Privacy Policy
Effective July 4, 2026
CrewBarn ("CrewBarn", "we", "us") provides field-service management software for trade businesses — scheduling, dispatch, estimates, invoicing, payments, a crew mobile app, and a customer portal. This policy explains what we collect, why, and the choices you have. It covers crewbarn.com, app.crewbarn.com, the CrewBarn mobile app, and the customer portal.
The two hats we wear
Most data in CrewBarn belongs to the businesses that use it. When a company runs its operations on CrewBarn, that company controls its customer records, jobs, invoices, and messages — we process that data on the company's behalf and on its instructions. For the account data of the people who sign up and use CrewBarn directly, we are the data controller.
What we collect
- Account information — name, email, phone number, and a password (stored hashed, never in plain text), plus role and permission settings set by your company.
- Business records you enter — customers, job details, estimates, invoices, photos, documents, and notes your company creates while running its operations.
- Location data — the CrewBarn crew app can report technician GPS location (including in the background while on shift) when the employer enables GPS tracking for dispatch, routing, and job check-in. Location collection is visible to the technician, tied to their staff account, and configurable per person by the company. Raw location fixes are retained for 30 days, after which they are compressed into daily route summaries.
- Communications — when a company connects business texting or calling, CrewBarn stores those messages, call logs, and (if enabled by the company) call recordings and transcriptions, so the office and crew can see customer conversation history.
- Payment information — card and bank payments are processed by payment processors such as Stripe; CrewBarn never stores full card numbers. We keep payment records (amount, method, status, reference) for accounting.
- Usage data — sign-in events, device/browser type, and app diagnostics used for security and support. We use session cookies to keep you signed in; we do not run third-party advertising trackers.
How we use it
- To provide the service: scheduling, dispatch, invoicing, payments, messaging, and reporting.
- To keep accounts secure — sign-in verification, permission enforcement, and audit logs.
- To support you when you ask for help.
- To improve reliability (diagnostics and aggregate usage patterns).
We do not sell personal data. We do not use your business records to advertise to your customers.
AI features
Some optional features use AI (for example, drafting job details from a call transcript or suggesting invoice text). These run only when a company turns them on, use the company's own data solely to produce results for that company, and are never used to train models for anyone else.
Google user data
If you sign in or connect a Google service, CrewBarn accesses only the Google account information needed for that feature (such as your name and email address for sign-in). CrewBarn's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. We do not sell Google user data, use it for advertising, or allow humans to read it except with your permission, for security, or where required by law.
Who we share data with
Only service providers that help us run CrewBarn, under contracts limiting their use of the data: cloud hosting and storage, content delivery, payment processing (e.g. Stripe), telephony and SMS delivery, email delivery, encryption key management, and (for opt-in features) AI providers. We also disclose data if the law requires it, or as part of a business transfer with the same protections.
Security
Data is encrypted in transit (TLS) and at rest. Sensitive files use envelope encryption with managed keys. Every company's data is isolated at the database level with enforced row-level security, and access inside a company follows the roles and permissions the company sets.
Retention
We keep business records for as long as the company's account is active. Raw GPS fixes are deleted after 30 days (daily route summaries are kept). When a company closes its account, its data is deleted or returned on request, subject to legal retention requirements for financial records.
Your choices
- Technicians can see and control the crew app's location permission in their device settings; GPS tracking policies are set by the employer.
- You can request a copy of your personal data, ask us to correct it, or ask us to delete it by emailing [email protected]. For data your employer or service company controls, we may direct the request to them.
- Customers of CrewBarn-powered businesses can opt out of text messages by replying STOP.
Children
CrewBarn is a business tool and is not directed to children under 16. We do not knowingly collect data from children.
Changes
If we make material changes to this policy we will post the new version here and update the effective date, and for significant changes we will notify account owners by email.
Contact
Questions about privacy: [email protected].