Legal

For account-owner data, billing/contact data, and our own website/app operations, FieldRobin generally acts as the controller.

For customer, lead, job, invoice, review, message, and similar business records that our service-business customers upload or generate in the product, FieldRobin generally acts as a processor or service provider on behalf of that account holder. That business is responsible for its own notices, lawful bases, consents, and instructions for those records.

Website: https://fieldrobin.com
Support and privacy requests: [email protected]

Account data: name, email, login details, business profile information.

Security and access data: password hashes, session/token metadata, MFA enrollment/confirmation metadata, login attempt controls, and audited admin-support access events.

Business records: customers, leads, jobs, quotes, invoices, notes, reminders, and related workflow status.

Review and reputation data: review request settings, outbound message content, delivery channel (SMS, email, or both), send and follow-up timestamps, link click events, manually logged reviews, and—when you connect Google Business Profile—Google account identifiers, selected location metadata, synced public reviews, and replies you post through FieldRobin.

Communications data: support messages and service notifications.

Technical and usage data: device/app/browser metadata, log events, diagnostics, and feature interactions.

AI workflow data: prompt context, model outputs, and approval/rejection actions needed to provide AI-assisted features safely.

FieldRobin uses first-party cookies and similar storage to keep you signed in, remember app state, apply locale/theme preferences, and protect sessions.

Examples include an HttpOnly authentication cookie used by the API, a session marker cookie used to validate whether a browser session is still active, and preference cookies for locale or UI theme. We may also use local storage for non-sensitive UI preferences. These technologies are used for product operation, reliability, and security rather than to let you store raw API bearer tokens in readable browser storage.

Depending on features you use, mobile apps may request camera, microphone, photo library, notifications, or similar permissions.

We use data to provide and secure the Service, process subscriptions, sync your account across devices, run requested automations (including review requests and follow-ups you configure), improve reliability, detect abuse, provide support, and meet legal obligations.

When you use review request features, FieldRobin processes customer contact details and message content you provide or generate so messages can be delivered on your behalf. We record delivery status, timestamps, and link engagement to help you operate follow-ups responsibly.

You are responsible for having a lawful basis and any required consent before contacting customers by SMS or email, including automated review requests and follow-ups. Do not upload or message contacts who have opted out or asked not to be contacted.

SMS programs may support standard opt-out and help keywords (for example STOP and HELP) where configured. Quiet-hour settings in your workspace are applied to reduce off-hours sends when enabled.

If you request help from FieldRobin support, authorized platform personnel may need temporary access to your account to diagnose or resolve issues.

Where support impersonation is enabled internally, FieldRobin uses short-lived, audited support sessions with explicit reason capture, separate restore controls, admin MFA requirements, and restrictions against impersonating privileged platform-operator accounts. We use these sessions to provide support, security review, abuse response, or account recovery assistance and log them for audit and security purposes.

Google Business Profile access is optional and requires your explicit OAuth authorization. FieldRobin only accesses Google Business Profile businesses and locations you are authorized to manage, and only to support GBP features (location selection, review sync, and publishing/deleting replies you approve).

While connected, we store encrypted OAuth tokens, selected Google account/location resource identifiers, token status, sync timestamps, imported review records, optional notification subscription metadata, and audit events needed to operate the integration.

If you disconnect, FieldRobin revokes tokens where possible, deletes stored access/refresh tokens, marks the integration disconnected, disables future sync, and blocks future Google API calls for that connection. FieldRobin also disables and clears stored Google notification subscription state for that connection. By default, FieldRobin purges raw imported Google review content (for example review text, reviewer names, and direct review URLs) and retains only minimal metadata needed for operations and audit (for example internal IDs, Google resource identifiers when needed, aggregate-compatible rating records, sync/disconnect timestamps, and non-sensitive audit events). You may choose a stronger disconnect option that deletes imported Google review rows.

We process personal data under one or more of: contract performance, legitimate interests, legal obligations, and consent where required (including marketing or outreach where applicable law requires opt-in consent).

AI features may process selected business record content to generate drafts, summaries, and recommendations. Outputs should be reviewed before customer-facing use, including suggested review replies. Google review text may be processed for AI reply drafting when you use those features. FieldRobin does not use your customer content to train third-party foundation models unless explicitly stated otherwise in a future update.

Some AI capture features also support configurable retention windows or transcript/audio purge actions so account holders can reduce how long certain source artifacts remain in product systems.

We do not sell personal information. We may share data with service providers under contractual safeguards (for example hosting/storage, email delivery, SMS delivery, payment processing, AI/model providers, fraud/security tooling, and Google APIs when you connect Google Business Profile) and disclose data when legally required.

We retain data as needed to provide the Service and for legal/business purposes. Review request logs and engagement events are retained for operational and compliance needs unless deleted earlier through account actions or support requests. AI chat history is retained until you delete it or until the configured workspace retention period expires. Operational logs are typically retained up to 12 months. Certain security, billing, tax, dispute, fraud, and audit records may be retained longer where required or reasonably necessary.

We use reasonable technical and organizational safeguards, including encryption in transit, encrypted storage for sensitive integration tokens, access controls, login abuse protections, session revocation, and MFA support for privileged platform users. No method of transmission or storage is perfectly secure.

Depending on your location, you may request access, correction, deletion, portability, or restriction/object to processing. End customers who receive messages from your business should contact you first; we will assist account holders with lawful requests about data processed on their behalf.

You may delete your account from authenticated settings/API or by contacting support. On account deletion, FieldRobin deletes product data tied to that account, including Google Business Profile OAuth credentials, connection settings, account/location mappings, imported reviews, replies stored in-product, GBP sync state, and related tenant records. We retain only records strictly required for legal, tax, fraud, security, or billing compliance where applicable.

California: we do not sell/share personal information for cross-context behavioral advertising as defined by applicable California law. EEA/UK: you may lodge complaints with supervisory authorities.

The Service is not directed to children under 13 (or higher where required).

Data may be processed in countries other than where you live with required safeguards.

We may update this policy periodically and will post a new effective date on fieldrobin.com.

Privacy questions: [email protected]