Our Privacy Policy

Last Updated on June 4th, 2026

1. INTRODUCTION

SiteWeave ("we," "our," or "us") operates all SiteWeave applications (the "Service") including the mobile application (iOS and Android), web application, and/or desktop application. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. By using the Service, you consent to the data practices described in this policy.


2. INFORMATION WE COLLECT

2.1 Personal Information

We collect information that you provide directly to us, including:

  • Name and email address

  • Authentication credentials (via Google OAuth, Microsoft OAuth, or email/password)

  • Phone numbers (if provided)

  • Company and role information

  • Profile photos or avatars


2.2 Project and Work Data

We collect and store:

  • Project details, names, addresses, and descriptions

  • Task assignments, descriptions, priorities, and due dates

  • Field issues, status updates, and workflow information

  • Calendar events, meetings, and scheduled activities

  • Messages and communications within projects

  • Files, documents, and photos uploaded to projects

  • Activity logs and usage data


2.3 Automatically Collected Information

  • Device information (device type, operating system)

  • Usage patterns and app interactions

  • IP address and location data (if applicable)

  • Authentication tokens and session information


3. HOW WE USE YOUR INFORMATION

We use the collected information for the following purposes:

  • To provide, maintain, and improve the Service

  • To enable project management and team collaboration features

  • To send task assignments, notifications, and email updates

  • To send transactional SMS (only after you confirm by replying YES as described in Section 16), such as task reminders, assignment notices, and project invites

  • To facilitate communication between team members

  • To manage calendar events and scheduling

  • To authenticate users and manage access control

  • To enforce role-based permissions and security

  • To respond to your inquiries and provide customer support

  • To detect, prevent, and address technical issues

  • To comply with legal obligations


4. DATA STORAGE AND SECURITY

Your data is stored securely using Supabase, a cloud database and authentication service. We implement industry-standard security measures including:

  • Encrypted data transmission (TLS/SSL)

  • Secure authentication via OAuth providers

  • Role-based access control (RLS)

  • Regular security updates and monitoring

  • Secure password hashing

  • Access logging and audit trails

While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.


5. THIRD-PARTY SERVICES

We use the following third-party services that may collect, process, or store your information:

5.1 Supabase

  • Provides backend database, authentication, and storage services

  • Privacy Policy: https://supabase.com/privacy

  • Data is stored in secure cloud infrastructure

5.2 Google OAuth

  • Used for Google account authentication

  • Privacy Policy: https://policies.google.com/privacy

  • Google may collect information as described in their privacy policy

5.3 Microsoft OAuth

  • Used for Microsoft account authentication

  • Privacy Policy: https://privacy.microsoft.com/privacystatement

  • Microsoft may collect information as described in their privacy policy

5.4 Email Services

  • We may use email service providers (such as Resend) to send notifications

  • These services process email addresses and message content

5.5 SMS Services (Twilio)

  • We use Twilio to deliver transactional text messages to phone numbers you or your organization provide. Twilio processes phone numbers, message content, and delivery metadata as our service provider.

  • Privacy Policy: https://www.twilio.com/legal/privacy

  • We configure inbound handling for standard keywords including HELP and STOP (and equivalents such as STOPALL or UNSUBSCRIBE)


6. DATA SHARING AND DISCLOSURE

6.1 Within the Service

Your data is shared with:

  • Other team members assigned to the same projects

  • Project managers overseeing your assigned projects

  • Administrators with appropriate access levels

6.2 Third-Party Sharing

We do not sell, rent, or trade your personal information to third parties for marketing purposes. We may share your information only in the following circumstances:

  • With service providers who assist in operating the Service (under confidentiality agreements)

  • When required by law or legal process

  • To protect our rights, property, or safety, or that of our users

  • In connection with a merger, acquisition, or sale of assets (with notice to users)


7. YOUR RIGHTS AND CHOICES

Depending on your location, you may have the following rights:

7.1 Access and Portability

  • Request access to your personal data

  • Receive a copy of your data in a portable format

7.2 Correction and Deletion

  • Request correction of inaccurate information

  • Request deletion of your personal data

  • Delete your account and associated data

7.3 Opt-Out and Restriction

  • Opt out of certain data processing activities

  • Request restriction of processing

  • Withdraw consent where processing is based on consent

7.4 Objection

  • Object to processing of your personal data

  • Object to automated decision-making

7.5 SMS Choices

  • Opt-in: We send substantive project SMS only after you reply YES (optionally with a short confirmation code) to our initial consent message.

  • Opt-out: Reply STOP at any time to stop receiving SiteWeave SMS from our number. You may receive a one-time confirmation that you are unsubscribed.

  • Help: Reply HELP for program instructions and links to these policies.

To exercise privacy rights, contact us at support@siteweave.org. We will respond within 30 days. You may also have the right to lodge a complaint with your local data protection authority.


8. DATA RETENTION

We retain your personal information for as long as:

  • Your account is active

  • Necessary to provide the Service

  • Required by law or legal obligations

  • Necessary for legitimate business purposes

When you delete your account, we will delete or anonymize your personal information, except where we are required to retain it by law or for legitimate business purposes.


9. CHILDREN'S PRIVACY

The Service is not intended for users under the age of 13 (or 16 in the European Union). We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately, and we will delete such information.


10. INTERNATIONAL DATA TRANSFERS

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. By using the Service, you consent to the transfer of your information to these countries. We take appropriate safeguards to ensure your data is protected in accordance with this Privacy Policy.


11. CALIFORNIA PRIVACY RIGHTS (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information is collected

  • Right to know if personal information is sold or disclosed

  • Right to opt-out of the sale of personal information (we do not sell personal information)

  • Right to non-discrimination for exercising your privacy rights


12. EUROPEAN PRIVACY RIGHTS (GDPR)

If you are located in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR), including the rights listed in Section 7 above. Our legal basis for processing includes:

  • Performance of a contract (providing the Service)

  • Legitimate interests (improving the Service, security)

  • Consent (where applicable)

  • Legal obligations


13. COOKIES AND TRACKING

The Service may use cookies and similar tracking technologies. You can control cookie preferences through your device settings, though this may affect Service functionality.



14. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  • Posting the updated policy on this page

  • Updating the "Last Updated" date

  • Sending an email notification (for significant changes)

  • Displaying a notice in the app

Your continued use of the Service after changes constitutes acceptance of the updated policy.


15. CONTACT US

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Email: support@siteweave.org


18. SMS / TEXT MESSAGING PROGRAM

This section describes our transactional SMS program for construction project teams. Messages may be sent from a SiteWeave toll-free or other approved SMS number through Twilio.

18.1 What We Send

After you confirm opt-in, you may receive low-volume, event-driven texts related to your assigned work, such as:

  • Task due-date reminders

  • Task or project assignment notices

  • Links to open a project or task in SiteWeave

We do not send promotional blast campaigns or unrelated marketing texts through this program.

18.2 How Consent Works

Primary path — web consent (no app required):

  1. A project administrator adds your mobile number in SiteWeave and generates a shareable consent link (or QR code).

  2. You open the link on your phone browser, review the program disclosure, and check a box to agree to receive project-related SMS from that organization via SiteWeave.

  3. Until you submit that form, we do not send substantive project SMS to your number.

Alternate path — reply YES to a text:

  1. A project administrator may instead trigger a one-time opt-in text from SiteWeave.

  2. The message explains the program, carrier charges, HELP/STOP instructions, and links to our legal policies. Example: “{Organization} via (SiteWeave): Welcome! Reply YES {code} to confirm receiving project task SMS alerts. Msg&data rates may apply. HELP/STOP anytime. Terms/Privacy: www.siteweave.org/legal”

  3. You must reply YES (and may include a short verification code from the message) to confirm.

In both cases, consent is recorded before any substantive project SMS is sent.

18.3 Message Frequency and Charges

Message frequency varies based on project activity (typically occasional, not on a fixed schedule). Message and data rates may apply according to your mobile carrier plan.

18.4 Opt-Out and Help

  • Reply STOP to cancel all SiteWeave SMS to your number.

  • Reply HELP for instructions and policy links.

  • You can also contact support@siteweave.org.

18.5 Administrator Responsibilities

Organizations using SiteWeave should enter phone numbers only for individuals who expect project-related texts, and should direct assignees to reply YES when they receive the consent message.