← Back to EARL
⚠️ DRAFT — NOT LEGAL ADVICE — NOT REVIEWED. This document has not been reviewed by qualified legal counsel and is not in effect.

⚠️ DRAFT — NOT LEGAL ADVICE — NOT REVIEWED Status: Initial draft, 2026-05-15. Must be reviewed by qualified counsel before being published or relied upon.


EARL Platform — Privacy Policy

Effective Date: [TBD — not yet in effect] Last Updated: 2026-05-15 (initial draft)

This Privacy Policy explains what personal information the EARL platform ("Service") collects, how we use it, and what rights you have over it. "We," "us," and "our" refer to MTC Mechanical / Holstein Electric, the operators of EARL.


1. What Personal Data We Collect

From Your Google Account (at login)

When you sign in via Google OAuth, we receive and store: |||||||

DataPurpose
------
Email addressLogin identity, account communications, audit trail
Display nameShown in the UI
Role (set by your admin)Access control
Tenant IDDetermines which workspace you belong to
Last login timestampActivity tracking
We do not receive or store your Google password, phone number, payment info, or any data from Google services (Drive, Gmail, Calendar) via your personal login. Those integrations use separate service-account credentials — your login does not grant us access to your personal Google data.

From Your Use of the Service

- Project data: Plans, specs, bid documents, scope letters, vendor quotes, and other files you upload or create - Contact data: GC and vendor contact names, emails, and phone numbers you add to the system - Interaction logs: Basic audit events (login, logout, data changes) stored in our audit log for security and compliance purposes - Usage metadata: Which features you use, error events — used to improve the Service (no behavioral advertising)

What We Do NOT Collect

- Passwords (Google is the sole authentication authority) - Location data - Device identifiers or fingerprints - Any data from Google services beyond the OAuth profile scopes above

2. How We Use Your Information

We use the data we collect only to:

- Operate and deliver the Service to you - Authenticate your identity and enforce access controls - Send transactional communications (billing notices, security alerts) - Maintain audit logs for security and compliance - Improve Service reliability and performance (aggregated/anonymized) - Comply with applicable law or respond to valid legal requests

We do not sell your personal data. We do not use your project content, bid data, or personal information for advertising. We do not use your data to train AI models or share it with AI providers beyond what is necessary to process your specific requests (e.g., sending a plan page to an AI model to extract quantities — processed transiently, not retained by the model provider).


3. Cookies

We use a single first-party session cookie named `session`, set by the EARL dashboard server.

|||

CookiePurposeTypeDuration
------------
`session`Keeps you logged in after authenticationFunctional (required)12 hours; 2-hour inactivity timeout
This cookie is HttpOnly (not readable by JavaScript), SameSite=Lax, and Secure in production.

We do not use: - Advertising cookies or trackers - Analytics cookies (Google Analytics, Mixpanel, etc.) - Cross-site tracking pixels - Third-party social media cookies

For more details, see our [Cookie Policy](COOKIE_POLICY.md).


4. Third-Party Services

We share data with the following third parties only as necessary to operate the Service:

Google (Authentication)

We use Google OAuth for login. When you sign in, your browser is redirected to Google's authentication servers, and Google sends us a limited identity token. We use only `openid email profile` scopes. Your use of Google's services is also subject to [Google's Privacy Policy](https://policies.google.com/privacy).

Stripe (Billing)

Subscription payments are processed by Stripe, Inc. When you enter payment information, it goes directly to Stripe — we never see or store your full card number or CVV. Stripe's handling of payment data is subject to [Stripe's Privacy Policy](https://stripe.com/privacy).

Cloudflare (Network / DNS)

Our domain and web traffic may pass through Cloudflare's network for DNS resolution, DDoS protection, and TLS termination. Cloudflare may process IP addresses and request metadata as part of this service, subject to [Cloudflare's Privacy Policy](https://www.cloudflare.com/privacypolicy/).

No Other Third-Party Data Sharing

We do not share your data with marketing platforms, data brokers, analytics services, or social media platforms.

5. Data Retention

|||||||

Data TypeRetention Period
------
Account and profile dataRetained while account is active; deleted within 30 days of account termination
Project data (bids, documents, quotes)Retained while your subscription is active
Financial records (invoices, billing history)7 years (required for accounting and tax compliance)
Audit logsRetained indefinitely during service operation; exported and trimmed quarterly
Session cookiesExpire within 12 hours of issuance
When a tenant account is deleted, all associated project data and user records are permanently deleted within 30 days, except for financial records and any data we are required to retain by law.


6. Data Security

Your data is stored in a SQLite database on the EARL host server. We implement the following safeguards:

- TLS encryption in transit (HTTPS enforced) - Session cookies are signed and set with HttpOnly, Secure, and SameSite=Lax flags - Role-based access control — users only see their tenant's data - Audit logging of all significant access and change events - Rate limiting on authentication endpoints - Regular backups (daily, retained 90 days off-site)

For a detailed security overview, see our [Security Overview](SECURITY_OVERVIEW.md).

No system is perfectly secure. We will notify you promptly of any security incident that materially affects your data.


7. Your Rights

You have the following rights with respect to your personal data:

- Access: You can request a copy of the personal data we hold about you - Correction: You can request correction of inaccurate data - Export: You can export your project data at any time through the account settings - Deletion: You can request deletion of your account and associated data (subject to legal retention requirements for financial records) - Portability: Upon request, we will provide your data in a machine-readable format

To exercise any of these rights, contact us at [email protected] with "Privacy Request" in the subject line. We will respond within 30 days.


8. Children's Privacy

The Service is not intended for use by anyone under the age of 18. We do not knowingly collect personal information from minors. If you believe a minor has created an account, contact us and we will promptly delete the data.


9. Changes to This Policy

We may update this Privacy Policy periodically. When we do, we will update the "Last Updated" date and notify active users by email at least 14 days before significant changes take effect. Your continued use of the Service after the effective date constitutes acceptance of the updated policy.


10. Contact

For privacy questions, data requests, or concerns:

MTC Mechanical / Holstein Electric Email: [email protected] Subject line: "Privacy Request — EARL"


*⚠️ REMINDER: This document is a first draft prepared for attorney review. It is NOT legal advice and has NOT been reviewed by qualified legal counsel. Do not publish or share with customers until attorney review is complete.*