Privacy Policy

If anything here is unclear, email us at mail@thetoolboxpro.com and we'll explain in plain English.

Privacy Policy

If anything here is unclear, email us at mail@thetoolboxpro.com and we will explain in plain English. Effective Date: November 4, 2024. Last Updated: April 24, 2026.

The Toolbox Pro LLC ("Company," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you visit our website www.thetoolboxpro.com, use our booking platform at book.thetoolboxpro.com, or otherwise interact with our services. By using our Services, you consent to the practices described in this policy.

1. Information We Collect

We collect personal information that you voluntarily provide to us when you book a service through our website or by phone, create a customer account, fill out a contact form, or communicate with us via email, phone, or text message. This information may include your full name, email address, phone number, service address (including street address, city, state, and ZIP code), crossroads or intersection for location reference, business name for commercial or property management bookings, job descriptions and photos you upload of the repair needed, and payment information processed securely through Stripe; we do not store your credit card numbers.

When you visit our website, we may automatically collect certain information, including your IP address, browser type and version, device type (desktop, mobile, or tablet), operating system, pages visited and time spent on those pages, referring website, and geographic location approximated from your IP address.

We use cookies and similar technologies to analyze website traffic and usage patterns via Google Analytics (ID: G-WCR2LLMTG9), measure advertising effectiveness via Google Ads, provide social media features via the Facebook Pixel, and prevent fraud and abuse via reCAPTCHA. You can control cookies through your browser settings; disabling cookies may affect certain features of our website.

2. How We Use Your Information

We use the information we collect to provide, maintain, and improve our handyman services; process bookings, payments, and communicate about appointments; send appointment confirmations, reminders, and follow-ups; respond to your inquiries and customer service requests; generate price estimates including AI-assisted estimates; analyze website usage to improve our online experience; and comply with legal obligations. We do not use your information to send unsolicited marketing emails or sell your data to third parties for marketing purposes.

3. How We Share Your Information

We may share your information in the following limited circumstances. Payment Processing: we use Stripe to process payments, and your payment information is transmitted directly to Stripe under their privacy policy and PCI-DSS compliance standards; we do not store your credit card numbers. Service Providers: we may share information with trusted service providers who assist us in operating our website, conducting our business, or servicing you, provided they agree to keep this information confidential. Legal Requirements: we may disclose your information where required by law, court order, or governmental regulation, or where we believe disclosure is necessary to protect our rights, your safety, or the safety of others. Business Transfer: in the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We do not sell your personal information.

4. Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include SSL/TLS encryption for all data in transit, secure password hashing via bcrypt, access controls limiting who can view personal information, and regular security updates to our systems. However, no method of transmission over the Internet or electronic storage is 100% secure; while we strive to protect your information, we cannot guarantee its absolute security.

5. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Specifically: booking records are retained for 7 years for tax and legal compliance; customer accounts are retained until you request deletion; and website analytics data is retained for 26 months per Google Analytics default settings.

6. Your Rights

All customers have the right to access the personal information we hold about you, request correction of inaccurate information, request deletion of your personal information subject to legal retention requirements, and opt out of marketing communications.

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA): (i) the right to know, meaning you may request disclosure of the categories and specific pieces of personal information we have collected about you; (ii) the right to delete, meaning you may request that we delete personal information we have collected from you subject to certain exceptions; (iii) the right to opt out of the sale of your personal information — we do not sell your personal information; and (iv) the right to non-discrimination, meaning we will not discriminate against you for exercising your privacy rights. To exercise these rights, contact us at mail@thetoolboxpro.com; we will respond within 45 days as required by law.

Arizona does not currently have a comprehensive consumer privacy law equivalent to the CCPA; however, we extend the same privacy rights described above to all our customers regardless of their state of residence.

7. Children's Privacy

Our Services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child under 18, we will take steps to delete that information promptly.

8. Third-Party Links

Our website may contain links to third-party websites, including Google Maps, social media platforms, and payment processors. We are not responsible for the privacy practices of these third-party sites. We encourage you to review their privacy policies before providing any personal information.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated effective date. We encourage you to review this Privacy Policy periodically.

10. Contact Us

If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact us at The Toolbox Pro LLC, 721 N Lisbon Dr, Chandler, AZ 85226, by email at mail@thetoolboxpro.com, Monday through Saturday, 8:00 AM to 5:00 PM MST.

11. Google Sign-In Data (OAuth)

When you choose to sign in using Google ("Sign in with Google"), we receive the following Google user data directly from Google's OAuth 2.0 / OpenID Connect service based on the scopes you consent to (openid, email, and profile): your Google account email address, your display name, your profile picture URL (if public), your Google account subject identifier (a stable, opaque ID), and the email-verification status reported by Google.

How we use Google user data. We use this data exclusively to: (a) create and authenticate your customer account on The Toolbox Pro; (b) pre-fill your name and email when you book a service so you do not have to re-type them; (c) send you transactional emails you request (booking confirmations, receipts, password resets); and (d) link any future bookings you make to the same account so you can see your history.

With whom we share Google user data. We do not sell or rent Google user data. We share it only with the limited set of service providers required to deliver the services you book: our assigned Pro / partner-Pro receives your name, phone, service address, and job description so they can perform the job; Stripe receives your email for payment receipts; Twilio or SendGrid receives your phone or email to deliver SMS and email confirmations. We never share Google user data with advertising networks, data brokers, or analytics platforms.

How we protect Google user data. All data in transit is encrypted via TLS 1.2+. Passwords (if you set one later) are stored as bcrypt hashes — we never store OAuth access tokens beyond the minimum lifetime required to complete authentication. Only the Owner and authorized Office Staff roles can read customer account fields in our admin interface, and every admin action is logged.

Retention and deletion. We retain Google user data for the lifetime of your account. You may request deletion at any time by emailing mail@thetoolboxpro.com with the subject "Delete my account" — we will delete your account, remove your personal data from our live database within 30 days, and purge encrypted backups within 90 days thereafter. Booking records required for tax / accounting compliance are retained for 7 years as required by Arizona state law, but with all Google-sourced personal identifiers redacted.

Limited Use compliance. Our use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. We do not use Google user data to train generalized AI/ML models, serve advertising, or for any purpose other than providing and improving the booking services you explicitly request. We do not transfer Google user data to third parties except as strictly necessary to fulfill the service you booked.

Revoking access. You can revoke our access to your Google account at any time at https://myaccount.google.com/permissions. Revocation stops future sign-ins but does not retroactively delete data we have already collected — use the deletion process above for that.

Location Data and GPS Tracking

Effective date of this section: April 23, 2026 (revised, national multi-state). When you use The Toolbox Pro mobile application as a Service Professional, the app collects GPS location data in the background while you are on an active booking and at a reduced frequency of approximately every five minutes when you are logged in but do not have an active booking. Where you are physically located determines which additional state-law protections apply to you, and the stricter of applicable state law and this policy governs in all cases.

Regardless of which U.S. state you work in or reside in, the following baseline privacy rights apply to every Service Professional: (i) you have the right to know what categories of GPS data are collected and the purposes for which they are used, as described in this section; (ii) you have the right to request deletion of your GPS location history within thirty days by emailing privacy@thetoolboxpro.com; (iii) your GPS location data is never sold, rented, or shared with data brokers or advertisers; (iv) exercising any privacy right will not result in denial of service, reduced booking assignment priority, or account termination; and (v) no payout hold, account suspension, or account termination based on GPS data may occur without prior written notice and a minimum five-business-day response period, as described further in this section. These baseline rights do not replace or reduce any more protective right granted under applicable state law; where state law grants broader protections, state law governs.

The app collects GPS location data during three distinct periods: during an active booking, pings are collected continuously while you are en route to or present at a customer address; while logged in without an active booking, pings are collected at reduced frequency for platform-integrity purposes only; and when you are logged out or in Offline mode, no GPS pings are collected under any circumstances regardless of background permission settings. The application works on personal smartphones. By installing the app and accepting these Terms, you explicitly consent to GPS data collection as described including on your personal device. This consent is freely given and may be withdrawn at any time using the controls described below, with the understanding that withdrawal may affect eligibility for bookings that require location-based verification.

The purposes for which GPS data is collected are as follows. First, dispute resolution: GPS ping records constitute documented evidence of Service Professional presence at a customer address and may be used in chargeback proceedings, claims that a Pro never arrived, or similar disputes. Second, platform integrity: the platform uses GPS stop-cluster analysis to detect patterns that may indicate platform bypass, meaning jobs arranged outside the platform using customer leads generated through the platform; any automated flag produced by this analysis requires human review before any adverse action is taken, and the Pro will receive written notice and a response period before any action is taken, as described further in this section. Third, safety monitoring for W-2 employees on company-owned vehicles only: speed-violation detection applies exclusively to W-2 employees of The Toolbox Pro LLC who are operating a company-owned vehicle and does not apply to 1099 independent contractors, to W-2 employees operating a personal vehicle, or to any Pro using personal transportation of any kind. Fourth, general service quality and operational pattern analysis.

Raw GPS ping data is accessible only to The Toolbox Pro LLC and authorized contractors acting on its behalf. It is never sold, shared with advertisers, disclosed to customers, or shared with law enforcement absent a valid warrant or court order.

Raw GPS ping data is retained for a maximum of eighteen months from the date of collection, after which it is permanently deleted from all systems. Booking-level summaries consisting of arrival and departure windows and address-presence confirmation may be retained for up to five years as normal business records. Individuals with deletion rights under state law may request earlier deletion as described below.

Arizona law (A.R.S. § 13-2923) permits continuous GPS monitoring with the written authorization of the monitored party, and acceptance of these Terms provides that authorization. For Service Professionals performing work physically in California, California law applies regardless of the platform's Arizona domicile; in addition to the baseline rights above, California residents have the right to correct inaccurate personal data, requests are processed within forty-five days per CPRA timelines, California W-2 employees who use a personal device for required work activities are entitled to reasonable expense reimbursement under Labor Code § 2802 and should contact hr@thetoolboxpro.com to request a monthly BYOD stipend, and independent contractors working in California should refer to the contractor classification section of the Terms of Service for AB5 safe-harbor provisions. This section constitutes the required written notice under New York Civil Rights Law § 52-C (effective May 7, 2022): The Toolbox Pro LLC uses electronic GPS monitoring of Service Professionals via the mobile application at the intervals and for the purposes stated in this section, and by using the app in New York you acknowledge receipt of this notice; New York Labor Law § 203-e prohibits retaliation for lawful off-duty activities, and the platform does not penalize Pros for lawful personal activities while logged out. Washington State's My Health MY Data Act (2024) treats precise location data associated with sensitive locations including healthcare facilities, reproductive health centers, places of worship, and mental health providers as consumer health data; such data is never used for profiling or any purpose beyond the stated dispute resolution and platform integrity uses, and Washington residents have the right to access, delete, and opt out of sharing this data by contacting privacy@thetoolboxpro.com. Connecticut (§ 31-48d) and Delaware require written notice to employees prior to electronic monitoring, and this section constitutes that notice for Pros working in those states. Illinois's Right to Privacy in the Workplace Act restricts employer monitoring of off-duty activities, and the platform does not monitor personal activities or lawful off-duty conduct. New Jersey's employee monitoring provisions require advance notice of electronic monitoring, and this section provides that notice. For all other states including Virginia (CDPA), Colorado (CPA), Connecticut (CTDPA), Texas (TDPSA), Florida (FDBR), Nevada (SB 220), Oregon (OCPA), Montana (CDPA), Utah (UCPA), New Hampshire, Delaware (DPDPA), and Tennessee (TIPA), the universal baseline rights stated above meet or exceed applicable state law requirements, and where state-specific rights are more expansive those rights govern. For all remaining states, the baseline rights above apply alongside applicable federal law including the Electronic Communications Privacy Act, the National Labor Relations Act, and the Fair Labor Standards Act.

You may stop GPS pings at any time by logging out or switching to Offline mode in the app, after which no pings are collected regardless of operating system permission settings; this is the most reliable privacy control available and is recommended whenever you are not actively seeking or performing a booking. You may also set your device's location permission to "While Using the App" rather than "Always," which prevents background pings when the app is not in the foreground; "While Using" is sufficient to receive booking notifications and is the recommended setting for BYOD users, and "Always" permission is not a condition of account eligibility or booking assignment. To request deletion of your historical GPS data, email privacy@thetoolboxpro.com with the subject line "GPS Data Deletion" and your name; requests are processed within thirty days, or forty-five days for California CPRA requests; retroactive deletion does not affect data already relied upon in concluded dispute proceedings.

You will not be penalized, suspended, or terminated solely for setting your operating system location permission to "While Using" rather than "Always," for logging out or switching to Offline status between bookings, or for submitting any privacy, deletion, or correction request. Any adverse account action requires a documented, independent business reason unrelated to these privacy choices.

For W-2 employees of The Toolbox Pro LLC, being logged in to the app without an active booking does not constitute compensable work time under the Fair Labor Standards Act or under Arizona, California, or New York wage law. During logged-in off-booking periods, the platform does not control, direct, or restrict your activities, does not require you to remain available or in any specific location, and does not track your compliance with any schedule. You retain full freedom of movement. If you believe a specific situation should be treated as compensable time, contact hr@thetoolboxpro.com.

GPS data showing presence at a prior customer's address during a period when no active booking exists triggers an automated internal review flag and does not constitute an automatic penalty. Before any adverse action including a payout hold, account suspension, or account termination that is based on GPS-inferred platform bypass, you will receive written notice identifying the specific flagged event or events and a minimum of five business days to submit a written explanation and response. Speed-violation alerts for W-2 employees operating company vehicles are subject to the same notice-before-action standard for any disciplinary follow-up.