Privacy Policy
Effective Date: February 22, 2026 Last Updated: February 22, 2026 Entity: Snapline LLC
Snapline LLC ("Snapline," "we," "us") operates the Snapline platform at snaplineops.com. This Privacy Policy explains what data we collect, how we use it, who we share it with, and your rights.
We write this in plain English because you shouldn't need a law degree to understand how your data is handled.
Who This Policy Covers
- Contractors — businesses and individuals who create Snapline accounts to manage jobs
- Customers — homeowners and other end-clients who interact with jobs via public snapline pages (snaplineops.com/job/...)
What Data We Collect
Contractor Account Data
When you create a Snapline account, we collect:
| Data | Purpose |
|---|---|
| Name (first and last) | Display in the app, emails to your customers |
| Email address | Login, notifications, billing communications |
| Phone number (optional) | Display on job pages for customer contact |
| Password (hashed) | Account authentication — stored as a one-way hash, never in plain text |
| Organization name | Multi-tenant data isolation, display on job pages |
| Organization address (optional) | Display on quotes and invoices |
| Organization phone (optional) | Display on job pages |
Customer Data (Entered by Contractors)
When a contractor creates a job, they may enter:
| Data | Purpose |
|---|---|
| Customer name | Job identification, communication |
| Customer email (optional) | Email notifications (quote sent, invoice, reminders) |
| Customer phone (optional) | Display on job page for contractor reference |
| Customer address (optional) | Job location, scheduling |
Customer Data (Collected Automatically)
When a customer visits a public job page or verifies their email:
| Data | Purpose |
|---|---|
| IP address | Security, fraud prevention, consent logging |
| User agent string | Security, device identification for sessions |
| Email verification code (temporary) | Passwordless authentication — deleted after verification |
Job and Transaction Data
| Data | Purpose |
|---|---|
| Job details (description, notes, status) | Core service operation |
| Photos | Job documentation, optional AI analysis |
| Quotes and invoices | Billing between contractor and customer |
| Payment status and Stripe IDs | Payment tracking (we never store credit card numbers) |
| Payment method last 4 digits | Display on invoice receipts |
| Timeline events | Activity history on each job |
Usage Data
| Data | Purpose |
|---|---|
| AI request counts | Enforcing plan quotas |
| Subscription status and plan tier | Billing and access control |
| Push notification subscriptions | Delivering web push notifications you opted into |
How We Use Your Data
We use collected data to:
- Operate the service — create jobs, send notifications, process workflows
- Process payments — subscription billing via Stripe Billing; contractor payments via Stripe Connect
- Send email — transactional emails (quote sent, appointment reminders, payment received) via AWS SES
- Deliver push notifications — via the Web Push protocol with VAPID keys (browser opt-in required)
- Provide AI features — photo analysis and text polish via Anthropic's Claude API (see "AI Data Processing" below)
- Prevent abuse — rate limiting, fraud detection, enforcing our Acceptable Use Policy
- Improve the service — aggregate, anonymized usage metrics (never individual tracking)
AI Data Processing
Snapline offers optional AI features powered by Anthropic's Claude API:
- Photo analysis — identifies hazards, estimates equipment age, provides scope context
- Text polish — improves the tone and clarity of notes, quotes, and invoices
When you use these features: - Your photos or text are sent to Anthropic's API for processing - Anthropic processes the data ephemerally — it is not stored after the request completes - Anthropic does not use API customer data to train its models (per their API terms) - AI output is always a suggestion — you review and edit before it's shared with customers - You can disable AI features entirely in your account settings
Third-Party Data Sharing
We share data only with the subprocessors necessary to operate the service. We do not sell, rent, or trade your data to anyone.
See our Subprocessor List for the complete list of third-party services and what data each processes.
Summary of subprocessors:
| Provider | Purpose |
|---|---|
| Stripe | Payment processing (billing and Connect) |
| AWS EC2 | Application hosting and database |
| AWS S3 | Photo storage |
| AWS SES | Email delivery |
| Anthropic | AI features (ephemeral processing) |
What We Do NOT Do
- We do not sell your data. Not to advertisers, data brokers, or anyone else.
- We do not use tracking cookies. No Google Analytics, no Facebook Pixel, no advertising networks.
- We do not train AI on your photos or data. Neither Snapline nor Anthropic uses your data for model training.
- We do not send SMS. All notifications are via email and web push (opt-in).
- We do not share data with third parties beyond the subprocessors listed above.
Payment Data
Snapline uses Stripe for all payment processing.
- Credit card numbers, CVV codes, and expiration dates never touch Snapline's servers. Payment information is collected directly by Stripe via Stripe.js on Stripe-hosted pages.
- Snapline stores only: Stripe customer IDs, payment intent IDs, payment status, amounts, and the last 4 digits of the payment method (for display on receipts).
- Snapline qualifies for PCI SAQ-A, the simplest PCI compliance level, because we fully outsource payment handling to Stripe.
Photo Privacy
Customer photos may contain sensitive information (home interiors, property details). We apply extra protections:
- No public indexing — photos are served with
X-Robots-Tag: noindexheaders andnoindexmeta tags to prevent search engine indexing - Signed URLs — photos are accessed via time-limited signed S3 URLs that expire after 1 hour
- No AI training — photos are not used to train any AI models
- Encryption — photos are encrypted at rest on AWS S3 (SSE-S3)
- Deletion — photos are permanently deleted from S3 after account deletion
Data Retention
Active Accounts
All data is retained for as long as your account is active.
After Cancellation or Trial Expiry
| Period | Access Level | What Happens |
|---|---|---|
| Until end of billing period | Full access | You can still create jobs and use all features |
| 90 days after period ends | Read-only | You can view but not modify your data |
| After 90 days | No access | All data is permanently deleted |
Deletion Details
When data is deleted: 1. Account is deactivated and login is disabled 2. Customer PII is anonymized (names cleared, phones cleared, addresses cleared) 3. Photos are deleted from S3 and database records are hard-deleted 4. Deletion is completed within a commercially reasonable timeframe, typically within 30 days 5. Retained: anonymized aggregate data (job counts, revenue totals) and Stripe transaction records (required for tax/legal compliance)
Consent Records
IP addresses and timestamps related to email consent are retained for 2 years for CAN-SPAM compliance, then deleted.
Your Rights (CCPA and State Privacy Laws)
If you are a California resident (or resident of another state with similar privacy laws), you have the following rights:
Right to Know
You can request a copy of the personal information we hold about you. We will respond within 45 days.
Right to Delete
You can request that we delete your personal information. We will delete it within 45 days, subject to legal retention requirements (e.g., Stripe transaction records for tax compliance).
Right to Opt-Out of Sale
We do not sell personal information. There is nothing to opt out of.
Right to Non-Discrimination
We will not charge you more, degrade your service, or treat you differently for exercising your privacy rights.
How to Exercise Your Rights
Email privacy@snaplineops.com with your request. Include the email address associated with your account so we can verify your identity. We will respond within 45 days.
Contractor Responsibilities
If you are a contractor using Snapline, you are the data controller for your customers' personal information. Snapline acts as a data processor on your behalf. This means:
- You are responsible for having a legal basis to collect and store your customers' information
- You are responsible for responding to your customers' privacy requests
- You should inform your customers that you use Snapline to manage their job information
- See our Data Processing Addendum for the formal controller/processor agreement
Children's Privacy
Snapline is not directed at children under 13. We do not knowingly collect personal information from children. If you believe a child under 13 has provided us with personal information, contact privacy@snaplineops.com and we will delete it promptly.
Cookies and Browser Storage
We use only essential cookies (no tracking cookies). See our Cookie & Storage Policy for details on every cookie, localStorage key, and service worker behavior.
Security
We take reasonable measures to protect your data, including TLS encryption in transit, encryption at rest, multi-tenant data isolation, and rate limiting. See our Security Overview for details.
Changes to This Policy
We may update this Privacy Policy as our practices or the law evolves. We will update the "Last Updated" date at the top of this page. For material changes, we will make reasonable efforts to notify you (e.g., via email or in-app notice). Continued use of Snapline after the updated effective date constitutes acceptance.
Contact Us
For privacy questions, data requests, or concerns:
Email: privacy@snaplineops.com Mail: Snapline LLC, Philadelphia, PA