Privacy Policy

Effective Date: May 8, 2026 · Last Updated: May 20, 2026 · Version: 1.2

Plain-language summary: We are Landscaper Agent LLC, a software company in Tennessee. We collect the information you put into the Service so we can run it for you, plus standard usage and operational data so we can keep it secure, billed correctly, and steadily improving. We do not sell your data. We do not share it with advertising networks. We never sell or share mobile phone numbers or SMS consent with third parties for marketing. Some of your data flows through service providers (listed in Section 4) who help us run the platform. You have rights over your data, including access, correction, and deletion — see Section 8. The full policy below explains the details.

1. Introduction

This Privacy Policy explains how Landscaper Agent LLC ("we," "us," or "our") collects, uses, shares, and protects information when you use the Landscaper Agent application, website, and related services (collectively, the "Service"). The Service is a software platform built for landscape contractors to run their businesses, including managing clients, jobs, schedules, quotes, invoices, communications, photos, AI-assisted design and proposal tools, and ordering branded crew apparel.

By creating an account or using the Service, you agree to the practices described here. If you do not agree, do not use the Service.

This policy applies to professional users of the Service ("you," "your," or "Users") — typically business owners, managers, and crew members of landscape contracting businesses. It does not apply to the end customers of those businesses, whose personal information you input into the Service. Your handling of that end-customer data is governed separately by our Terms of Service and the Data Processing Addendum included therein (TOS Section 9).

2. Information We Collect

2.1 Information You Provide Directly

When you create an account and use the Service, you provide us with:

Account information — name, email address, password (stored as a hash, never in plain text), business name, business address, phone number, and role (owner, manager, crew member).
Business operating data — your clients, properties, jobs, quotes, invoices, schedule, photos, plant lists, pricing data, materials catalogs, equipment records, and similar operational records that you input or upload into the Service.
Communications content — messages you send and receive through the in-app communications inbox (SMS via our integrated provider, email replies, voicemail transcripts), notes attached to clients or jobs, and AI prompts you submit.
Payment information — when you subscribe to a paid plan or place an apparel order, payment is processed by Stripe, Inc. We do not see or store your full payment card number; we receive only a last-four digits and a tokenized customer reference from Stripe.
Crew apparel data — when you use the Crew Apparel feature, the logo or artwork files you upload, the product and color selections you make, and the shipping address you provide for an order.
Optional integrations — if you connect Jobber, QuickBooks Online, or other third-party services, we receive data those platforms share via their APIs as authorized by you.

2.2 Information Collected Automatically

When you use the Service, we automatically collect:

Usage data — pages and features accessed, actions taken (e.g., creating an estimate, generating a design render), buttons clicked, time spent, and feature engagement metrics.
AI interaction logs — the prompts you send to AI features and metadata about generations (model used, tokens consumed, cost, success/failure, timestamps). The full content of AI prompts and responses is retained for billing reconciliation, abuse prevention, and product improvement, but is not used to train third-party AI models without your explicit instruction.
Crew operational data — when crew features are enabled, the Service may record GPS coordinates at clock-in and clock-out, photos at job sites, timesheet entries, job-completion records, and crew performance and efficiency metrics derived from these records. These are collected at your direction as the account owner and operator. See Section 10 of our Terms of Service for your obligations as the employer.
Device and connection data — IP address, browser type and version, operating system, device type, language preference, time zone, and approximate location derived from IP.
Diagnostic data — error logs, crash reports, performance metrics, and stack traces. We use these to detect bugs, monitor stability, and prioritize fixes.

2.3 Information from Third Parties

We may receive information about you from third parties when you use related services. For example:

Stripe sends us payment confirmations, subscription status, and dispute notices.
Twilio sends us delivery status, opt-out events, and complaint reports for SMS you send and receive.
Resend sends us delivery, bounce, and complaint reports for email.
Jobber (if connected) sends us your business records via its API, in scope of the permissions you grant.
QuickBooks Online / Intuit (if connected) sends us your accounting records via its API, in scope of the permissions you grant.
Cloudflare provides aggregate traffic data and abuse signals.

3. How We Use Information

We use the information described in Section 2 to:

Provide and operate the Service — authenticate you, run the features you use, save your work, sync across devices, generate AI content, send and receive communications you initiate, fulfill apparel orders, and process payments.
Communicate with you — send transactional messages (signup confirmations, billing receipts, security alerts, service updates), respond to support requests, and — only if you opt in — send product news and marketing emails.
Maintain security and prevent abuse — detect unauthorized access, fraud, misuse of AI features, spam, and violations of our Terms of Service or Acceptable Use Policy.
Comply with legal obligations — respond to lawful subpoenas, court orders, tax filings, and other legal requirements.
Bill you accurately — measure plan usage, AI consumption, and overage so we can charge you correctly, with transparency in your account.
Improve the Service — analyze how features are used, identify friction points, prioritize roadmap, and test new functionality.
Aggregate and de-identify data for cross-tenant insight — at an aggregated and de-identified level (with no information that could reasonably identify you, your business, your employees, or your end customers), analyze patterns across the entire user base to improve the Service for everyone. Examples include regional pricing benchmarks, route efficiency models, plant performance trends, and AI prompt quality. This data is never sold and never shared with advertising networks.

4. How We Share Information

We share information only as described below. We do not sell your personal information. We do not share your personal information with advertising networks or for cross-context behavioral advertising.

4.1 Subprocessors

We use the following service providers ("subprocessors") to operate the Service. Each is bound by contractual confidentiality and security obligations.

Subprocessor	Purpose	Data Categories	Location
Supabase, Inc.	Database, authentication, file storage	All Service data	United States
Stripe, Inc.	Payment processing (subscriptions and apparel orders)	Billing data, last-four card digits, customer reference	United States
Twilio Inc.	SMS/voice delivery and communications inbox	Phone numbers, message content, voicemail recordings/transcripts, delivery metadata	United States
Resend, Inc.	Transactional email delivery	Email addresses, message content, delivery metadata	United States
Anthropic, PBC	AI generation (Claude models)	AI prompts and outputs you submit to AI features	United States
OpenAI, L.L.C.	AI generation (image and text models)	AI prompts and outputs you submit to AI features	United States
Printful, Inc.	Crew Apparel product catalog data (and, where used, print fulfillment)	Product selections; order and shipping details where an order is routed to Printful	United States
remove.bg (Kaleido AI GmbH)	Optional background removal for uploaded logo/artwork images	Logo/artwork image files you submit for processing	European Union
Cloudflare, Inc.	Hosting, CDN, DDoS protection	All Service traffic	Global edge network
Jobber Software Inc.	Optional two-way sync (if you connect it)	Business records you authorize	Canada
Intuit, Inc.	QuickBooks Online integration (if you connect it)	Customer, account, item, invoice, and expense data you authorize via OAuth	United States
Google LLC (Workspace)	Email infrastructure for support@/privacy@/legal@	Email addressed to those mailboxes	United States

We will update this list before adding a new subprocessor that materially changes the data flow. The current list always lives in this Policy, and material updates trigger the change-notice process in Section 11.

4.2 Mobile Information and SMS Consent

No mobile information — including mobile phone numbers and SMS opt-in consent — is sold, rented, or shared with third parties or affiliates for their marketing or promotional purposes. Mobile opt-in data and consent are never shared with third parties for marketing under any circumstances. We share mobile information only with the service providers strictly necessary to deliver the messaging you request (for example, our telecommunications provider, Twilio Inc.), and only to carry out message delivery itself. We do not provide mobile numbers or SMS consent to data brokers, lead-resale services, or advertising networks.

Messages we send to you. If you provide your mobile number, we may send you account- and service-related text messages such as verification codes, security alerts, and operational notifications. Message frequency varies. Message and data rates may apply. Reply STOP at any time to opt out, or reply HELP for help.

Messaging features you operate. The Service lets business users send service-related text messages to their own customers (appointment confirmations, quotes, invoices, job updates, and replies to customer inquiries). For those programs, the business user is the sender and controls the content and frequency of messages; Landscaper Agent acts solely as the technical transmission provider. Message frequency varies by business. Message and data rates may apply to recipients. Recipients can reply STOP to opt out at any time or HELP for help, and opt-out requests are honored.

4.3 QuickBooks Online Integration (Intuit)

The Service offers an optional, user-authorized integration with QuickBooks Online ("QBO"), operated by Intuit, Inc. When you choose to connect your QBO company to the Service, through QBO's standard OAuth 2.0 authorization flow you grant the Service access to your QBO company data under the com.intuit.quickbooks.accounting scope (customers, chart of accounts, items, invoices, payments, purchases/bills/expenses, and company info). We use it solely to power features inside the Service for the connected QBO company (displaying QBO records, pushing invoices to your ledger, suggesting expense-to-job matches, and computing per-job profitability). We do not use your QBO data to train AI models, share it with advertising networks, or sell it. The Expense Matching feature sends a compact summary of each unmatched expense plus a list of your candidate jobs to OpenAI's gpt-4o-mini model solely to suggest a likely match; per OpenAI's API terms, that request data is not used to train OpenAI models. Synced QBO records are cached in our Supabase database tagged to your company. Access and refresh tokens are stored encrypted at rest and used solely to maintain your authorized connection. You can disconnect at any time in Accounting → QuickBooks Integration (which immediately revokes the token), optionally delete all synced QBO data on disconnect, or revoke access from inside QuickBooks Online. Intuit is an independent third party; your use of QBO is governed by Intuit's own terms (terms, privacy). The Service is not affiliated with, endorsed by, or sponsored by Intuit.

4.4 Crew Apparel Orders (Printful, remove.bg)

The optional Crew Apparel feature lets you design and order branded apparel. Product catalog information (photos, sizes, colors, base prices) is sourced from Printful's catalog API. If you use the in-app background-removal tool on a logo or artwork file, that image is sent to remove.bg (Kaleido AI GmbH) for processing and returned to the Service; the processed image is stored with your account. When you place an order, payment is processed by Stripe and we collect the shipping address and order details needed to fulfill it. Depending on the fulfillment path, your order and shipping details may be transmitted to Printful or to a local decorator engaged to produce and ship your order. We do not use logo/artwork files or shipping details for any purpose other than fulfilling your order and operating the feature.

4.5 Other Sharing

We may also share information:

With your authorization — when you direct us to share, export, or integrate your data with another party.
With professional advisors — lawyers, accountants, and auditors bound by confidentiality, when reasonably needed for our operations.
In a corporate transaction — if we are acquired, merged, or sell substantially all our assets, your information may transfer to the acquiring entity, subject to this Policy or a successor with materially equivalent protections.
For legal reasons — in response to a valid subpoena, court order, or other lawful legal process; to enforce our agreements; to protect the rights, property, or safety of us, our users, or others; or to comply with applicable law.
As aggregated or de-identified data — that cannot reasonably be used to identify you.

5. Local Storage and Similar Technologies

The Service stores limited data in your browser to function. This is sometimes called "cookies," but the Service does not currently use third-party advertising or tracking cookies of the kind that trigger most consent banner requirements.

5.1 What We Store in Your Browser

Authentication tokens — issued by our authentication provider (Supabase) so you stay logged in without re-entering your password on every request.
Application state — your current view, draft estimates, draft messages, and similar work-in-progress data so it isn't lost on a page reload.
Preferences — UI settings (e.g., sidebar collapsed, theme, last-viewed tab) so the Service remembers how you like it.

These items are categorized under most laws (including CCPA/CPRA and the EU ePrivacy Directive) as "strictly necessary" — required for the Service to function — and do not require opt-in consent. We disclose them here for transparency.

5.2 What We Don't Use

As of the Effective Date above, we do not use third-party advertising cookies, cross-site tracking cookies, Meta Pixel, Google Ads or similar advertising trackers, or behavioral retargeting.

5.3 If This Changes

If we add third-party analytics in the future, we will update this Section 5 to disclose it, add a consent banner where required, provide an opt-out where required by US state law, and notify you per Section 11.

6. Data Retention and Deletion

6.1 Retention Periods

Active account data — retained while your account is active.
Account-deletion grace period — 30 days after you close your account or stop paying, during which you can recover the account and data.
Standard backup retention — operational backups are retained for up to 90 days from the date of backup.
Billing and tax records — retained for 7 years to comply with US federal and state tax law.
Legal-hold or dispute records — retained as long as a litigation hold, regulatory investigation, or active legal claim requires.
Aggregated and de-identified data — retained indefinitely, since it cannot reasonably be linked back to you.

6.2 Deletion on Request

You may request deletion of your account and personal data at any time by emailing privacy@landscaperagent.com or, where available, using the in-app deletion control. We will delete or anonymize personal data within 30 days of a verified deletion request, except for information we are legally required or permitted to retain.

6.3 Backups

Deleted data may persist in encrypted backups for up to 90 days before being overwritten. Backups are not restored to live systems except for disaster recovery.

7. Security

We use reasonable administrative, technical, and physical safeguards to protect personal information, including encryption in transit (TLS), encryption at rest for primary data stores, hashed-and-salted password storage, role-based access controls with logging, multi-factor authentication on critical administrative accounts, and routine security review and patch management.

No system is perfectly secure. If we suffer a confirmed security incident affecting your personal information, we will notify you and any required authorities without undue delay, in accordance with applicable law.

8. Your Rights

Depending on where you live, you may have rights to access, correct, delete, port, restrict, or object to the processing of your personal information, to withdraw consent, and to be free from discrimination for exercising these rights.

8.1 How to Exercise Your Rights

Email privacy@landscaperagent.com with your name, the email associated with your account, and a description of the request. We will respond within the timeframe required by applicable law (typically 30–45 days). We may need to verify your identity. You may authorize an agent to act on your behalf with verifiable proof of authorization.

8.2 California Residents (CCPA/CPRA)

If you are a California resident, you have specific rights under the CCPA/CPRA. The categories of personal information we collect, the sources, and the purposes are described in Sections 2 and 3. We do not "sell" personal information and do not "share" it for cross-context behavioral advertising. You may exercise the rights to know, delete, correct, and limit the use of sensitive personal information by contacting privacy@landscaperagent.com. We will not retaliate against you for exercising these rights.

8.3 EU/UK/Swiss Residents (GDPR / UK GDPR / FADP)

If you are in the EEA, UK, or Switzerland, the GDPR (or equivalent) gives you the rights listed above. Our legal bases are typically performance of a contract, legitimate interests, consent, and legal obligation. You have the right to lodge a complaint with a supervisory authority.

8.4 Other US States

Residents of Colorado, Connecticut, Virginia, Utah, Texas, Oregon, Montana, and other states with comprehensive privacy laws have substantially similar rights. To exercise them, contact privacy@landscaperagent.com.

9. Children's Privacy

The Service is intended for use by professionals operating landscape contracting businesses and is not directed at children under 16. We do not knowingly collect personal information from children. If we learn we have collected such information, we will delete it. Contact privacy@landscaperagent.com with concerns.

10. International Users

The Service is operated from the United States. If you access it from outside the United States, your information will be transferred to, stored, and processed in the United States and other countries where our service providers operate. For transfers from the EEA, UK, or Switzerland, we rely on Standard Contractual Clauses or other lawful transfer mechanisms with our subprocessors.

11. Changes to This Policy

We may update this Policy from time to time. When we make material changes, we will notify you via the Service or by email and update the "Last Updated" date and version number above. Continued use after the effective date of an updated Policy constitutes acceptance of the changes. To request a prior version, email privacy@landscaperagent.com.

12. Contact Us

For questions about this Policy or to exercise your privacy rights:

Landscaper Agent LLC
c/o Northwest Registered Agent Inc., 116 Agnes Rd, Ste 200, Knoxville, TN 37919

Privacy requests: privacy@landscaperagent.com
General support: support@landscaperagent.com
Legal notices: legal@landscaperagent.com