Privacy Policy

1. Information we collect

We collect three categories of information when you use ChangeOrdersPro.

Account information

When you create an account, we collect your email address, business name, password (hashed), and the role you select (GC, builder, subcontractor, etc.). This is the minimum required to give you a working account.

Change order content

When you create a change order, we store the content you put into it: project details, line items, prices, schedule impact, photos you attach, descriptions, and the contact details of the client you're sending it to. We also store the signing portal session — when the client viewed it, when they signed it, from what IP address.

Usage and technical data

Standard logs: IP addresses, browser type, pages visited, time spent, errors encountered. We use this to keep the product running, debug issues, and understand which features people actually use. We do not use this for advertising profiles.

2. How we use your information

We use the information we collect to:

• Run the product — store your change orders, send signing portal emails to your clients, calculate contract totals, track audit trails
• Provide customer support when you contact us
• Send you transactional emails (signup confirmation, signed change order receipts, billing receipts)
• Send you occasional product updates (you can unsubscribe any time — and product updates only, no marketing fluff)
• Detect and prevent fraud, abuse, or security issues
• Improve the product — understanding which features get used, where users get stuck, what's broken

We do not use your change order content to train AI models. Your project data is your competitive information; we treat it that way.

3. Who we share data with

We share data only with the service providers we need to run ChangeOrdersPro. We don't sell, rent, or trade your data with anyone. The categories of providers we use:

• Stripe — payment processing for Pro subscriptions. Stripe receives your card details directly (we never see them).
• Postmark — transactional email (signing portal links, signed PDF delivery, account confirmations).
• Twilio — SMS notifications to your clients (Pro feature, opt-in).
• Cloud infrastructure — AWS / hosting providers for storing your data securely.
• Customer support tools — when you email us for help, your message is stored in our support tool.

We share data with these providers only to the extent necessary for them to do their job. We have data processing agreements with each of them. None of them are permitted to use your data for their own purposes.

We may also disclose information if required by law (subpoena, court order) or to protect the rights, safety, or property of users. If we receive a legal request for your data, we'll notify you unless legally prohibited.

4. E-signatures and audit trails

When your client signs a change order through ChangeOrdersPro, we capture:

• The signature itself (drawn or typed)
• The signer's name and email address
• The signer's IP address at the time of signing
• Timestamps for when the email was sent, when the portal was viewed, when the signature was applied
• The browser and device used to sign

This information is stored as part of the signed change order's audit trail and is included in the signed PDF that is emailed to both parties. The audit trail is what makes the signature legally defensible under the U.S. ESIGN Act and similar legislation in other jurisdictions. We retain the audit trail for as long as the change order exists in our system, and for at least 7 years after deletion to support potential dispute resolution.

5. Payment processing

We use Stripe to process all payments. When you upgrade to Pro, your card information is sent directly to Stripe and stored on their servers, not ours. We never see or store your full card number, CVC, or expiration date. We receive only a tokenized reference and metadata (last 4 digits, card brand, ZIP code) for billing administration.

Stripe is PCI-DSS Level 1 compliant — the highest level of payment security certification. Their privacy policy is available at stripe.com/privacy.

6. Data retention

Active accounts: We retain your account data and change orders for as long as your account is active.

Cancelled or deleted accounts: When you delete your account, we retain your data for 30 days in case you want to recover it. After 30 days, we delete it from active systems. Backup copies are purged within 90 days. Audit trail records of completed and signed change orders are retained for 7 years to support legal and dispute resolution requirements (this is industry standard for e-signature platforms).

Free tier inactive accounts: Free tier accounts that are inactive for 24 months may be deleted after 60 days' notice to your registered email. Pro accounts are not subject to inactivity deletion.

7. Security

We take security seriously because we have to — our customers' contracts and disputes depend on it.

• All data is encrypted in transit using TLS 1.2+
• All data is encrypted at rest using AES-256
• Passwords are hashed using bcrypt — we cannot read your password, even internally
• Access to production systems is restricted to a small number of authorized engineers, with audit logging on every access
• We perform regular security reviews and respond to security disclosures promptly (see our security contact below)

No system is perfectly secure, but we treat your data with the same care we treat our own.

8. Your rights

You have the right to:

• Access your data — export all your change orders and account data as PDFs and CSVs at any time from your account settings
• Correct your data — update your account information directly in the product
• Delete your data — delete your account and trigger deletion of associated data (subject to the audit trail retention noted in section 6)
• Object to certain processing — opt out of product update emails (transactional emails like billing receipts cannot be opted out of while you have an active account)
• Data portability — receive your data in a machine-readable format

If you're in California (CCPA) or the EU/UK (GDPR), you have additional specific rights. To exercise any of these, email privacy@changeorderspro.com.

9. International data transfers

ChangeOrdersPro is operated by Templeton Built Pty Ltd. Our primary infrastructure is in the United States and Australia. If you're using ChangeOrdersPro from outside these regions, your data will be transferred to and processed in these locations. For EU/UK users, we rely on Standard Contractual Clauses to ensure appropriate safeguards for international transfers.

10. Changes to this policy

We may update this Privacy Policy from time to time. If we make material changes, we'll notify you by email and post a notice in the product before the changes take effect. The "Last updated" date at the top of this page reflects the most recent revision. Your continued use of ChangeOrdersPro after the effective date constitutes acceptance of the revised policy.

11. Contact us

Questions about this Privacy Policy, or want to exercise your data rights?

Email: privacy@changeorderspro.com

For security disclosures: security@changeorderspro.com

Mailing address: Templeton Built Pty Ltd, Adelaide, South Australia