Privacy Policy

Last updated: February 21, 2026

1. Introduction

CoatingOS ("we," "our," or "us") is committed to protecting the privacy of our users. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you use our web application, mobile application, and related services (collectively, the "Service").

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address, phone number, company name, and password when you register.
  • Business Data: Customer information, estimates, invoices, work orders, and scheduling data you enter into the platform.
  • Communications: Messages sent through our messaging features, including SMS and team chat.
  • Payment Information: Billing details processed securely through our third-party payment processor (Stripe).

2.2 Information Collected Automatically

  • Device Information: Device type, operating system, and unique device identifiers.
  • Usage Data: Features used, pages visited, and interactions within the Service.
  • Location Data: Approximate location for drive-time calculations and scheduling features, only when you grant permission.
  • Camera & Photos: Images captured or selected when you use the camera or photo library features for job site documentation, with your explicit permission.

3. How We Use Your Information

We use collected information to:

  • Provide, maintain, and improve the Service
  • Process transactions and send related information
  • Send push notifications about new messages, leads, and business updates (with your consent)
  • Provide customer support and respond to inquiries
  • Monitor and analyze usage patterns to improve user experience
  • Protect against unauthorized access and ensure security

4. Information Sharing

We do not sell your personal information. We may share information with:

  • Service Providers: Third-party vendors who assist in operating our Service (e.g., Supabase for data hosting, Stripe for payments, Telnyx for SMS/calling).
  • Team Members: Information is shared within your organization's account as configured by your account administrator.
  • Legal Requirements: When required by law, regulation, or legal process.

5. Data Security

We implement industry-standard security measures including encryption in transit (TLS/SSL), encryption at rest, and secure authentication through Supabase Auth. However, no method of transmission over the Internet is 100% secure.

6. Data Retention

We retain your data for as long as your account is active or as needed to provide the Service. You may request deletion of your account and associated data at any time.

7. Your Rights

You have the right to:

  • Access and receive a copy of your personal data
  • Correct inaccurate or incomplete data
  • Request deletion of your personal data
  • Withdraw consent for optional data processing
  • Export your data in a portable format

8. Children's Privacy

Our Service is not intended for children under 13. We do not knowingly collect personal information from children under 13.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

10. Contact Us

If you have questions about this Privacy Policy, please contact us at: