Privacy Policy

Last updated: March 15, 2026

1. Overview

VECTIS ("VECTIS," "we," "our," or "us") is a mobile CRM application designed for contractors and trades professionals in the United States. This Privacy Policy explains how we collect, use, store, and protect your information when you use the VECTIS app.

By creating an account and using VECTIS, you agree to the practices described in this policy.

2. Information We Collect

Account Information

When you register, we collect:

Email address
Password (stored securely via Firebase Authentication — we never see it in plaintext)
Business name

If you sign in with Apple or Google, we receive your name and email address from those providers. We do not receive your Apple or Google password.

Business Profile

Information you choose to add:

Business phone number
Business email address
Business address
Business logo (uploaded image)
Default hourly rate and tax rate

Business Data You Create

All data you enter into the app, including:

Client names, phone numbers, email addresses, and physical addresses (entered manually or imported from your device contacts)
Job details, descriptions, schedules, photos, and notes
Recurring job series identifiers and scheduling frequency (weekly, bi-weekly, monthly)
Invoice and estimate line items, amounts, and statuses
A snapshot of client contact information saved on each invoice and estimate at the time of creation (preserved even if the client is later deleted)
Client typed-name approval signatures provided when approving estimates online
Expense records and receipts
Timer data for job tracking
Customizable invoice and estimate numbering preferences
Notification preferences

Payment Method Information

If you configure payment methods, we store:

Your CashApp $cashtag, Venmo @handle, or Zelle email/phone (display only — we do not process these transactions)
Your Stripe Connect account ID (if you connect your Stripe account for online payments)

Subscription Information

If you subscribe to VECTIS Pro, we receive confirmation of your active subscription through RevenueCat. We do not store your payment card details — all billing is handled by Apple App Store or Google Play.

Device & Usage Information

We may automatically collect:

Device type, operating system, and app version
Crash logs and error reports
General usage patterns (features used, not content)
Time zone (to display correct local times)
FCM device token (a unique identifier issued by Firebase Cloud Messaging used to deliver push notifications to your device)

3. How We Use Your Information

We use your information solely to provide and improve the VECTIS service:

To authenticate you and secure your account
To store and sync your business data across sessions
To generate invoices, estimates, and PDF documents
To create Stripe payment links when you request them
To display your payment handles (CashApp, Venmo, Zelle) on your invoices
To send scheduled reminders and notifications you configure
To deliver push notifications to your device (e.g. when an invoice is paid or an estimate is approved), even when the app is closed, using your FCM device token
To deliver invoices and estimates to your clients via SMS or email
To record and display your clients' typed-name approval signatures on estimates
To send estimate status notifications (sent, approved, rejected)
To display your business information on PDF documents
To verify and manage your subscription status (Free or Pro)
To enforce monthly usage limits on the Free plan
To provide customer support

We do NOT sell your data to third parties. We do NOT use your data for advertising.

4. Data Storage & Security

Your data is stored securely using Google Firebase (Firestore, Firebase Storage, and Firebase Authentication), hosted in the United States.

All data is isolated per user account — no other VECTIS user can access your data
Data is encrypted in transit (TLS) and at rest by Firebase
Business photos are stored in Firebase Storage with access restricted to your account
We enforce Firestore Security Rules that require authentication for all data access
Passwords are managed entirely by Firebase Authentication using industry-standard hashing

While we take reasonable steps to protect your data, no system is 100% secure. Please use a strong, unique password for your account.

5. Third-Party Services

Firebase (Google)

We use Firebase for authentication, database, file storage, and push notifications (Firebase Cloud Messaging). Your FCM device token is stored in Firestore and used solely to deliver push notifications to your device. Your data is stored on Google's infrastructure. See Google's Privacy Policy at policies.google.com/privacy.

Stripe

If you connect your Stripe account via Stripe Connect, Stripe collects and processes your banking and payout information directly. We store only your Stripe account ID to reference your connected account. VECTIS takes a 0.5% platform fee on payments processed through Stripe, including online invoice payments and in-person card payments via Stripe Terminal. See Stripe's Privacy Policy at stripe.com/privacy.

CashApp, Venmo & Zelle

VECTIS does not integrate with these services via any API. We only store the handle or contact information you provide, and display it on your invoices as a reference for your clients. Any transactions through these platforms are governed entirely by those platforms' own terms and privacy policies.

Apple Sign-In

If you use Sign in with Apple, Apple provides your name and email to authenticate your account. Apple may anonymize your email address using their Private Email Relay. See Apple's Privacy Policy at apple.com/legal/privacy.

Google Sign-In

If you use Sign in with Google, Google provides your name and email to authenticate your account. See Google's Privacy Policy at policies.google.com/privacy.

RevenueCat

We use RevenueCat to manage in-app subscriptions. RevenueCat receives your anonymized device identifier and subscription status to verify your entitlements. RevenueCat does not receive your payment card details. See RevenueCat's Privacy Policy at revenuecat.com/privacy.

Apple App Store & Google Play

Subscription purchases are processed entirely by Apple or Google, depending on your device. We receive only the confirmation of your purchase and entitlement status. See Apple's and Google's respective privacy policies for details on how they handle payment data.

Expo & React Native

The app is built with Expo. Expo may collect anonymized diagnostic data. See expo.dev/privacy.

6. Permissions We Request

The app may request the following device permissions:

Camera — to capture job site photos and upload your business logo
Photo Library — to attach images to jobs and upload your business logo
Location — to navigate to job sites (only used when you tap Navigate)
Notifications — to send job reminders, invoice due alerts, payment received alerts, and estimate status updates. Push notifications are delivered via Firebase Cloud Messaging and can reach your device even when the app is not open
Contacts — optional. Used only when you tap "Import from Contacts" on the Add Client screen. VECTIS reads the selected contact's name, phone number, email address, and physical address to pre-fill the client form. You choose which contact to import; the app does not scan or sync your contact list automatically. The imported information is stored in your VECTIS account as a client record.
Microphone — not requested

You can manage these permissions at any time in your device's Settings.

7. Data Retention

Your data is retained as long as your account is active. If you delete your account:

Your account and all associated data (clients, jobs, invoices, estimates, expenses) will be permanently deleted
Cached images on your device may remain until you clear the app cache
Data may be retained in backups for up to 90 days before permanent deletion

You can delete your account directly inside the app by going to More → Delete Account. You will be asked to confirm your password before deletion. If you need assistance, contact us at support@vectiscrm.app.

8. Your Rights

As a VECTIS user, you have the right to:

Access all your data (it's all visible within the app)
Export your data (use Reports → Export CSV)
Correct inaccurate information at any time
Delete your account and all associated data
Withdraw consent for non-essential data processing

For any privacy requests, contact support@vectiscrm.app.

9. Children's Privacy

VECTIS is intended for business use by adults (18+). We do not knowingly collect information from anyone under 18. If you believe a minor has created an account, contact us immediately at support@vectiscrm.app and we will delete the account.

10. Geographic Scope

VECTIS is available exclusively in the United States. All pricing is in USD. If you access the app from outside the United States, you do so at your own risk and are responsible for compliance with local laws.

11. Changes to This Policy

We may update this Privacy Policy as we add features or as laws change. We will notify you of material changes through the app or via email. Continued use of VECTIS after changes take effect constitutes your acceptance of the updated policy.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy, contact us at:

support@vectiscrm.app
RM Digital Enterprise
United States