Privacy Policy
Effective Date: April 17, 2026
Field Report LLC ("Company," "we," "us," or "our") operates the Field Report platform, including the mobile application and web dashboard (collectively, the "Service"). This Privacy Policy describes how we collect, use, store, and protect information when you use our Service.
This policy applies to all users of the Service, including Client administrators, field representatives, and brand ambassadors ("Authorized Users"). By using the Service, you consent to the practices described in this Privacy Policy.
1. Information We Collect
1.1 Information Provided by Clients During Onboarding
When a Client organization subscribes to Field Report, we collect:
- Company name and business contact information
- Primary point of contact name and email address
- Product catalog information (brand names, SKUs, pricing)
- Market/territory definitions
1.2 Authorized User Account Information
For each Authorized User provisioned on the platform, we collect:
- Full name
- Email address
- Assigned market/territory
- Assigned program/client affiliation
- Account credentials (passwords are hashed and stored securely via Firebase Authentication)
1.3 Field Activity Data
When Authorized Users submit activity reports through the mobile application, we collect:
- Date of activity
- Activity type and detail (e.g., event, product seeding, product sale, social post, inventory)
- Event or location name
- City, state, and zip code (manually entered by the user; we do not collect GPS or precise device location)
- Product distribution quantities
- Product feedback (item, category, sentiment, and consumer comments)
- Photographs uploaded by the user
- Free-text notes
1.4 Automatically Collected Information
We may automatically collect limited technical information when you use the Service, including:
- Device type and operating system version
- App version
- Crash reports and error logs (for debugging and service improvement)
We do not collect browsing history, advertising identifiers, or precise geolocation data from your device.
1.5 Marketing Website Analytics
Our marketing website at www.myfieldreport.io uses Google Analytics 4 (measurement ID G-GZZZFPKELM) to understand how visitors find and use the site. Google Analytics collects aggregated information including:
- Pages viewed and time spent on each page
- General geographic region (country / region) derived from IP address
- Device and browser type
- Referring website or campaign source
Google Analytics uses cookies and similar technologies to collect this data. We have enabled IP anonymization and do not link analytics data to identifiable visitors. You can opt out by installing the Google Analytics Opt-out Browser Add-on or by enabling "Do Not Track" or strict tracking protection in your browser. Google's privacy policy is at policies.google.com/privacy.
Google Analytics runs only on the public marketing site. The authenticated Field Report application at app.myfieldreport.io and the mobile apps do not load Google Analytics or any third-party analytics SDK.
2. How We Use Your Information
We use the information we collect for the following purposes:
| Purpose | Description |
|---|---|
| Provide the Service | Process activity reports, calculate inventory, generate dashboards, and deliver real-time analytics to Clients. |
| Account Management | Create and manage Authorized User accounts, authenticate users, and enforce access controls. |
| Client Reporting | Aggregate field data into dashboards and reports accessible to the Client organization. |
| Service Improvement | Analyze usage patterns and error logs to improve platform reliability and features. |
| Communication | Send service-related notifications, including account setup confirmations and platform updates. |
| Legal Compliance | Comply with applicable laws, respond to legal requests, and protect our rights. |
We do not sell, rent, or trade your personal information to third parties for marketing purposes.
3. How We Store and Protect Your Information
3.1 Infrastructure
All data is stored on Google Cloud Platform (GCP) infrastructure located in the United States. Our technical architecture includes:
- Google Cloud SQL (PostgreSQL) for structured data storage
- Google Cloud Storage for photograph and media file storage
- Firebase Authentication for secure user credential management
- Google Secret Manager for secure storage of application credentials
- Cloud-based analytics services for reporting and data aggregation
3.2 Security Measures
- All data is encrypted in transit using TLS/SSL.
- Database connections use secure, private network paths (Cloud SQL Auth Proxy).
- Application credentials are never hardcoded; they are injected at runtime from Secret Manager.
- API access requires authenticated requests with valid security headers.
- Multi-tenant data isolation ensures that one Client's data is never accessible to another Client.
- User passwords are hashed by Firebase Authentication and are never stored in plaintext.
3.3 Data Retention
We retain Client Data for the duration of the Client's active subscription. Upon termination of the subscription, Client Data will be retained for thirty (30) days to allow for export. After this period, Client Data will be deleted from active systems within a commercially reasonable timeframe. Backups containing Client Data may be retained for up to ninety (90) days after deletion from active systems.
4. How We Share Your Information
We share information only in the following limited circumstances:
4.1 With the Client Organization
Activity reports, inventory data, feedback, and photos submitted by Authorized Users are visible to the Client's administrators and designated stakeholders through the dashboard. This is the core function of the Service.
4.2 Service Providers
We use Google Cloud Platform as our infrastructure provider. Google processes data on our behalf in accordance with their data processing terms and applicable certifications (SOC 2, ISO 27001).
4.3 Legal Requirements
We may disclose information if required to do so by law, regulation, subpoena, court order, or other legal process, or if we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others.
4.4 Business Transfers
In the event of a merger, acquisition, or sale of assets, Client Data may be transferred as part of the transaction. We will notify affected Clients before any such transfer.
We do not share individual Authorized User data with third-party advertisers, data brokers, or marketing platforms.
5. Your Rights and Choices
5.1 Access and Correction
Authorized Users may request access to or correction of their personal information by contacting their Client administrator or by reaching out to us directly at the contact information below.
5.2 Data Export
Clients may request an export of their Client Data at any time during an active subscription. We will provide data in a standard, machine-readable format within a commercially reasonable timeframe.
5.3 Account Deletion
Authorized Users may request deletion of their account by contacting their Client administrator. Client administrators may request deletion of their organization's data by contacting Field Report LLC directly. Upon verified request, we will delete the relevant data in accordance with our data retention policy described in Section 3.3.
5.4 Opt-Out of Communications
You may opt out of non-essential communications by contacting us at the email address below. Note that you cannot opt out of service-critical communications (such as security alerts or account notifications).
6. California Privacy Rights (CCPA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):
Right to Know. You have the right to request information about the categories and specific pieces of personal information we have collected about you, the sources of that information, the business purposes for collecting it, and the categories of third parties with whom we share it.
Right to Delete. You have the right to request deletion of your personal information, subject to certain exceptions permitted by law.
Right to Non-Discrimination. We will not discriminate against you for exercising your CCPA rights.
No Sale of Personal Information. Field Report LLC does not sell personal information as defined under the CCPA. We have not sold personal information in the preceding twelve (12) months.
To exercise your CCPA rights, please contact us using the information in Section 9 below. We will verify your identity before processing any request.
7. Children's Privacy
The Service is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take steps to delete that information promptly.
8. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. We will notify Clients of material changes by email or through the Service at least thirty (30) days before the changes take effect. The "Effective Date" at the top of this policy indicates when it was last updated.
9. Contact Information
If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact us at:
Email: adam@myfieldreport.io
Website: https://www.myfieldreport.io
Location: East Providence, Rhode Island