Privacy Policy

EstiMateGo is a mobile and web application that helps UK tradespeople quickly estimate, quote, and invoice for their work. This policy explains what personal data we collect, how we use it, who we share it with, and your rights. It applies to the EstiMateGo mobile app, the website at builder.stuartallsopp.org, and any related services.

1. Who we are

EstiMateGo is operated by Stuart Allsopp, based in the United Kingdom. We are the data controller for your tradesperson account data. For questions about this policy, or to exercise your rights, contact us at: [email protected].

2. Data we collect

2.1 Account data (tradesperson)

• Name, email address, phone number
• Business name, trading address, VAT and CIS registration details
• Authentication provider information if you sign in with Google, Facebook or Apple (we store only your email, name, avatar URL, and a provider ID — never your password for those services)
• Biometric-login credentials encrypted in your device's secure enclave (we never see the underlying biometric data)

2.2 Customer data (your customers, input by you)

When you save a customer in EstiMateGo or generate a quote for them, you may enter their name, address, phone number and email. We store this so you can reuse it across quotes. You, the tradesperson, are the data controller for your customers' personal data; EstiMateGo acts as a processor on your behalf.

2.3 Work-product data

• Ballparks, quotes, and invoices you create
• Pricing rules, day rates, and material-price overrides you configure
• Messages between you and your customers via the quote / ballpark pages
• Scheduled job bookings, including the proposed times and any customer responses

2.4 Device and usage data

• Push notification tokens (to send you alerts when a customer responds)
• Usage metrics — when you last logged in, how many quotes you've created this month (used for plan limits and billing)
• Error logs — if the app crashes, we collect diagnostic information to help fix it
• IP address and user-agent of the device, captured in access logs for security monitoring

2.5 Payment data

When you subscribe to Pro, payment is processed by Stripe. EstiMateGo stores only your Stripe customer ID and subscription status — we never see or store your card number or CVV.

2.6 Google Calendar data (if you connect it)

If you connect Google Calendar, we store an OAuth access token (encrypted) and the ID of the calendar you select. We read free/busy windows within your availability window to help suggest times for new jobs, and we create / update / delete events tied specifically to EstiMateGo bookings. We do not read or modify any other events.

3. Why we use it (lawful basis)

Purpose	Lawful basis (UK GDPR)
Providing the service (creating quotes, sending them)	Contract
Taking payment for Pro subscriptions	Contract
Operational emails (quote sent confirmations, account notices)	Contract
Fraud prevention and security monitoring	Legitimate interest
Improving pricing suggestions and AI features	Legitimate interest
Marketing (tips, product updates) — emails you can opt out of	Consent
Push notifications	Consent (granted via OS permission prompt)

4. Third parties who process your data

We share the minimum data necessary with these sub-processors to operate the service:

• Stripe (payment processing) — your name, email, billing details. Stripe is PCI-DSS Level 1 compliant.
• Anthropic (AI via Claude) — quote descriptions, job-type questions, time-suggestion prompts, product pages we're interpreting. We do not send customer names or contact details to Anthropic unless explicitly included by you in free-text fields.
• Ollama — a locally hosted AI model, runs on our servers; your data stays within our infrastructure.
• Google — for Sign in with Google, and (optionally) Google Calendar sync.
• Facebook (Meta) — for Sign in with Facebook, if you use it.
• Apple — for Sign in with Apple, if you use it.
• Postmark (transactional email) — for operational emails such as quote confirmations.
• Expo / Apple Push Notification Service / Google Firebase Cloud Messaging — to deliver push notifications.
• Cloudflare — DNS, DDoS protection, TLS termination.
• Hetzner — our hosting provider (EU-based).

5. Where we store it

All persistent data is stored in the European Union (Germany / Finland). Some sub-processors (Stripe, Anthropic, Google, Apple, Meta, Postmark) may process data in the UK, EEA or the United States under Standard Contractual Clauses or adequacy decisions. We do not sell your data to anyone.

6. How long we keep it

• Account data: for the life of your account, plus 30 days after deletion so you can restore it if deleted by mistake.
• Quotes, invoices, and customer records: retained while your account is active. We recommend you export anything you need to keep for tax purposes (HMRC typically require 6 years).
• Logs and diagnostic data: 90 days, then deleted.
• Backups: up to 30 days.

7. Your rights

Under UK GDPR you have the right to:

• Access — request a copy of the personal data we hold about you.
• Rectification — correct inaccurate data.
• Erasure — request deletion of your data ("right to be forgotten").
• Portability — receive your data in a common machine-readable format.
• Restriction — ask us to stop certain processing.
• Object — object to processing based on legitimate interest.
• Withdraw consent — for anything we process based on consent (marketing emails, push, etc.).

To exercise any of these rights, email [email protected]. We'll respond within one month. If you believe we have mishandled your data, you can complain to the UK Information Commissioner's Office (ICO), though we'd appreciate the chance to address the issue first.

8. Cookies and local storage

Our web application uses:

• A session cookie to keep you signed in.
• A CSRF cookie to prevent cross-site request forgery.
• localStorage to remember your theme preference (light / dark) and your selected active business.

We do not use marketing cookies, third-party advertising pixels, or cross-site tracking.

9. Children

EstiMateGo is not intended for anyone under 18. If you become aware that a child has provided us personal data, please contact us and we will delete it.

10. Security

We take security seriously: all traffic is TLS-encrypted, access tokens for Google Calendar are encrypted at rest, passwords are bcrypt-hashed, access to production systems is restricted and logged. No system is perfectly secure — if you suspect a vulnerability, please report it to [email protected].

11. Changes to this policy

If we make material changes to this policy we'll email active users at least 30 days before the change takes effect. Minor clarifications (typos, formatting) will be updated without notice.

12. Contact

General: [email protected]
Privacy: [email protected]
Security: [email protected]