Privacy Policy

Effective July 4, 2026

CrewBarn ("CrewBarn", "we", "us") provides field-service management software for trade businesses — scheduling, dispatch, estimates, invoicing, payments, a crew mobile app, and a customer portal. This policy explains what we collect, why, and the choices you have. It covers crewbarn.com, app.crewbarn.com, the CrewBarn mobile app, and the customer portal.

The two hats we wear

Most data in CrewBarn belongs to the businesses that use it. When a company runs its operations on CrewBarn, that company controls its customer records, jobs, invoices, and messages — we process that data on the company's behalf and on its instructions. For the account data of the people who sign up and use CrewBarn directly, we are the data controller.

What we collect

How we use it

We do not sell personal data. We do not use your business records to advertise to your customers.

AI features

Some optional features use AI (for example, drafting job details from a call transcript or suggesting invoice text). These run only when a company turns them on, use the company's own data solely to produce results for that company, and are never used to train models for anyone else.

Google user data

If you sign in or connect a Google service, CrewBarn accesses only the Google account information needed for that feature (such as your name and email address for sign-in). CrewBarn's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. We do not sell Google user data, use it for advertising, or allow humans to read it except with your permission, for security, or where required by law.

Who we share data with

Only service providers that help us run CrewBarn, under contracts limiting their use of the data: cloud hosting and storage, content delivery, payment processing (e.g. Stripe), telephony and SMS delivery, email delivery, encryption key management, and (for opt-in features) AI providers. We also disclose data if the law requires it, or as part of a business transfer with the same protections.

Security

Data is encrypted in transit (TLS) and at rest. Sensitive files use envelope encryption with managed keys. Every company's data is isolated at the database level with enforced row-level security, and access inside a company follows the roles and permissions the company sets.

Retention

We keep business records for as long as the company's account is active. Raw GPS fixes are deleted after 30 days (daily route summaries are kept). When a company closes its account, its data is deleted or returned on request, subject to legal retention requirements for financial records.

Your choices

Children

CrewBarn is a business tool and is not directed to children under 16. We do not knowingly collect data from children.

Changes

If we make material changes to this policy we will post the new version here and update the effective date, and for significant changes we will notify account owners by email.

Contact

Questions about privacy: [email protected].