ProBizPay

Privacy Policy

Last updated: March 4, 2026

1. Introduction

ProBiz Pay LLC ("we", "our", or "us") operates the ProBizPay platform (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our platform, or interact with any of our services. This policy applies to all users of our Service, including contractors, their employees, their customers, and website visitors.

By accessing or using the Service, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with this policy, please do not access or use the Service.

2. Information We Collect

We collect several types of information from and about users of our Service:

2.1 Information You Provide Directly

  • Account Information: Name, email address, phone number, company name, job title, and password when you create an account
  • Business Information: Customer data, job details, invoices, estimates, contracts, proposals, photos, and documents you upload to the platform
  • Payment Information: Billing address, payment method details, and bank account information (processed securely by our payment providers — we do not store full card numbers)
  • Communications: Messages you send through our platform, including customer communications, internal notes, and support requests
  • Mobile Phone Numbers: Phone numbers provided for the purpose of sending and receiving SMS/text message notifications
  • Employee Information: Names, contact details, hourly rates, and time tracking data for employees managed through the platform
  • Property and Address Data: Service addresses, property owner information, and parcel data associated with jobs

2.2 Information Collected Automatically

  • Usage Data: Pages visited, features accessed, actions taken, timestamps, and session duration
  • Device Information: Browser type, operating system, device type, screen resolution, and unique device identifiers
  • Log Data: IP address, access times, referring URLs, and pages viewed
  • Location Data: GPS coordinates collected during clock-in/clock-out for time tracking (with employee consent), and general location derived from IP address
  • Cookie Data: Information collected through cookies, web beacons, and similar tracking technologies (see Section 11)

2.3 Information from Third Parties

  • Payment Processors: Transaction confirmation and status from Stripe and Helcim
  • Property Data Providers: Property owner records and parcel data from RentCast API for job-related lookups
  • Video Conferencing: Meeting participation data and connection information from Zoom (see Section 6)
  • Communication Providers: Delivery status and engagement data from Twilio (SMS) and SendGrid (email)

3. How We Use Your Information

We use the information we collect for the following purposes:

3.1 Service Delivery

  • Provide, operate, maintain, and improve our platform and services
  • Process transactions, send invoices, and manage payment collection
  • Facilitate scheduling, job management, and route planning
  • Enable time tracking with GPS verification for employee clock-in/clock-out
  • Generate estimates, proposals, contracts, and other business documents
  • Operate the customer portal for job status updates, document sharing, and payments

3.2 Communications

  • Send SMS notifications including appointment reminders, job updates, and payment confirmations (with consent)
  • Send email notifications including invoices, estimates, and status updates
  • Send technical notices, security alerts, and support messages
  • Facilitate video conferencing meetings between contractors and clients through Zoom integration

3.3 Analytics and Improvement

  • Monitor and analyze trends, usage patterns, and user activities
  • Personalize and improve your experience on the platform
  • Develop new features and services based on usage patterns
  • Conduct research and analysis to improve service quality

3.4 Security and Compliance

  • Detect, investigate, and prevent fraudulent transactions and unauthorized access
  • Enforce our Terms of Service and other agreements
  • Comply with legal obligations and respond to lawful requests
  • Maintain audit trails for regulatory compliance

4. SMS/Text Messaging Privacy

ProBizPay uses Twilio, Inc. as our SMS/text messaging service provider. This section specifically addresses how we handle your data in connection with SMS communications.

4.1 Data Collection for SMS

  • Phone Numbers: We collect mobile phone numbers solely for the purpose of sending service-related SMS notifications. We do not sell, rent, or share your phone number with third parties for marketing purposes.
  • Consent Records: We maintain detailed records of your SMS consent including the date, time, method of consent (web form, verbal, written), and IP address for compliance purposes.
  • Message Content: SMS messages may contain appointment reminders, job updates, estimate notifications, payment confirmations, schedule changes, and other service-related information.

4.2 Twilio as Sub-Processor

  • Twilio processes SMS messages on our behalf as a data sub-processor
  • Twilio receives the recipient phone number and message content necessary to deliver the SMS
  • Twilio maintains its own privacy policy at twilio.com/legal/privacy
  • Twilio is certified under the EU-US Data Privacy Framework for international data transfers
  • We have a Data Processing Agreement (DPA) with Twilio that governs their handling of personal data

4.3 SMS Data Retention

  • SMS consent records are retained for the duration of your account plus 5 years for legal compliance
  • Message delivery logs are retained for 2 years
  • Opt-out records are retained indefinitely to ensure continued compliance with your preferences

4.4 SMS Opt-Out

  • You may opt out of SMS at any time by replying STOP to any message
  • You may also opt out through your account settings on the platform
  • Reply HELP to any message for assistance
  • After opting out, you will receive one final confirmation message and no further SMS messages
  • Opting out of SMS does not affect other communications (email, in-app notifications)

4.5 No Sharing of SMS Data

Your phone number and SMS data are never shared with, sold to, or rented to third parties for their own marketing purposes. Phone numbers are shared only with Twilio as necessary to deliver messages on our behalf.

For SMS-related inquiries: 727-766-8962 or support@probizpay.com. For complete SMS terms including message frequency, see our Terms of Service.

5. Email Communications Privacy

ProBizPay uses SendGrid (a Twilio company) as our email service provider.

  • Transactional Emails: Invoices, estimates, payment receipts, appointment confirmations, and job status updates are sent as transactional emails necessary for service delivery
  • Email Tracking: We may track email delivery status, open rates, and click-through rates to ensure reliable message delivery and improve our communications
  • Email Data Shared with SendGrid: Recipient email address, sender information, subject line, and message content
  • Unsubscribe: Marketing emails include an unsubscribe link. Transactional emails related to active jobs and payments cannot be opted out of while the service relationship exists
  • SendGrid's privacy policy is available at twilio.com/legal/privacy (SendGrid is a Twilio company)

6. Video Conferencing (Zoom) Privacy

ProBizPay integrates with Zoom Video Communications, Inc. ("Zoom") to provide video conferencing capabilities for virtual appointments, consultations, and meetings between contractors and their clients.

6.1 Data Shared with Zoom

  • Meeting Creation: When a virtual appointment is scheduled, we create a Zoom meeting using our Zoom integration. The meeting topic (derived from the appointment type) and scheduled time are shared with Zoom.
  • Participant Information: Participant names and email addresses may be shared with Zoom to send meeting invitations and enable meeting access.
  • Meeting Metadata: Meeting duration, participant join/leave times, and connection quality data are collected by Zoom.

6.2 Data Zoom Collects Directly

When you join a Zoom meeting through our platform, Zoom may independently collect:

  • Your IP address and general location
  • Device information (operating system, browser, hardware)
  • Audio and video data during the meeting (if camera/microphone are enabled)
  • Chat messages sent during the meeting
  • Screen sharing content (if screen sharing is used)
  • Meeting recordings (only if the host enables recording — participants are always notified)

6.3 Zoom as Sub-Processor

  • Zoom acts as a data sub-processor when processing meeting data on our behalf
  • We connect to Zoom via OAuth 2.0, and our integration requests only the permissions necessary to create and manage meetings
  • We store Zoom meeting IDs and join URLs in our database to facilitate meeting access; we do not store meeting recordings, chat logs, or audio/video content
  • Zoom maintains its own comprehensive privacy policy at zoom.us/privacy
  • Zoom is certified under the EU-US Data Privacy Framework

6.4 Meeting Recordings

  • ProBizPay does not automatically record Zoom meetings
  • If a meeting host chooses to record, all participants will be notified by Zoom before recording begins
  • Participants may leave the meeting if they do not consent to recording
  • Any recordings are stored by Zoom according to their retention policies and the host's account settings

6.5 Revoking Zoom Access

You may disconnect Zoom from your ProBizPay account at any time through the Integrations settings page. Disconnecting will revoke our access to create meetings on your behalf. Previously created meetings may still be accessible through Zoom directly.

7. Information Sharing and Disclosure

We do not sell, rent, or trade your personal information to third parties for their marketing purposes. We may share your information only in the following limited circumstances:

7.1 Service Providers (Sub-Processors)

We share data with the following categories of service providers who process data on our behalf under contractual obligations to protect your information:

  • Payment Processing: Stripe, Inc. and Helcim, Inc. — process credit/debit card and ACH transactions (PCI-DSS Level 1 compliant). See stripe.com/privacy and helcim.com/privacy
  • SMS Communications: Twilio, Inc. — delivers SMS/text messages (see Section 4)
  • Email Communications: SendGrid (Twilio) — delivers transactional and notification emails (see Section 5)
  • Video Conferencing: Zoom Video Communications, Inc. — provides virtual meeting capabilities (see Section 6)
  • Cloud Hosting: Amazon Web Services (AWS) — hosts our platform and stores data in US-based data centers with SOC 2 Type II certification
  • File Storage: Amazon S3 — stores uploaded documents, photos, and files with server-side encryption
  • Analytics: Google Analytics — collects anonymized usage data including pages visited, session duration, and general location. See policies.google.com/privacy
  • Property Data: RentCast API — provides property owner and parcel data for job-related lookups (address data only shared when explicitly requested by user)

7.2 Legal Requirements

  • If required by law, subpoena, court order, or governmental regulation
  • To respond to lawful requests by public authorities, including national security or law enforcement requirements
  • To protect our rights, privacy, safety, or property, or that of our users or the public

7.3 Business Transfers

In connection with a merger, acquisition, reorganization, sale of assets, or bankruptcy, your information may be transferred as part of that transaction. We will notify you via email and/or prominent notice on our Service before your information becomes subject to a different privacy policy.

7.4 With Your Consent

We may share your information with third parties when you have given us explicit consent to do so.

7.5 Customer Portal Sharing

When contractors use our customer portal feature, certain job information (status, photos, documents, payment schedules) is shared with their customers through secure, token-based links. Contractors control what information is visible to their customers.

8. Data Security

We implement comprehensive technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction:

8.1 Technical Measures

  • Encryption in Transit: All data transmitted between your browser and our servers is encrypted using TLS 1.2 or higher (HTTPS)
  • Encryption at Rest: Sensitive data is encrypted at rest using AES-256 encryption
  • Password Security: User passwords are hashed using bcrypt with appropriate salt rounds; we never store passwords in plain text
  • Authentication: JWT (JSON Web Token) based authentication with token expiration and refresh mechanisms
  • Access Controls: Role-based access controls (admin, manager, employee) ensure users only access data they are authorized to view
  • Secure File Storage: Documents and files are stored in Amazon S3 with presigned URLs that expire, preventing unauthorized access
  • Database Security: Database access is restricted to authorized application connections only

8.2 Organizational Measures

  • Regular security assessments and code reviews
  • Principle of least privilege for system access
  • Incident response procedures for security breaches
  • Employee security awareness and training

8.3 Breach Notification

In the event of a data breach that affects your personal information, we will notify you within 72 hours of becoming aware of the breach (as required by GDPR) via email and/or through a prominent notice on our Service. We will also notify relevant supervisory authorities as required by applicable law.

9. Data Retention

We retain your information for as long as your account is active or as needed to provide you services. Specific retention periods include:

  • Account Data: Retained while your account is active and for 30 days after deletion request to allow for recovery
  • Business Records: Job history, invoices, estimates, and contracts retained for 7 years after creation for tax and legal compliance
  • Payment Records: Transaction records retained for 7 years as required by financial regulations
  • SMS Consent Records: Retained for the duration of your account plus 5 years for legal compliance
  • SMS/Email Message Logs: Delivery logs retained for 2 years
  • Opt-Out Records: Retained indefinitely to honor your preferences
  • Time Tracking Data: Clock-in/clock-out records including GPS data retained for 3 years for payroll and labor compliance
  • Video Conferencing Data: Zoom meeting IDs and join URLs retained for the duration of the associated appointment; meeting metadata controlled by Zoom's retention policies
  • Audit Logs: Security and compliance audit logs retained for 3 years
  • Usage Analytics: Aggregated, anonymized analytics retained indefinitely for service improvement

You may request deletion of your data at any time (see Section 10). Upon receiving a valid deletion request, we will delete or anonymize your personal data within 30 days, except where retention is required by law or necessary for legitimate business purposes (e.g., fraud prevention, financial compliance).

10. Your Rights Under GDPR (European Economic Area)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have the following rights under the General Data Protection Regulation (GDPR) and equivalent legislation:

10.1 Legal Basis for Processing

We process your personal data on the following legal bases:

  • Contract Performance (Article 6(1)(b)): Processing necessary to fulfill our contractual obligations to you (e.g., providing the Service, processing payments, delivering SMS/email notifications related to your jobs)
  • Legitimate Interest (Article 6(1)(f)): Processing necessary for our legitimate business interests, such as fraud prevention, security, analytics, and service improvement, where those interests are not overridden by your fundamental rights
  • Consent (Article 6(1)(a)): Where you have given explicit consent, such as opting in to SMS marketing communications, enabling Zoom integration, or accepting non-essential cookies
  • Legal Obligation (Article 6(1)(c)): Where processing is required to comply with applicable laws (e.g., tax record retention, fraud reporting)

10.2 Your GDPR Rights

  • Right of Access (Article 15): You have the right to request a copy of all personal data we hold about you. We will provide this in a commonly used, machine-readable format within 30 days of your request.
  • Right to Rectification (Article 16): You have the right to request correction of inaccurate or incomplete personal data. You can also update most information directly through your account settings.
  • Right to Erasure / "Right to be Forgotten" (Article 17): You have the right to request deletion of your personal data. We will comply unless the data is required for legal compliance, exercise of legal claims, or other lawful exceptions.
  • Right to Restriction of Processing (Article 18): You have the right to request that we restrict processing of your data in certain circumstances, such as when you contest the accuracy of the data or object to our processing.
  • Right to Data Portability (Article 20): You have the right to receive your personal data in a structured, commonly used, machine-readable format (e.g., JSON or CSV) and to transmit that data to another controller.
  • Right to Object (Article 21): You have the right to object to processing based on legitimate interests, including profiling. You also have the absolute right to object to direct marketing at any time.
  • Right to Withdraw Consent (Article 7(3)): Where processing is based on consent, you may withdraw your consent at any time without affecting the lawfulness of processing carried out before withdrawal. This includes SMS consent, cookie consent, and Zoom integration consent.
  • Rights Related to Automated Decision-Making (Article 22): We do not make automated decisions that produce legal effects or significantly affect you. If this changes, you will have the right to obtain human intervention, express your point of view, and contest the decision.

10.3 How to Exercise Your Rights

To exercise any of the above rights, you may:

  • Email us at support@probizpay.com with your request
  • Use the data export and account deletion features in your account settings
  • Call us at 727-297-2717

We will respond to all legitimate requests within 30 days. If your request is complex or you have made multiple requests, we may extend this by a further 60 days, but we will notify you of the extension within the initial 30-day period.

10.4 Right to Lodge a Complaint

If you believe your data protection rights have been violated, you have the right to lodge a complaint with a supervisory authority in the EU Member State of your habitual residence, your place of work, or the place of the alleged infringement. A list of EU data protection authorities is available at edpb.europa.eu.

10.5 Data Protection Officer

For data protection inquiries, you may contact our privacy team at privacy@probizpay.com.

11. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect information about your browsing activities. For detailed information about the cookies we use, please see our Cookie Policy.

11.1 Types of Cookies We Use

  • Essential Cookies: Required for the platform to function properly (authentication, security, session management). These cannot be disabled.
  • Functional Cookies: Remember your preferences, settings, and choices to provide a personalized experience. Disabling these may reduce functionality.
  • Analytics Cookies: Help us understand how users interact with our platform using Google Analytics. Data collected includes pages visited, time on site, and general location. These can be disabled through cookie preferences.

11.2 Managing Cookies

  • You can manage your cookie preferences through the cookie consent banner displayed on your first visit
  • You can update your preferences at any time through the "Cookie Preferences" option
  • You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent
  • Disabling essential cookies may prevent you from using certain features of the Service

11.3 Do Not Track

Our platform respects your cookie consent preferences. We honor browser-level cookie settings. Some features may require essential cookies to function.

12. California Residents (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):

12.1 Your California Privacy Rights

  • Right to Know: You can request information about the categories and specific pieces of personal information we have collected, the categories of sources, the business purposes for collection, and the categories of third parties with whom we share it
  • Right to Delete: You can request deletion of your personal information, subject to certain exceptions required by law
  • Right to Correct: You can request correction of inaccurate personal information we maintain about you
  • Right to Opt-Out of Sale/Sharing: We do not sell personal information. We do not share personal information for cross-context behavioral advertising. If this changes, you will have the right to opt out
  • Right to Limit Use of Sensitive Personal Information: You can direct us to limit the use and disclosure of sensitive personal information to what is necessary to provide the Service
  • Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights

12.2 Categories of Personal Information Collected

  • Identifiers (name, email, phone number, IP address)
  • Commercial information (transaction history, invoices, estimates)
  • Internet activity (browsing history, usage data, feature interactions)
  • Geolocation data (GPS coordinates for time tracking, general location from IP)
  • Professional information (company name, job title, employee data)
  • Sensitive personal information (account login credentials, precise geolocation)

12.3 Exercising Your Rights

To exercise these rights, contact us at support@probizpay.com or call 727-297-2717. We will verify your identity before processing your request. You may also designate an authorized agent to make requests on your behalf.

12.4 Shine the Light

Under California Civil Code Section 1798.83, California residents may request information about our disclosure of personal information to third parties for direct marketing purposes. As stated above, we do not disclose personal information to third parties for their direct marketing purposes.

13. International Data Transfers

ProBizPay is based in the United States and our primary servers are located in the US. If you access our Service from outside the United States, please be aware that:

  • Your information will be transferred to, stored, and processed in the United States
  • US data protection laws may differ from those in your country of residence
  • We rely on the following mechanisms for international data transfers:
    • Standard Contractual Clauses (SCCs): We use EU-approved Standard Contractual Clauses with our sub-processors where required
    • Data Privacy Framework: Several of our sub-processors (Twilio, Zoom, Stripe, AWS, Google) are certified under the EU-US Data Privacy Framework
    • Adequacy Decisions: Where applicable, we rely on adequacy decisions by the European Commission

We take appropriate safeguards to ensure that your personal data is treated securely and in accordance with this Privacy Policy regardless of where it is processed. By using our Service, you acknowledge and consent to the transfer of your information as described herein.

14. Children's Privacy

Our Service is a business-to-business platform not directed to children under 16 years of age (or 13 in jurisdictions where applicable). We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal information without parental consent, please contact us immediately at support@probizpay.com and we will take steps to delete such information within 30 days.

15. Third-Party Links

Our Service may contain links to third-party websites, services, or applications that are not operated by us. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services. We strongly encourage you to review the privacy policy of every site you visit.

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make changes:

  • We will update the "Last updated" date at the top of this page
  • For material changes, we will notify you via email to the address associated with your account and/or through a prominent notice on our Service at least 30 days before the changes take effect
  • Where required by GDPR, we will obtain your consent to material changes in how we process your personal data
  • Your continued use of the Service after the effective date of the updated policy constitutes acceptance of the changes

17. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

ProBiz Pay LLC
7901 4th St N, Suite 300
St. Petersburg, FL 33702
United States

General inquiries: support@probizpay.com
Privacy inquiries: privacy@probizpay.com
Phone: 727-297-2717
SMS support: 727-766-8962

For SMS-related inquiries, you may also reply HELP to any text message.

We aim to respond to all privacy-related inquiries within 30 days.