Privacy Policy

1. Who is responsible for your data

FieldWatch is the data controller for personal data processed through the Services. Contact: support@usefieldwatch.com.

2. Data we collect

• Account and registration: When you register we collect first name, last name, email address, company (optional), password (stored in hashed form only), and a short reason for using FieldWatch. We use this to create and manage your account and to review access requests.
• Job postings: If you post a job we store the job details (title, type, description, location, deadline, budget range, contact email, optional image) and link them to your account.
• Service requests: When you submit a service request we collect name, email, company (optional), notes, area, pricing-related data, and polygon/geographic coordinates you draw for the request. You may submit a request with or without being logged in; when logged in we link the request to your account.
• Job applications: When you apply to a job we store your application message and link it to your account and the job.
• Session and authentication: We create server-side sessions (user identifier, email, expiry) and set a session cookie so you stay logged in. We may also store a copy of your user profile in your browser's local storage to keep you signed in across tabs.
• Usage and analytics: We use Vercel Analytics and, when configured, Google Analytics to understand how the site is used (e.g. pages visited, general usage patterns). This may involve cookies or similar technologies. See Section 5 for more.

3. How we use your data

• To provide the Services (accounts, jobs, service requests, applications, dashboards).
• To authenticate you and manage sessions.
• To communicate with you about your account, jobs, or service requests where necessary.
• To improve and secure the Services and to analyse usage (analytics).
• To comply with legal obligations and enforce our Terms of Service.

4. Legal basis (where applicable)

• Contract: Processing necessary to create and run your account and to provide the Services you request.
• Legitimate interests: Improving the Services, security, analytics, and handling support or disputes.
• Consent: Where we rely on consent (e.g. for optional cookies or marketing, if we add them), we will ask and you may withdraw consent at any time.

5. Cookies and local storage

• Session cookie: We set a session cookie (httpOnly, secure in production, sameSite: lax) to keep you logged in. It typically lasts up to 7 days and may be refreshed. You can clear it by logging out.
• Local storage: We store your user profile and an authenticated flag in your browser's local storage so the app can restore your login state. This data stays on your device.
• Analytics: We use Vercel Analytics and may use Google Analytics. These may set cookies or use similar technologies. You can control cookies via your browser settings; see the respective providers' policies for details.

6. Third parties and international transfer

• Hosting and infrastructure: The Services run on infrastructure that may process data in various locations (e.g. Vercel, Google Cloud). By using the Services you acknowledge that your data may be transferred to and processed in those locations.
• Analytics: Data may be shared with Vercel and Google (for Google Analytics) as described above. We do not sell your personal data to third parties.

7. Data retention

• Account data: Retained while your account is active and for a reasonable period after closure for legal and operational purposes.
• Sessions: Session records are removed when you log out or when the session expires; cookie and local storage data are cleared on logout.
• Jobs, service requests, applications: Retained as needed to provide the Services and for legitimate business and legal purposes. We may anonymise or delete in line with our retention schedule.

8. Security

We use HTTPS and secure cookies in production. Passwords are hashed (we do not store plain-text passwords). We take reasonable technical and organisational measures to protect your data; no system is completely secure.

9. Your rights

Depending on your location you may have the right to: access your personal data; correct inaccuracies; request deletion; restrict or object to certain processing; data portability; and withdraw consent where processing is based on consent. You can exercise these by contacting us. You may also have the right to complain to a supervisory authority.

10. Children

The Services are not directed at children. We do not knowingly collect personal data from children under the age specified by applicable law (e.g. 16 in the EU). If you believe we have collected such data, please contact us.

11. Changes to this policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top will be revised. Continued use of the Services after changes constitutes acceptance of the updated policy. We encourage you to review it periodically.

12. Contact

For privacy-related requests or questions: support@usefieldwatch.com.