Privacy Policy

Last updated: February 18, 2026

Fieldpost ("we," "us," or "our") operates the Fieldpost mobile application (available on iOS and Android) and the Fieldpost web application at app.fieldposthq.com (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

By using Fieldpost, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use the Service.

1. Information We Collect

1.1 Account Information

When you create an account, we collect:

  • Email address (required for registration and login)
  • Name (optional, used for display within your team)
  • Password (stored securely and encrypted by our authentication provider)
  • Company or organization name (used to set up your workspace)
  • Profile photo (optional avatar image)

1.2 Project and Content Data

When you use the Service, you create and upload content including:

  • Photos and videos captured or uploaded from your device
  • Project information (names, descriptions, locations, status)
  • Notes and annotations added to photos and projects
  • Reports you create and export
  • Categories you define for organizing media
  • Contacts you add to projects (name, email, phone)

1.3 Location Data

With your permission, we collect GPS coordinates from your device. Location data is used to:

  • Geotag photos and videos at the time of capture
  • Associate projects with physical locations
  • Display your projects and media on a map
  • Optionally stamp GPS coordinates onto photo images

Location access is requested only when you use the camera or create a project. You can deny or revoke location permission at any time through your device settings. The app functions without location access, but geotagging features will be unavailable.

1.4 Device and Usage Data

We may automatically collect:

  • Device information (device type, operating system version)
  • Network connectivity status (to manage offline functionality)
  • Timestamps of actions within the app (photo uploads, note creation, report generation)

1.5 Payment Information

If you subscribe to a paid plan, payment processing is handled entirely by Stripe, Inc. We do not store your credit card number, bank account details, or other sensitive payment information on our servers. We receive and store only:

  • Your Stripe customer ID and subscription ID
  • Subscription plan, billing interval, and seat count
  • Subscription status (active, trialing, canceled, etc.)
  • Trial and cancellation dates

Stripe's collection and use of your payment data is governed by the Stripe Privacy Policy.

2. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain the Service
  • Create and manage your account and company workspace
  • Store and organize your photos, videos, notes, and projects
  • Generate PDF reports from your project data
  • Enable team collaboration and activity tracking within your company
  • Process payments and manage subscriptions
  • Send transactional notifications (team invitations, mentions)
  • Provide offline functionality and sync data when connectivity is restored
  • Improve and develop new features for the Service
  • Respond to support requests and communicate with you

3. Data Storage and Security

3.1 Cloud Storage

Your data is stored using Supabase, which provides PostgreSQL database hosting and file storage infrastructure. Photos, videos, and PDF report exports are stored in Supabase Storage. All data is transmitted over HTTPS/TLS encryption.

3.2 Local Device Storage

The mobile app stores limited data on your device:

  • Authentication tokens (to maintain your login session)
  • Camera preferences (timestamp stamping, GPS stamping, grid, level settings)
  • Offline photo queue (photos captured while offline are stored locally until they can be uploaded)

Locally stored photos in the offline queue are automatically deleted from your device after successful upload.

3.3 Data Isolation

Fieldpost is a multi-tenant platform. Your data is logically isolated using Row Level Security (RLS) policies that ensure users can only access data belonging to their company. No cross-company data access is possible.

4. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information. We share your data only in the following circumstances:

4.1 Within Your Company

All content you create (projects, photos, notes, reports) is visible to other members of your company workspace. Team activity is tracked and visible within your organization.

4.2 Shared Reports

When you publish or share a report, it becomes accessible via a unique link. Shared reports may include password protection and expiration dates that you configure. Anyone with the link (and password, if set) can view the report contents.

4.3 Third-Party Service Providers

We use the following third-party services to operate Fieldpost:

  • Supabase — Database hosting, file storage, and authentication (Supabase Privacy Policy)
  • Stripe — Payment processing and subscription management (Stripe Privacy Policy)
  • Google Places API — Location search and autocomplete when creating projects (Google Privacy Policy)
  • OpenStreetMap / Leaflet — Map rendering on the web application

4.4 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court order or government agency).

5. Mobile App Permissions

The Fieldpost mobile app requests the following device permissions:

  • Camera — To capture photos and videos for project documentation
  • Photo Library / Media Library — To select existing photos and videos from your device
  • Location (When In Use) — To geotag photos and associate projects with locations. Not used for background tracking.
  • Network State — To detect connectivity and manage offline-to-online sync

All permissions are optional. You can deny or revoke any permission through your device settings. Some features may be limited without certain permissions.

6. Data Retention and Deletion

We retain your data for as long as your account is active or as needed to provide the Service. When data is deleted:

  • Photos and videos are removed from both the database and cloud storage
  • Projects and all associated content (photos, notes, reports) are cascade deleted
  • Account deletion removes your profile and all associated company data if you are the sole owner
  • Offline queue files are deleted from your device after successful upload

To request deletion of your account and all associated data, contact us at hello@fieldpost.io.

7. Children's Privacy

Fieldpost is not intended for use by anyone under the age of 16. We do not knowingly collect personal information from children under 16. If we learn that we have collected personal data from a child under 16, we will take steps to delete that information promptly.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Object to or restrict processing of your data
  • Request a portable copy of your data
  • Withdraw consent for location tracking at any time

To exercise any of these rights, contact us at hello@fieldpost.io.

9. California Privacy Rights (CCPA)

If you are a California resident, you have the right to request disclosure of the categories and specific pieces of personal information we have collected about you, the categories of sources from which we collect personal information, and the business purposes for collecting your personal information. You also have the right to request deletion of your personal information. We do not sell personal information.

10. International Data Transfers

Your information may be transferred to and maintained on servers located outside of your state, province, country, or other governmental jurisdiction where data protection laws may differ. By using the Service, you consent to such transfers.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. Your continued use of the Service after changes constitutes acceptance of the revised policy.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

Fieldpost
Email: hello@fieldpost.io