ProBizPay

Privacy Policy

Last updated: April 17, 2026

1. Introduction

ProBiz Pay LLC ("we", "our", or "us") operates the ProBizPay platform (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our platform, or interact with any of our services. This policy applies to all users of our Service, including contractors, their employees, their customers, and website visitors.

By accessing or using the Service, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with this policy, please do not access or use the Service.

2. Information We Collect

We collect several types of information from and about users of our Service:

2.1 Information You Provide Directly

  • Account Information: Name, email address, phone number, company name, job title, and password when you create an account
  • Business Information: Customer data, job details, invoices, estimates, contracts, proposals, photos, and documents you upload to the platform
  • Payment Information: Billing address, payment method details, and bank account information (processed securely by our payment providers — we do not store full card numbers)
  • Communications: Messages you send through our platform, including customer communications, internal notes, and support requests
  • Mobile Phone Numbers: Phone numbers provided for the purpose of sending and receiving SMS/text message notifications
  • Employee Information: Names, contact details, hourly rates, and time tracking data for employees managed through the platform
  • Property and Address Data: Service addresses, property owner information, and parcel data associated with jobs

2.2 Information Collected Automatically

  • Usage Data: Pages visited, features accessed, actions taken, timestamps, and session duration
  • Device Information: Browser type, operating system, device type, screen resolution, and unique device identifiers
  • Log Data: IP address, access times, referring URLs, and pages viewed
  • Location Data: GPS coordinates collected during clock-in/clock-out for time tracking (with employee consent), and general location derived from IP address
  • Cookie Data: Information collected through cookies, web beacons, and similar tracking technologies (see Section 11)

2.3 Information from Third Parties

  • Payment Processors: Transaction confirmation and status from Stripe and Helcim
  • Property Data Providers: Property owner records and parcel data from RentCast API for job-related lookups
  • Video Conferencing: Meeting participation data and connection information from Zoom (see Section 7)
  • Communication Providers: Delivery status and engagement data from Twilio (SMS) and SendGrid (email)

3. How We Use Your Information

We use the information we collect for the following purposes:

3.1 Service Delivery

  • Provide, operate, maintain, and improve our platform and services
  • Process transactions, send invoices, and manage payment collection
  • Facilitate scheduling, job management, and route planning
  • Enable time tracking with GPS verification for employee clock-in/clock-out
  • Generate estimates, proposals, contracts, and other business documents
  • Operate the customer portal for job status updates, document sharing, and payments

3.2 Communications

  • Send SMS notifications including appointment reminders, job updates, and payment confirmations (with consent)
  • Send email notifications including invoices, estimates, and status updates
  • Send technical notices, security alerts, and support messages
  • Facilitate video conferencing meetings between contractors and clients through Zoom integration

3.3 Analytics and Improvement

  • Monitor and analyze trends, usage patterns, and user activities
  • Personalize and improve your experience on the platform
  • Develop new features and services based on usage patterns
  • Conduct research and analysis to improve service quality

3.4 Security and Compliance

  • Detect, investigate, and prevent fraudulent transactions and unauthorized access
  • Enforce our Terms of Service and other agreements
  • Comply with legal obligations and respond to lawful requests
  • Maintain audit trails for regulatory compliance

4. SMS/Text Messaging Privacy

ProBizPay uses Twilio, Inc. as our SMS/text messaging service provider. This section specifically addresses how we handle your data in connection with SMS communications.

4.1 Data Collection for SMS

  • Phone Numbers: We collect mobile phone numbers solely for the purpose of sending service-related SMS notifications. We do not sell, rent, or share your phone number with third parties for marketing purposes.
  • Consent Records: We maintain detailed records of your SMS consent including the date, time, method of consent (web form, verbal, written), and IP address for compliance purposes.
  • Message Content: SMS messages may contain appointment reminders, job updates, estimate notifications, payment confirmations, schedule changes, and other service-related information.

4.2 Twilio as Sub-Processor

  • Twilio processes SMS messages on our behalf as a data sub-processor
  • Twilio receives the recipient phone number and message content necessary to deliver the SMS
  • Twilio maintains its own privacy policy at twilio.com/legal/privacy
  • Twilio is certified under the EU-US Data Privacy Framework for international data transfers
  • We have a Data Processing Agreement (DPA) with Twilio that governs their handling of personal data

4.3 SMS Data Retention

  • SMS consent records are retained for the duration of your account plus 5 years for legal compliance
  • Message delivery logs are retained for 2 years
  • Opt-out records are retained indefinitely to ensure continued compliance with your preferences

4.4 SMS Opt-Out

  • You may opt out of SMS at any time by replying STOP to any message
  • You may also opt out through your account settings on the platform
  • Reply HELP to any message for assistance
  • After opting out, you will receive one final confirmation message and no further SMS messages
  • Opting out of SMS does not affect other communications (email, in-app notifications)

4.5 No Sharing of SMS Data

Your phone number and SMS data are never shared with, sold to, or rented to third parties for their own marketing purposes. Phone numbers are shared only with Twilio as necessary to deliver messages on our behalf.

For SMS-related inquiries: 727-766-8962 or support@probizpay.com. For complete SMS terms including message frequency, see our Terms of Service.

5. Facebook & Instagram Integration (Meta)

ProBizPay offers an optional social media management feature that allows you to connect your Facebook Page and Instagram Business account. When you connect these accounts via Facebook Login, we request the following permissions:

  • pages_show_list: View the list of Facebook Pages you manage so you can select which Page to connect.
  • pages_manage_posts: Create, edit, and delete posts on your connected Facebook Page on your behalf.
  • pages_read_engagement: Read engagement metrics (likes, comments, shares) on your Page posts to display analytics within ProBizPay.
  • pages_manage_metadata: Manage your Page settings and subscribe to webhooks for real-time updates.
  • instagram_basic: Access your Instagram Business account profile information and media.
  • instagram_content_publish: Publish photos and content to your Instagram Business account on your behalf.
  • business_management: Access your Meta Business account to connect Pages and Instagram accounts.

5.1 How We Use Facebook & Instagram Data

  • Publish posts (including text, images, and videos) to your Facebook Page and Instagram Business account from the ProBizPay dashboard
  • Use AI to generate captions, hashtags, and content suggestions tailored to your business
  • Display engagement metrics (likes, comments, shares) on your published posts
  • Monitor your Page comments for potential customer service leads (with your permission)
  • Schedule posts for future publication

5.2 How We Store Facebook & Instagram Data

  • OAuth access tokens are stored in our encrypted database and are only used to interact with Meta APIs on your behalf
  • Connected account information (Page name, Page ID, account status) is stored to maintain your connection
  • Post content you create through ProBizPay is stored in our database
  • Engagement metrics are retrieved in real-time from Meta APIs and are not permanently stored

5.3 AI Processing of Social Media Data

Our AI assistant ("Bree") generates social media content including captions, hashtags, and post suggestions based on your business profile, job completions, and service offerings. AI-generated content is always presented to you for review before publishing. AI processing is performed solely to provide social media management features within ProBizPay. Your social media data is not used for advertising, is not sold, and is not shared outside your company account.

5.4 Data Deletion & Deauthorization

When you disconnect your Facebook or Instagram account from ProBizPay, or when you deauthorize our app through Facebook settings, we automatically:

  • Delete your stored OAuth access tokens and refresh tokens
  • Remove your connected account records from our database
  • Stop all API access to your Facebook Pages and Instagram accounts

Post content you created through ProBizPay (captions, images) is retained as part of your business records unless you request its deletion. To request complete deletion of all your data, contact us at support@probizpay.com.

Meta may also send us a data deletion request on your behalf. When received, we process the deletion automatically and provide a confirmation code.

5.5 Revoking Access

You may disconnect your Facebook and Instagram accounts at any time from the Social Media settings page in ProBizPay. You may also revoke access from your Facebook Business Integrations settings. When access is revoked, we immediately stop accessing your accounts and delete stored tokens.

6. Email Communications Privacy

ProBizPay uses SendGrid (a Twilio company) as our email service provider.

  • Transactional Emails: Invoices, estimates, payment receipts, appointment confirmations, and job status updates are sent as transactional emails necessary for service delivery
  • Email Tracking: We may track email delivery status, open rates, and click-through rates to ensure reliable message delivery and improve our communications
  • Email Data Shared with SendGrid: Recipient email address, sender information, subject line, and message content
  • Unsubscribe: Marketing emails include an unsubscribe link. Transactional emails related to active jobs and payments cannot be opted out of while the service relationship exists
  • SendGrid's privacy policy is available at twilio.com/legal/privacy (SendGrid is a Twilio company)

7. Video Conferencing (Zoom) Privacy

ProBizPay integrates with Zoom Video Communications, Inc. ("Zoom") to provide video conferencing capabilities for virtual appointments, consultations, and meetings between contractors and their clients.

7.1 Data Shared with Zoom

  • Meeting Creation: When a virtual appointment is scheduled, we create a Zoom meeting using our Zoom integration. The meeting topic (derived from the appointment type) and scheduled time are shared with Zoom.
  • Participant Information: Participant names and email addresses may be shared with Zoom to send meeting invitations and enable meeting access.
  • Meeting Metadata: Meeting duration, participant join/leave times, and connection quality data are collected by Zoom.

7.2 Data Zoom Collects Directly

When you join a Zoom meeting through our platform, Zoom may independently collect:

  • Your IP address and general location
  • Device information (operating system, browser, hardware)
  • Audio and video data during the meeting (if camera/microphone are enabled)
  • Chat messages sent during the meeting
  • Screen sharing content (if screen sharing is used)
  • Meeting recordings (only if the host enables recording — participants are always notified)

7.3 Zoom as Sub-Processor

  • Zoom acts as a data sub-processor when processing meeting data on our behalf
  • We connect to Zoom via OAuth 2.0, and our integration requests only the permissions necessary to create and manage meetings
  • We store Zoom meeting IDs and join URLs in our database to facilitate meeting access; we do not store meeting recordings, chat logs, or audio/video content
  • Zoom maintains its own comprehensive privacy policy at zoom.us/privacy
  • Zoom is certified under the EU-US Data Privacy Framework

7.4 Meeting Recordings

  • ProBizPay does not automatically record Zoom meetings
  • If a meeting host chooses to record, all participants will be notified by Zoom before recording begins
  • Participants may leave the meeting if they do not consent to recording
  • Any recordings are stored by Zoom according to their retention policies and the host's account settings

7.5 Revoking Zoom Access

You may disconnect Zoom from your ProBizPay account at any time through the Integrations settings page. Disconnecting will revoke our access to create meetings on your behalf. Previously created meetings may still be accessible through Zoom directly.

8. Information Sharing and Disclosure

We do not sell, rent, or trade your personal information to third parties for their marketing purposes. We may share your information only in the following limited circumstances:

8.1 Service Providers (Sub-Processors)

We share data with the following categories of service providers who process data on our behalf under contractual obligations to protect your information:

  • Payment Processing: Stripe, Inc. and Helcim, Inc. — process credit/debit card and ACH transactions (PCI-DSS Level 1 compliant). See stripe.com/privacy and helcim.com/privacy
  • SMS Communications: Twilio, Inc. — delivers SMS/text messages (see Section 4)
  • Email Communications: SendGrid (Twilio) — delivers transactional and notification emails (see Section 6)
  • Video Conferencing: Zoom Video Communications, Inc. — provides virtual meeting capabilities (see Section 7)
  • Social Media: Meta Platforms, Inc. (Facebook & Instagram) — publishes posts and reads engagement metrics via Graph API on behalf of users (see Section 5). See facebook.com/privacy/policy
  • Cloud Hosting: Amazon Web Services (AWS) — hosts our platform and stores data in US-based data centers with SOC 2 Type II certification
  • File Storage: Amazon S3 — stores uploaded documents, photos, and files with server-side encryption
  • Analytics: Google Analytics — collects anonymized usage data including pages visited, session duration, and general location. See policies.google.com/privacy
  • Property Data: RentCast API — provides property owner and parcel data for job-related lookups (address data only shared when explicitly requested by user)
  • Address Lookup & Mapping: Google Maps Platform / Places API — provides address autocomplete, geocoding, route optimization, and map displays. See policies.google.com/privacy
  • AI Assistants: Google Gemini API (powers the "Joe" in-app AI assistant) and Retell AI (powers the "Chloe" phone assistant). Conversation content, transcripts, and context data are transmitted to these providers to generate responses. See policies.google.com/privacy and retellai.com/privacy-policy. See Section 19 for details.
  • Push Notifications: Apple Push Notification service (APNs) and Firebase Cloud Messaging (FCM) — deliver app notifications to your device. Only device tokens and notification content are processed.
  • Accounting Integration: Intuit QuickBooks API — if you connect a QuickBooks account, invoice, customer, and payment data are synced between ProBizPay and QuickBooks under your explicit authorization. See intuit.com/privacy
  • Mobile Wallet / Tap to Pay: Apple Pay (Apple Inc.) and Google Pay (Google LLC) — payment credentials never touch our servers; processed directly between your device, the card network, and Stripe/Helcim
  • Decentralized Storage (optional): IPFS (InterPlanetary File System) — used for optional immutable document storage at the user's discretion; files stored via IPFS are content-addressed and may be replicated publicly across the IPFS network
  • Cryptocurrency (optional): Nano (nano.org) and Polygon (polygon.technology) — used only if a user explicitly chooses to accept or send crypto payments; blockchain transactions are public by nature and cannot be deleted

8.2 Legal Requirements

  • If required by law, subpoena, court order, or governmental regulation
  • To respond to lawful requests by public authorities, including national security or law enforcement requirements
  • To protect our rights, privacy, safety, or property, or that of our users or the public

8.3 Business Transfers

In connection with a merger, acquisition, reorganization, sale of assets, or bankruptcy, your information may be transferred as part of that transaction. We will notify you via email and/or prominent notice on our Service before your information becomes subject to a different privacy policy.

8.4 With Your Consent

We may share your information with third parties when you have given us explicit consent to do so.

8.5 Customer Portal Sharing

When contractors use our customer portal feature, certain job information (status, photos, documents, payment schedules) is shared with their customers through secure, token-based links. Contractors control what information is visible to their customers.

9. Data Security

We implement comprehensive technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction:

9.1 Technical Measures

  • Encryption in Transit: All data transmitted between your browser and our servers is encrypted using TLS 1.2 or higher (HTTPS)
  • Encryption at Rest: Sensitive data is encrypted at rest using AES-256 encryption
  • Password Security: User passwords are hashed using bcrypt with appropriate salt rounds; we never store passwords in plain text
  • Authentication: JWT (JSON Web Token) based authentication with token expiration and refresh mechanisms
  • Access Controls: Role-based access controls (admin, manager, employee) ensure users only access data they are authorized to view
  • Secure File Storage: Documents and files are stored in Amazon S3 with presigned URLs that expire, preventing unauthorized access
  • Database Security: Database access is restricted to authorized application connections only

9.2 Organizational Measures

  • Regular security assessments and code reviews
  • Principle of least privilege for system access
  • Incident response procedures for security breaches
  • Employee security awareness and training

9.3 Breach Notification

In the event of a data breach that affects your personal information, we will notify you within 72 hours of becoming aware of the breach (as required by GDPR) via email and/or through a prominent notice on our Service. We will also notify relevant supervisory authorities as required by applicable law.

10. Data Retention

We retain your information for as long as your account is active or as needed to provide you services. Specific retention periods include:

  • Account Data: Retained while your account is active and for 30 days after deletion request to allow for recovery
  • Business Records: Job history, invoices, estimates, and contracts retained for 7 years after creation for tax and legal compliance
  • Payment Records: Transaction records retained for 7 years as required by financial regulations
  • SMS Consent Records: Retained for the duration of your account plus 5 years for legal compliance
  • SMS/Email Message Logs: Delivery logs retained for 2 years
  • Social Media Data: Facebook/Instagram OAuth tokens deleted immediately upon disconnection or deauthorization. Post content retained as business records unless deletion is requested.
  • Opt-Out Records: Retained indefinitely to honor your preferences
  • Time Tracking Data: Clock-in/clock-out records including GPS data retained for 3 years for payroll and labor compliance
  • Video Conferencing Data: Zoom meeting IDs and join URLs retained for the duration of the associated appointment; meeting metadata controlled by Zoom's retention policies
  • Audit Logs: Security and compliance audit logs retained for 3 years
  • Usage Analytics: Aggregated, anonymized analytics retained indefinitely for service improvement

You may request deletion of your data at any time (see Section 10). Upon receiving a valid deletion request, we will delete or anonymize your personal data within 30 days, except where retention is required by law or necessary for legitimate business purposes (e.g., fraud prevention, financial compliance).

11. Your Rights Under GDPR (European Economic Area)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have the following rights under the General Data Protection Regulation (GDPR) and equivalent legislation:

11.1 Legal Basis for Processing

We process your personal data on the following legal bases:

  • Contract Performance (Article 6(1)(b)): Processing necessary to fulfill our contractual obligations to you (e.g., providing the Service, processing payments, delivering SMS/email notifications related to your jobs)
  • Legitimate Interest (Article 6(1)(f)): Processing necessary for our legitimate business interests, such as fraud prevention, security, analytics, and service improvement, where those interests are not overridden by your fundamental rights
  • Consent (Article 6(1)(a)): Where you have given explicit consent, such as opting in to SMS marketing communications, enabling Zoom integration, or accepting non-essential cookies
  • Legal Obligation (Article 6(1)(c)): Where processing is required to comply with applicable laws (e.g., tax record retention, fraud reporting)

11.2 Your GDPR Rights

  • Right of Access (Article 15): You have the right to request a copy of all personal data we hold about you. We will provide this in a commonly used, machine-readable format within 30 days of your request.
  • Right to Rectification (Article 16): You have the right to request correction of inaccurate or incomplete personal data. You can also update most information directly through your account settings.
  • Right to Erasure / "Right to be Forgotten" (Article 17): You have the right to request deletion of your personal data. We will comply unless the data is required for legal compliance, exercise of legal claims, or other lawful exceptions.
  • Right to Restriction of Processing (Article 18): You have the right to request that we restrict processing of your data in certain circumstances, such as when you contest the accuracy of the data or object to our processing.
  • Right to Data Portability (Article 20): You have the right to receive your personal data in a structured, commonly used, machine-readable format (e.g., JSON or CSV) and to transmit that data to another controller.
  • Right to Object (Article 21): You have the right to object to processing based on legitimate interests, including profiling. You also have the absolute right to object to direct marketing at any time.
  • Right to Withdraw Consent (Article 7(3)): Where processing is based on consent, you may withdraw your consent at any time without affecting the lawfulness of processing carried out before withdrawal. This includes SMS consent, cookie consent, and Zoom integration consent.
  • Rights Related to Automated Decision-Making (Article 22): We do not make automated decisions that produce legal effects or significantly affect you. If this changes, you will have the right to obtain human intervention, express your point of view, and contest the decision.

11.3 How to Exercise Your Rights

To exercise any of the above rights, you may:

  • Email us at support@probizpay.com with your request
  • Use the data export and account deletion features in your account settings
  • Call us at 727-297-2717

We will respond to all legitimate requests within 30 days. If your request is complex or you have made multiple requests, we may extend this by a further 60 days, but we will notify you of the extension within the initial 30-day period.

11.4 Right to Lodge a Complaint

If you believe your data protection rights have been violated, you have the right to lodge a complaint with a supervisory authority in the EU Member State of your habitual residence, your place of work, or the place of the alleged infringement. A list of EU data protection authorities is available at edpb.europa.eu.

11.5 Data Protection Officer

For data protection inquiries, you may contact our privacy team at privacy@probizpay.com.

12. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect information about your browsing activities. For detailed information about the cookies we use, please see our Cookie Policy.

12.1 Types of Cookies We Use

  • Essential Cookies: Required for the platform to function properly (authentication, security, session management). These cannot be disabled.
  • Functional Cookies: Remember your preferences, settings, and choices to provide a personalized experience. Disabling these may reduce functionality.
  • Analytics Cookies: Help us understand how users interact with our platform using Google Analytics. Data collected includes pages visited, time on site, and general location. These can be disabled through cookie preferences.

12.2 Managing Cookies

  • You can manage your cookie preferences through the cookie consent banner displayed on your first visit
  • You can update your preferences at any time through the "Cookie Preferences" option
  • You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent
  • Disabling essential cookies may prevent you from using certain features of the Service

12.3 Do Not Track

Our platform respects your cookie consent preferences. We honor browser-level cookie settings. Some features may require essential cookies to function.

13. California Residents (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):

13.1 Your California Privacy Rights

  • Right to Know: You can request information about the categories and specific pieces of personal information we have collected, the categories of sources, the business purposes for collection, and the categories of third parties with whom we share it
  • Right to Delete: You can request deletion of your personal information, subject to certain exceptions required by law
  • Right to Correct: You can request correction of inaccurate personal information we maintain about you
  • Right to Opt-Out of Sale/Sharing: We do not sell personal information. We do not share personal information for cross-context behavioral advertising. If this changes, you will have the right to opt out
  • Right to Limit Use of Sensitive Personal Information: You can direct us to limit the use and disclosure of sensitive personal information to what is necessary to provide the Service
  • Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights

13.2 Categories of Personal Information Collected

  • Identifiers (name, email, phone number, IP address)
  • Commercial information (transaction history, invoices, estimates)
  • Internet activity (browsing history, usage data, feature interactions)
  • Geolocation data (GPS coordinates for time tracking, general location from IP)
  • Professional information (company name, job title, employee data)
  • Sensitive personal information (account login credentials, precise geolocation)

13.3 Exercising Your Rights

To exercise these rights, contact us at support@probizpay.com or call 727-297-2717. We will verify your identity before processing your request. You may also designate an authorized agent to make requests on your behalf.

13.4 Shine the Light

Under California Civil Code Section 1798.83, California residents may request information about our disclosure of personal information to third parties for direct marketing purposes. As stated above, we do not disclose personal information to third parties for their direct marketing purposes.

14. International Data Transfers

ProBizPay is based in the United States and our primary servers are located in the US. If you access our Service from outside the United States, please be aware that:

  • Your information will be transferred to, stored, and processed in the United States
  • US data protection laws may differ from those in your country of residence
  • We rely on the following mechanisms for international data transfers:
    • Standard Contractual Clauses (SCCs): We use EU-approved Standard Contractual Clauses with our sub-processors where required
    • Data Privacy Framework: Several of our sub-processors (Twilio, Zoom, Stripe, AWS, Google) are certified under the EU-US Data Privacy Framework
    • Adequacy Decisions: Where applicable, we rely on adequacy decisions by the European Commission

We take appropriate safeguards to ensure that your personal data is treated securely and in accordance with this Privacy Policy regardless of where it is processed. By using our Service, you acknowledge and consent to the transfer of your information as described herein.

15. Children's Privacy

Our Service is a business-to-business platform intended for use by businesses and adult professionals. It is not directed to, and we do not knowingly collect personal information from, children. In compliance with the U.S. Children's Online Privacy Protection Act (COPPA), we do not knowingly collect personal information from children under the age of 13. In compliance with the EU General Data Protection Regulation (GDPR), we do not knowingly collect personal information from children under the age of 16 in the European Economic Area (or the lower minimum age set by individual EU member states, which may be 13, 14, 15, or 16).

If you become aware that a child has provided us with personal information without verifiable parental consent, please contact us immediately at privacy@probizpay.com and we will take steps to delete such information within 30 days. Parents and guardians who believe their child has provided personal information to us may also request deletion through this address.

16. Third-Party Links

Our Service may contain links to third-party websites, services, or applications that are not operated by us. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services. We strongly encourage you to review the privacy policy of every site you visit.

17. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make changes:

  • We will update the "Last updated" date at the top of this page
  • For material changes, we will notify you via email to the address associated with your account and/or through a prominent notice on our Service at least 30 days before the changes take effect
  • Where required by GDPR, we will obtain your consent to material changes in how we process your personal data
  • Your continued use of the Service after the effective date of the updated policy constitutes acceptance of the changes

19. Mobile App Permissions

The ProBizPay mobile applications for iOS and Android request certain device permissions to provide core functionality. You may grant or deny any permission at the time of prompt, and you may revoke permissions at any time in your device settings. Denying optional permissions will disable related features but will not prevent you from using the rest of the app.

19.1 Camera — Used to capture job site photos (before / during / after), document receipts, scan VIN/parts barcodes, and take photos for estimates. Photos are uploaded only when you explicitly save or send them. Required for photo capture features; otherwise optional.

19.2 Photo Library — Used to upload existing photos from your device's gallery to jobs, estimates, or documents. Only the photos you explicitly select are transmitted; we do not scan or read your full library.

19.3 Location (GPS) — Used for: (a) GPS clock-in/clock-out verification for time tracking; (b) route optimization and turn-by-turn navigation; (c) tagging job site photos with the capture location. Precise location is used only while the relevant feature is active; we do not track location continuously in the background.

19.4 Microphone — Used for video conferencing through Zoom integration and, where enabled, Tap to Pay transaction voice prompts. Audio is not recorded outside an active call or transaction.

19.5 Push Notifications — Used to alert you to job status changes, new messages from customers, payment received, lead notifications, schedule changes, and reminders. You may disable notifications at any time in your device settings, and you may choose categories of notifications you wish to receive in your app preferences.

19.6 Biometrics (Face ID / Touch ID) — Optional. When you enable biometric login, your device's biometric framework handles authentication locally on the device; biometric data is never transmitted to or stored on our servers.

19.7 Contacts — Optional. If you choose to import contacts to create customer records, only the contacts you explicitly select are read; your full contact list is not uploaded.

19.8 Local Storage — The mobile app caches your recent jobs, customers, and documents on the device so you can work offline. Cached data is cleared when you log out of the app.

19.9 App Store Privacy Disclosures — In addition to this Privacy Policy, app-specific data collection is disclosed in the Apple App Store privacy labels and the Google Play Data Safety section on each app's store listing. Those disclosures and this Policy are intended to be consistent; where they differ, this Privacy Policy controls.

20. AI Features — Third-Party AI Services

ProBizPay includes optional AI-assisted features powered by third-party AI services. None of these features is required for core functionality (estimates, jobs, customers, scheduling, invoicing, and payments all work without invoking AI). You can decline AI consent for any feature individually and revoke previously granted consent at any time from Settings > AI & Privacy in our mobile app, or by contacting privacy@probizpay.com.

20.1 Third-Party AI Services Used — ProBizPay shares data with the following third-party AI services to power specific AI features:

  • Google Gemini (via the Google Cloud Generative Language API) — powers Joe (the in-app AI assistant), AI Pricing Suggestions, and AI Description Enhancement.
  • Retell AI — powers Chloe (the AI phone assistant). Retell processes call audio and may use underlying LLM providers (currently Google Gemini) to generate conversational responses.

20.2 What Data Is Shared with Each AI Service

  • Joe (in-app AI assistant) — the text of your typed prompt plus limited relevant business context (such as the customer record or job you are currently viewing) is sent to Google Gemini to generate a response.
  • AI Pricing Suggestions — the job or estimate description you typed plus anonymized historical pricing statistics for your trade are sent to Google Gemini to generate pricing recommendations. No customer-identifying information is included.
  • AI Description Enhancement — the description text you typed is sent to Google Gemini to produce an enhanced version. No customer information, payment data, photos, or uploaded files are included.
  • Chloe (AI phone assistant) — inbound call audio is transcribed and processed by Retell AI. The conversational LLM behind Retell currently uses Google Gemini. Transcripts and structured data extracted from calls (caller name, phone, address, service requested) may be stored by Retell for a limited period for quality and troubleshooting.

What we never send to AI services: customer payment information, passwords, photos, uploaded files, full Social Security numbers, health records, or banking credentials. You should also avoid entering sensitive personal information into AI prompts directly.

20.3 In-App Consent — Before any data is sent to a third-party AI service from our mobile app, an in-app consent modal explains what data will be sent, identifies the AI provider receiving it, and requires your explicit approval. Each AI feature is gated separately so you can grant some and decline others. Your consent choices persist on your device and can be revoked at any time from Settings > AI & Privacy.

20.4 Equivalent Data Protection — Each third-party AI service that ProBizPay shares data with provides data protection that is the same or equivalent to the protections described in this Privacy Policy. Specifically:

  • Google Gemini / Google Cloud processes our requests under the Google Cloud Data Processing Addendum, with contractual commitments that prohibit using customer data to train Google's foundation models, require deletion of cached prompt data within applicable retention windows, and provide GDPR/CCPA equivalent rights. Google is certified under the EU-U.S. Data Privacy Framework. See cloud.google.com/terms/data-processing-addendum and policies.google.com/privacy.
  • Retell AI processes call data under their data processing terms, with contractual commitments not to use customer data to train shared models without consent. See retellai.com/privacy-policy.

By using AI features in ProBizPay, you acknowledge that limited data is transmitted to these third-party AI services to generate responses, that those services contractually provide protections equivalent to those in this Privacy Policy, and that you can revoke consent at any time.

20.5 Automated Decision-Making — AI outputs in ProBizPay are suggestions only. No legally significant decision (such as pricing a customer, denying service, or making employment decisions) is made solely by automated means; a human always approves the final action.

21. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

ProBiz Pay LLC
7901 4th St N, Suite 300
St. Petersburg, FL 33702
United States

General inquiries: support@probizpay.com
Privacy inquiries: privacy@probizpay.com
Phone: 727-297-2717
SMS support: 727-766-8962

For SMS-related inquiries, you may also reply HELP to any text message.

We aim to respond to all privacy-related inquiries within 30 days.