Privacy Policy

1. Who We Are

SlateTablet (“we,” “us,” or “our”) provides a digital field data capture application for iOS and a web-based administrative portal for survey crews and their managers (collectively, the “Service”). Our Service is accessible at slatetablet.com and app.slatetablet.com.

For privacy questions, contact us at: admin@slatetablet.com

2. Information We Collect

2a. Account and Company Information (Server-Side)

The following information is collected and stored on our servers when you create or manage an account:

• Account registration: Full name, work email address, and hashed password when you create an account.
• Company information: Company name provided during account setup or invitation.
• Role and access data: Your assigned role (Admin or crew member) and your association with a company workspace.
• Communications: Any messages you send to us via email or support channels.

2b. Field Data (On-Device)

Survey field notes, level loops, invert records, point ranges, job safety analyses, and associated photos captured using the SlateTablet iOS application are stored locally on your device using on-device storage. This field data is not transmitted to or stored on our servers as part of normal app operation. It remains on your device until you choose to export it (for example, by generating and sharing a PDF).

Because field data resides on your device, we do not have access to it, cannot recover it if your device is lost or damaged, and cannot delete it on your behalf. You are responsible for maintaining backups of your field data. We recommend exporting completed jobs as PDFs regularly.

2c. Information Collected Automatically

• Usage data: Pages visited, features used, timestamps of activity, and session duration within the web portal.
• Device information: iOS device type, operating system version, and app version when using the mobile application.
• Log data: IP address, browser type, and referring URLs collected automatically by our servers.

2d. Payment Information

We use Stripe to process subscription payments. We do not store your credit card number, CVV, or full payment details on our servers. Stripe collects and stores payment information directly and is subject to their own privacy policy. We receive and store only a non-sensitive payment token, the last four digits of your card, and your billing status.

3. How We Use Your Information

• To create and maintain your account and company workspace.
• To provide, operate, and improve the Service.
• To process subscription payments and manage billing.
• To send transactional emails such as account confirmation, email verification, and billing receipts.
• To respond to support requests and communications.
• To monitor and analyze usage patterns to improve performance and reliability.
• To detect, prevent, and address technical issues or abuse.
• To comply with legal obligations.

We do not use your data to train machine learning models, sell to third parties, or for any purpose other than delivering the Service to you.

4. How We Share Your Information

We do not sell your personal information. We share information only in the following circumstances:

• Within your organization: Administrators of your company account can view employee names, email addresses, and account activity within the portal. Field data captured by crew members is stored on-device and is not accessible to administrators through our platform except via PDFs that crew members choose to export and share.
• Service providers: We use trusted third-party vendors to help operate the Service, including Google Firebase (account data storage and authentication), Stripe (payment processing), Resend (transactional email delivery), and Vercel (hosting). These providers access data only as necessary to perform their services and are bound by confidentiality obligations.
• Legal requirements: We may disclose information if required by law, court order, or governmental authority, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
• Business transfer: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you before your data becomes subject to a different privacy policy.

5. Data Storage and Security

Account and company data is stored using Google Firebase (Firestore), hosted on Google Cloud Platform infrastructure in the United States. Field note data is stored locally on your iOS device and is not held on our servers. We implement the following security measures for server-side data:

• All data in transit is encrypted using TLS (HTTPS).
• Authentication tokens are verified server-side using Firebase Admin SDK.
• Firestore security rules restrict data access so users can only access records belonging to their company.
• Passwords are never stored in plain text — Firebase Authentication handles credential storage using industry-standard hashing.
• Production credentials are stored as encrypted environment variables and never committed to source code.

No method of transmission over the internet is 100% secure. While we take reasonable precautions, we cannot guarantee absolute security of server-side data. On-device field data is subject to the security of your iOS device.

6. Data Retention

Our data retention practices differ depending on where data is stored:

• Account and company records (server-side): Retained while your subscription is active. After cancellation, retained for 30 days to allow reactivation, then permanently deleted.
• Field data (on-device): Stored locally on your iOS device and not subject to our retention schedule. Deleting the app or losing your device will result in permanent loss of any field data not previously exported as a PDF.
• Billing records: May be retained longer as required by applicable tax and accounting laws.
• Data deletion requests: You may request deletion of your server-side account data at any time by contacting us at admin@slatetablet.com. We cannot delete on-device field data on your behalf.

7. Your Rights

Depending on your location, you may have the right to:

• Access: Request a copy of the server-side personal data we hold about you, including account records and billing history.
• Correction: Request that we correct inaccurate or incomplete data.
• Deletion: Request that we delete your server-side personal data, subject to legal retention obligations. Note that on-device field data is outside our control and must be managed directly on your device.
• Portability: Request an export of your server-side account data (name, email, company association, billing history) in a structured format. Field note data should be exported directly from the app as PDFs before account closure.
• Objection: Object to certain types of processing, such as marketing communications.

To exercise any of these rights, email us at admin@slatetablet.com. We will respond within 30 days.

8. Cookies

We use session cookies and local storage solely to maintain your authenticated session within the portal. We do not use third-party advertising cookies or tracking pixels. You can disable cookies in your browser settings, but this will prevent you from logging into the portal.

9. Children's Privacy

The Service is intended for use by businesses and is not directed to individuals under the age of 18. We do not knowingly collect personal information from minors. If you believe a minor has provided us with personal information, contact us and we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the effective date at the top of this page and, where appropriate, notify you by email. Your continued use of the Service after changes are posted constitutes your acceptance of the updated policy.

11. Contact Us

For questions, concerns, or requests related to this Privacy Policy, contact us at: