← Back to Boss Man Jobs
1. Information We Collect
Boss Man Jobs collects and processes the following categories of information to provide job management, payroll, and invoicing services:
- Business information: job details, schedules, client records, estimates, and invoices.
- Employee information: names, contact details, pay rates, and bank account information (for payroll).
- Financial information: transaction records, payment amounts, and invoice payment status.
- Device information: app configuration and preferences.
2. Data Storage and Security
- Core business data (jobs, clients, schedules) is stored locally on your device using encrypted Core Data storage.
- Sensitive credentials are stored in the iOS Keychain, protected by hardware-backed encryption.
- Application data is encrypted at rest using AES-256-GCM encryption.
- Payment-related data (transaction records, bank account tokens) is stored on our secure cloud backend hosted by Supabase, which uses AES-256 encryption at rest and TLS 1.2+ for all connections.
- Receipt photos are stored locally on your device and are not uploaded to external servers.
3. Payment Processing
If you enable payment and payroll features, the following third-party services process financial data on our behalf:
- Stripe: Processes employee payroll disbursements (ACH transfers) and customer invoice payments. Stripe is PCI DSS Level 1 certified. No credit card numbers are stored on our servers or your device. See Stripe's privacy policy.
- Plaid: Facilitates secure bank account verification and linking. Bank login credentials are collected directly by Plaid in an isolated secure environment and are never accessible to Boss Man Jobs. See Plaid's privacy policy.
- Supabase: Hosts our secure backend infrastructure including Edge Functions and the PostgreSQL database. See Supabase's privacy policy.
Important: No Stripe secret keys, Plaid credentials, or other third-party secrets are stored on your device. Only a single API authentication token is stored in the iOS Keychain.
4. Third-Party AI Services
If you configure an AI assistant (OpenAI, Anthropic, or Google AI), your chat messages are sent to those providers according to their respective privacy policies. Financial data, bank account information, and personal identification numbers are never sent to AI services.
5. Location Data
If enabled, location data is used only for job site tracking and weather features. Location data remains on your device and is not transmitted to our servers.
6. Data Sharing
We do not sell, rent, or trade your personal information. Data is shared only with the third-party service providers listed above, solely for the purpose of providing the services you have requested (payment processing, bank verification, AI assistance).
7. Data Retention
- On-device data is retained until you delete it or uninstall the app.
- Server-side payment records are retained as required for financial auditing, tax compliance, and dispute resolution.
- You may request deletion of your server-side data by contacting us.
8. Your Rights
- You can export your data at any time from Settings > Data Management.
- You can delete on-device data from Settings > Data Management.
- You can request deletion of server-side data by contacting us.
- You can revoke payment service connections at any time from Settings > Payments & Payroll.
9. Security Measures
We implement industry-standard security measures including TLS 1.2+ encryption for all data in transit, certificate pinning for critical API connections, biometric authentication (Face ID/Touch ID), jailbreak detection, and automated lockout after failed authentication attempts.
10. Children's Privacy
Boss Man Jobs is a business management application and is not directed at children under 13. We do not knowingly collect information from children.
11. Changes to This Policy
We may update this privacy policy from time to time. The "Last Updated" date at the top of this policy indicates when changes were last made. Continued use of the app after changes constitutes acceptance.