Tradesmen's Friend

Privacy Policy

Tradesmen’s Friend — operated by Lumen Design

Last updated: April 7, 2026

Overview

Tradesmen’s Friend is a field reporting and project management platform for contractors and subcontractors, operated by Lumen Design. This policy explains what data we collect, how we use it, and how we protect it.

Information we collect

  • Account information: name, email address, and role when you create an account or are invited by an organization administrator.
  • Job and project data: job details, tasks, schedules, field reports, photos, and comments that you or your organization enter into the platform.
  • Google Calendar data: if you choose to connect your Google Calendar, we request permission to create, update, and delete calendar events on your behalf. We store a refresh token to maintain this connection. We only create events related to job trips and meetings you are scheduled on — we do not read, modify, or access any existing calendar events or other Google account data.

Google Calendar Data

Tradesmen’s Friend’s use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

  • We request access to Google Calendar solely to create, update, and delete calendar events on behalf of users who choose to connect their Google Calendar.
  • We collect only the OAuth refresh token necessary to perform these actions. No other Google account data is collected.
  • We do not read, access, or store any existing calendar events or other calendar data from your Google account.
  • Google Calendar data is never used for advertising, sold to third parties, shared with data brokers, or used to train AI models.
  • We use the https://www.googleapis.com/auth/calendar.events scope, which allows us to manage only events we have created. We do not request broader calendar access.

How we use your information

  • To provide the platform’s features: job management, task tracking, field reports, scheduling, and team coordination.
  • To send automated email notifications: daily field report emails to supervisors, task comment notifications, and trip scheduling alerts.
  • To sync job trip schedules and meeting events to your connected Google Calendar (only if you choose to connect it). Google Calendar access is used exclusively to sync job trip schedules and task meetings to crew members’ personal calendars.
  • We do not use Google user data for any purpose other than the calendar sync features described above.
  • We do not sell your data to third parties. We do not use your data for advertising.

Data sharing

  • We do not sell, transfer, or disclose Google user data to any third parties for any reason.
  • Google Calendar OAuth tokens are stored securely in our database and are never shared with any external service, partner, or third party.
  • We do not share any personal data with third parties for marketing, advertising, or data brokerage purposes.
  • Platform data (jobs, reports, tasks) is accessible only to members of your organization as determined by your administrator’s access controls.

Google Calendar integration

When you connect your Google Calendar, Tradesmen’s Friend uses the Google Calendar API to create calendar events for job trips and meetings you are assigned to. We request the https://www.googleapis.com/auth/calendar.events scope, which allows us to create, update, and delete events we have created. We do not access, read, or modify any other events on your calendar. You can disconnect your Google Calendar at any time from your profile settings, which will revoke our access and remove stored tokens.

Data storage and security

  • All data is transmitted over encrypted HTTPS connections. Data is encrypted at rest in our database.
  • All data is stored securely using Supabase (PostgreSQL) with row-level security policies that ensure users can only access data belonging to their organization.
  • OAuth tokens (including Google Calendar refresh tokens) are stored securely in our database with row-level security and are accessible only to the authenticated user and server-side processes that require them.
  • Photos and files are stored in Supabase Storage with access controls.
  • We follow industry-standard security practices to protect your data, including encrypted connections, secure authentication, and regular security reviews.

Data retention and deletion

  • Your data is retained for as long as your organization maintains an active account. Organization administrators can delete jobs, reports, and associated data at any time.
  • Google Calendar refresh tokens are stored only while a user has Calendar sync enabled.
  • Users can disconnect Google Calendar at any time from their profile settings, which immediately revokes access and deletes the stored token from our database.
  • Upon account deletion, all associated data — including Google Calendar tokens, profile information, and any user-generated content — is permanently deleted.

Your rights

You may request access to, correction of, or deletion of your personal data by contacting us at ld@lumendesignpros.com.

Contact

If you have questions about this privacy policy or how your data is handled, please contact us:

Lumen Design

ld@lumendesignpros.com

tradesmensfriend.com