processing)
  • AI Services: Anthropic (AI features)
  • Email Services: For transactional and marketing emails
  • Analytics: For understanding Service usage

4.2 Third-Party Integrations

When you connect integrations like QuickBooks or Google, we share data necessary to provide those features, as authorized by you.

4.3 With Your Consent

We may share information with your consent, such as when you share project access with clients or team members.

4.4 Legal Requirements

We may disclose information if required by law, subpoena, court order, or government request, or to protect our rights, safety, or property.

4.5 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred. We will notify you of any such change.

4.6 Subprocessor List

We maintain a current list of subprocessors who process personal data on our behalf. As of the effective date, our subprocessors include:

  • Vercel — Hosting and CDN
  • Supabase — Database and authentication
  • Anthropic — AI processing
  • Stripe — Payment processing
  • Upstash — Vector storage and caching
  • Transactional email provider — Email delivery

A complete and updated list is available upon request at privacy@useopsite.com. We will notify users of material changes to our subprocessor list at least thirty (30) days in advance.

5. Data Security

We implement industry-standard security measures to protect your data:

  • Encryption: Data is encrypted in transit (TLS 1.2+) and at rest
  • Access Controls: Role-based access with multi-factor authentication
  • Regular Audits: Security assessments and vulnerability testing
  • Employee Training: Security awareness training for all employees
  • Incident Response: Procedures for detecting and responding to security incidents

While we strive to protect your data, no method of transmission over the Internet or electronic storage is 100% secure. See our Security page for more details.

Breach Notification

In the event of a data breach affecting your personal information, we will notify affected users via email and in-app notification without undue delay and no later than seventy-two (72) hours after confirmation. Where required by law, we will also notify relevant supervisory authorities. Breach notifications will include the nature of the breach, categories of data affected, our contact information, and steps taken to address the breach.

6. Data Retention

We retain your information for as long as necessary to provide the Service and fulfill the purposes described in this Privacy Policy:

  • Active Accounts: Data is retained while your account is active
  • After Termination: We retain data for 30 days to allow data export, then delete it
  • Legal Requirements: We may retain certain data longer if required by law (e.g., tax records for 7 years)
  • Anonymized Data: Aggregated, anonymized data may be retained indefinitely for analytics

7. Your Privacy Rights

7.1 All Users

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Export your data
  • Delete your account and data
  • Opt out of marketing communications

7.2 European Users (GDPR)

If you are in the EEA, UK, or Switzerland, you also have the right to:

  • Data portability (receive your data in a structured format)
  • Restrict processing in certain circumstances
  • Object to processing based on legitimate interests
  • Withdraw consent at any time
  • Lodge a complaint with a supervisory authority

7.3 California Residents (CCPA/CPRA)

If you are a California resident, you have the right to:

  • Know what personal information we collect and how it's used
  • Request deletion of your personal information
  • Opt out of the sale or sharing of personal information (we do not sell your data)
  • Non-discrimination for exercising your rights
  • Correct inaccurate personal information
  • Limit use of sensitive personal information

To exercise your rights, contact us:

Email: privacy@useopsite.com

We will respond within 30 days (or 45 days for complex requests).

8. International Data Transfers

We are based in the United States and process data in the U.S. If you are accessing the Service from outside the U.S., your information will be transferred to, stored, and processed in the U.S.

For transfers from the EEA, UK, or Switzerland, we rely on Standard Contractual Clauses approved by the European Commission and implement additional safeguards as necessary.

9. Children's Privacy

The Service is not intended for children under 18 years of age. We do not knowingly collect personal information from children. If we learn we have collected information from a child, we will delete it. If you believe we have collected information from a child, please contact us at privacy@useopsite.com.

10. Third-Party Links

The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal information.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the revised policy on this page and updating the "Last Updated" date. For significant changes, we may also send you a notification via email or through the Service. Your continued use of the Service after changes become effective constitutes acceptance of the revised policy.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

Opsite Solutions LLC

Privacy Inquiries: privacy@useopsite.com

General Support: support@useopsite.com

Website: https://useopsite.com

13. Additional Disclosures

13.1 Categories of Personal Information (CCPA)

In the past 12 months, we have collected the following categories of personal information:

CategoryExamplesCollected
IdentifiersName, email, IP addressYes
Commercial InformationTransaction history, invoicesYes
Internet ActivityBrowsing history, interactionsYes
Geolocation DataGeneral location from IPYes
Professional InformationCompany name, license infoYes
InferencesPreferences based on usageYes

13.2 Do Not Track

We do not currently respond to "Do Not Track" browser signals. You can manage cookies through your browser settings or our cookie consent tool.

14. AI Transparency and Automated Decision-Making

14.1 Automated Processing

We use AI and automated systems to provide features such as: document categorization, project recommendations, financial forecasting, automated communications, and the Lino AI assistant. These systems assist your decision-making but do not make legally significant decisions about you without human oversight.

14.2 Your Rights Regarding AI

You have the right to:

  • Know when you are interacting with an AI system
  • Request human review of any AI-generated recommendation or output
  • Opt out of AI-powered features through your account settings
  • Request an explanation of how AI features process your data

14.3 AI Accuracy

While we strive for accuracy, AI-generated outputs (including financial calculations, scheduling recommendations, and document analysis) may contain errors. You are responsible for reviewing and verifying all AI-generated outputs before acting on them. Opsite is not liable for decisions made based on AI-generated content.

Back to Opsite|Terms of Service|Cookie Policy|Security