CivyxIQ, Inc. ("CivyxIQ," "we," "us," or "our") operates SolarProjeX (the "Service"). This Privacy Policy describes how we collect, use, share, and protect personal information.
Roles: Customer, User, and End Customer
Most personal information processed through the Service falls into one of three roles:
The business entity holding the subscription. The Customer determines what data is collected and how it is used in its account.
An employee, contractor, or crew member invited by the Customer to access the Service.
The Customer's own customer (typically a homeowner) whose information is recorded in jobs, who may receive a share link, or who may submit a review.
CivyxIQ acts as a service provider to the Customer and processes data on the Customer's behalf. The Customer is responsible for: (a) determining what data is collected and how it is used; (b) providing notice and obtaining consent from Users and End Customers where required; (c) responding to data subject requests under applicable law.
If you are a User and have questions about your data, contact your Customer (the business that issued your account). If you are an End Customer and have questions about your data, contact the Customer (the business that performed your job).
Information We Collect
From Customers and Account Owners
- Account information: name, email address, password (hashed), company name, billing contact, and role.
- Billing information: payment card details (processed by our payment processor), billing address, transaction history, and tax information. We do not store full card numbers on our servers.
- Company information: company name, address, license numbers, service area, contractor details, and brand assets, including logos, colors, custom domain configuration for white-label deployments, and other branding elements.
From Users
- Identity and login: name, email, role, password (hashed), profile photo (optional).
- Field activity: GPS coordinates, location data, timestamps, photos taken in-app, signatures captured, work performed, jobs completed, time tracked, materials entered, and notes recorded.
- Device data: device type, operating system, app version, IP address, network status, crash logs.
From the Customer's End Customers
- Job records uploaded by Customer: End Customer names, addresses, contact information, signatures, photos of jobsites, equipment installed, and other operational data Customer chooses to enter into the Service.
- Public share link interactions: when an End Customer accesses a public share link, we may log the access time, IP address, and basic browser information for security and abuse prevention.
- Reviews and ratings: if an End Customer submits a star rating or written review through the share page or customer portal, we collect the rating, written content, and basic submission metadata such as time, IP address, and any identifier the End Customer provides.
CivyxIQ processes End Customer data on behalf of the Customer. The Customer is the data controller for End Customer data. We do not contact End Customers directly except where requested by the Customer or required by law.
Information Collected Automatically
- Device and browser data: IP address, browser type and version, operating system, device identifiers, time zone, and language settings.
- Usage data: pages viewed, features used, search queries, exports performed, timestamps, click paths, and error logs.
- Cookies and similar technologies: as described in our Cookies section below.
- Usage analytics: feature interactions, error reports, performance metrics, real-time activity events used by Mission Control and other dispatch features.
AI Photo Quality Check
If the Customer subscribes to the AI Photo Quality Check add-on, photos uploaded to the Service may be transmitted to a third-party artificial intelligence application programming interface for analysis.
- The third-party provider's privacy and data handling practices apply to data sent to them.
- Photos transmitted may contain images of people, including Users, End Customers, and bystanders.
- CivyxIQ does not control how the third-party AI provider handles, retains, or uses transmitted data, including for model training.
- Customer is responsible for any consents required by applicable law before submitting photos to AI Photo Quality Check.
- Outputs from the AI Photo Quality Check, including quality scores and flagged issues, are stored as part of the job record under Customer's account.
Public Share Links
Public share links are designed to be unguessable URLs that allow End Customers and other recipients to view a specific job report without authentication. Customers control whether to generate, distribute, and revoke share links.
- Anyone who possesses a share link may view its contents until the link is revoked.
- Share link contents may include End Customer personal information, photos, signatures, and job details.
- CivyxIQ logs basic access information about share link views for security purposes.
- CivyxIQ does not control downstream redistribution of share link contents by recipients.
White Label Domains
If Customer uses the white-label domain feature, the Service is accessed through a custom domain Customer controls. SSL certificates for white-label domains are provisioned through a third-party certificate authority. Customer is responsible for the privacy notices, branding, and communications presented to Users and End Customers through the white-labeled experience. End Customers accessing a white-labeled deployment may not be aware that the underlying platform is provided by CivyxIQ.
TV Mode and Office Display
The Service includes a TV Mode that displays job and dispatch data on shared office screens. Customer administrators control whether TV Mode is enabled and which data is displayed. Customer is responsible for ensuring that office display practices comply with applicable workplace privacy expectations and any agreements with Users.
How We Use Information
- Provide, operate, maintain, and improve the Service.
- Authenticate Users and protect accounts.
- Sync data across devices and store backups.
- Process subscriptions and billing.
- Provide support to Customer administrators.
- Detect and prevent fraud, abuse, and security incidents.
- Develop and improve the Service using de-identified or aggregated data.
- Operate add-on features such as AI Photo Quality Check and Job Cost Tracking.
- Comply with legal obligations and enforce our Terms.
Location Data
The Service collects GPS and location data when Users use the application during configured work activities. Location data may be visible to Customer administrators. Users should consult their employer's policies and notices about location tracking. If a User does not consent to location tracking, the User should not use the Service for work activities.
Photos and Biometric Considerations
Photos taken in the Service may include images of people, jobsites, equipment, and signatures. Customer is responsible for ensuring that any photos taken comply with applicable law, including biometric privacy laws. CivyxIQ does not perform facial recognition or biometric identification on photos. The AI Photo Quality Check feature analyzes photos for image quality and content categorization, not for biometric identification.
Third-Party Integrations
The Service may integrate with third-party providers in categories including customer relationship management, design and engineering, monitoring, accounting, communication, automation, payment processing, mapping, and weather data. When Customer enables an integration, data flows between the Service and the third party as configured by Customer. Each third party operates under its own privacy practices. Customer is responsible for reviewing the privacy practices of any third-party integration before enabling it.
Trial Account Data
Free trial accounts are subject to a limited 2-day data retention. All Customer Data uploaded during a free trial is permanently deleted at the end of the trial unless the Customer activates a paid subscription. CivyxIQ does not retain backups of trial data after deletion. The trial acceptance record (electronic signature, timestamp, IP, and acknowledgements) is retained as a legal record even after trial data is deleted.
How We Share Information
We do not sell your personal information. We share information only as follows:
- Service providers: we share information with vendors who help us operate the Service, including hosting, payment processing, email delivery, analytics, customer support, and security. These vendors are bound by contractual obligations to use the information only as necessary to perform services for us.
- Legal requirements: we may disclose information when required by law, subpoena, court order, or government request, or to protect our rights, property, or safety, or that of our users or the public.
- Business transfers: if we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, your information may be transferred as part of that transaction.
- With your consent: we may share information with other parties with your direction or consent.
Sharing With the Customer
Information collected from a User in connection with that User's work activities is shared with the Customer (the User's employer or company). This includes location data, timestamps, photos, signatures, materials entries, time logs, and activity logs. Users should direct privacy inquiries about their work data to the Customer.
Cookies and Analytics
We use cookies and similar technologies to operate the Service, remember your preferences, analyze usage, and improve performance. Categories of cookies we may use include:
- Strictly necessary cookies: required for the Service to function (authentication, security, load balancing).
- Functional cookies: remember your preferences and settings.
- Analytics cookies: help us understand how users interact with the Service.
You can control cookies through your browser settings. Disabling certain cookies may affect Service functionality. We may use third-party analytics providers, including Google Analytics or similar services. These providers operate under their own privacy policies.
Data Retention
We retain personal information for as long as your account is active and as needed to provide the Service. After account termination, we may retain certain information for a limited period to comply with legal obligations, resolve disputes, prevent fraud, and enforce our agreements. Backup copies may persist for up to 90 days after deletion from production systems.
Account Termination and Data Deletion
Upon Customer cancellation, Customer's account remains active through the end of the paid billing period for export purposes. After the billing period ends, we may retain Customer Data for up to 90 days in backup form, then delete or anonymize, except where retention is required by law. Trial data is deleted at trial end as described above. Customer or User deletion requests are honored as required by applicable law.
Security
We implement reasonable administrative, technical, and physical safeguards designed to protect your information, including encryption in transit, access controls, and monitoring. No method of transmission or storage is completely secure. You are responsible for maintaining the confidentiality of your account credentials. Notify us immediately at support@civyxiq.com if you suspect unauthorized access.
Your Rights and Choices
Depending on your location, you may have the following rights regarding your personal information:
Request a copy of the personal information we hold about you.
Request correction of inaccurate information.
Request deletion of your personal information, subject to legal exceptions.
Request your data in a structured, machine-readable format.
Object to certain processing, including direct marketing.
Where processing is based on consent, withdraw it at any time.
To exercise these rights, contact us at privacy@civyxiq.com. We will respond within the time required by applicable law. We may need to verify your identity before fulfilling your request.
California, Florida, and Other State Residents
Residents of states with privacy laws including California (CCPA/CPRA), Florida (FDBR), Virginia, Colorado, Connecticut, Utah, and others may have additional rights regarding their personal information, including the right to know, delete, correct, opt out of sale or sharing for cross-context behavioral advertising, and to limit use of sensitive personal information. We do not sell personal information for monetary consideration. To exercise your rights, contact privacy@civyxiq.com.
If you are a User, please direct your request to your employer (the Customer) first, since CivyxIQ generally processes User data on behalf of the Customer. If you are an End Customer, please direct your request to the Customer (the contractor that performed your job).
Children's Privacy
The Service is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, contact us at privacy@civyxiq.com and we will delete it.
International Users
The Service is operated from the United States. If you access the Service from outside the United States, your information will be transferred to and processed in the United States. By using the Service, you consent to this transfer.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will post the updated version on our website and update the Effective Date above. For material changes, we will provide additional notice such as email or in-app notification. Your continued use of the Service after the update constitutes acceptance of the revised Privacy Policy.
Contact
Questions about this document? Reach us at: