Privacy Policy

Last updated: January 1, 2025

Roof Nexus ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform and services.

1. Information We Collect

1.1 Information You Provide

We collect information you directly provide, including:

  • Account Information: Name, email address, phone number, company name, and password when you create an account
  • Business Data: Contact information, job details, estimates, invoices, and other business data you enter into the Service
  • Payment Information: Billing address and payment details (processed by our secure payment partners)
  • Communications: Messages you send to us through support, email, or feedback channels

1.2 Information Collected Automatically

When you use our Service, we automatically collect:

  • Usage Data: Pages visited, features used, actions taken, and time spent on the Service
  • Device Information: Device type, operating system, browser type, and IP address
  • Log Data: Access times, error logs, and referring URLs
  • Cookies: Session cookies, authentication cookies, and analytics cookies

2. How We Use Your Information

We use the collected information to:

  • Provide, maintain, and improve the Service
  • Process transactions and send related information
  • Send administrative notifications, updates, and security alerts
  • Respond to your inquiries and provide customer support
  • Personalize your experience and provide relevant features
  • Monitor and analyze usage patterns to improve the Service
  • Detect, prevent, and address technical issues and security threats
  • Comply with legal obligations

3. Information Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

3.1 Service Providers

We share information with third-party vendors who perform services on our behalf, such as payment processing, email delivery, and cloud hosting. These providers are contractually obligated to protect your information.

3.2 Integrations

When you connect third-party services (like QuickBooks or email providers), we share necessary data to enable the integration as you've authorized.

3.3 Legal Requirements

We may disclose information if required by law, court order, or government request, or to protect our rights, safety, or property.

3.4 Business Transfers

In connection with a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

4. Data Retention

We retain your information for as long as your account is active or as needed to provide the Service. After account termination, we retain data for 90 days before permanent deletion, unless longer retention is required by law or for legitimate business purposes.

Audit logs and activity records are retained for 7 years to support compliance and dispute resolution.

5. Data Security

We implement industry-standard security measures including:

  • AES-256 encryption for data at rest
  • TLS 1.3 encryption for data in transit
  • Regular security audits and penetration testing
  • Multi-factor authentication options
  • Role-based access controls
  • Continuous monitoring and intrusion detection

While we strive to protect your information, no method of transmission over the Internet is 100% secure. You are responsible for maintaining the security of your account credentials.

6. Your Rights and Choices

6.1 Access and Correction

You can access and update your account information through the Service settings. For additional requests, contact us at [email protected].

6.2 Data Export

You can export your data at any time through the account settings. We provide data in standard formats (CSV, JSON).

6.3 Account Deletion

You can request deletion of your account and associated data. Upon request, we will delete your data within 30 days, subject to legal retention requirements.

6.4 Marketing Communications

You can opt out of marketing emails by clicking the unsubscribe link in any marketing message. Note that you cannot opt out of transactional or administrative communications.

6.5 Cookies

Most browsers allow you to control cookies through settings. Disabling certain cookies may affect Service functionality.

7. Children's Privacy

The Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for international transfers, including standard contractual clauses approved by relevant authorities.

9. California Privacy Rights

If you are a California resident, you have the right to:

  • Know what personal information we collect, use, and disclose
  • Request deletion of your personal information
  • Opt out of the sale of personal information (we do not sell personal information)
  • Non-discrimination for exercising your privacy rights

To exercise these rights, contact us at [email protected].

10. European Privacy Rights (GDPR)

If you are in the European Economic Area, you have additional rights including:

  • Right to access your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Rights related to automated decision-making

The legal bases for processing your data include: performance of our contract with you, our legitimate interests, your consent, and compliance with legal obligations.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through the Service. Your continued use of the Service after such notice constitutes acceptance of the updated Privacy Policy.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

Roof Nexus
Attn: Privacy Team
123 Main Street, Suite 400
Austin, TX 78701
Email: [email protected]

For GDPR-related inquiries, you may also contact our Data Protection Officer at [email protected].