AdvantEdge
Privacy Policy  ·  Version 1.0  ·  Effective Jan 1, 2026
◆ Legal Document

AdvantEdge Privacy Policy

Langston Digital LLC  ·  advantedge.service

📅 Effective: January 1, 2026
📄 Version: 1.0
📌 Governing Law: Virginia, USA
Entity: Langston Digital LLC
🔒
Your privacy matters to us. This policy explains exactly what data we collect, why we collect it, and how it is used. We do not sell your personal information. We never will. If you have questions, email privacy@advantedge.service.
01

Overview and Scope

Langston Digital LLC ("Langston Digital," "AdvantEdge," "we," "us," or "our") operates the AdvantEdge field service management platform, including the iOS and Android mobile applications, the web application, and the marketing website at advantedge.service (collectively, the "Service").


This Privacy Policy describes how we collect, use, disclose, and protect personal information when you access or use the Service as an administrator, staff member, customer, or website visitor. It also describes your rights and choices with respect to your personal information.


By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy. This policy is incorporated by reference into our Terms of Service Agreement. If you do not agree with this policy, please do not use the Service.


This policy applies to all users of the AdvantEdge platform regardless of their role: business owners and administrators ("Subscribers"), field staff members ("Staff"), end customers who book services ("Customers"), and visitors to our marketing website.

02

Information We Collect

We collect information in three ways: information you provide directly, information collected automatically when you use the Service, and information received from third parties.

2.1

Information You Provide.

Category Examples Who Provides It
Account Information Full name, email address, password (hashed), phone number, profile photo All users at registration
Business Information Business name, business type, service offerings, pricing, operating hours Subscribers during onboarding
Booking Information Service address, scheduled date and time, service type, notes, special instructions Customers when booking
Payment Information Payment method details (processed by Stripe — we do not store raw card numbers), tip amounts, transaction history Customers at checkout
Review & Feedback Star ratings (1–5), written review text, review submission date Customers after service completion
Communications Messages sent to our support team, feedback submitted via forms, waitlist sign-up data Any user who contacts us
2.2

Information Collected Automatically.

Category Examples How Collected
GPS Location Data Latitude and longitude coordinates at job arrival and job completion; staff location during active jobs Mobile app with user permission
Device Information Device type, operating system version, app version, unique device identifiers Automatically on app launch
Usage Data Features used, screens visited, button interactions, session duration, timestamps Automatically during use
Push Notification Tokens Firebase Cloud Messaging (FCM) device token used to deliver push notifications Mobile app upon notification permission grant
Log Data IP address, browser type, pages visited on our marketing website, referral URL Web server logs and analytics
2.3

Information from Third Parties. We may receive limited information from third-party authentication providers (Google, Apple, Facebook) when you choose to sign in using those services. This typically includes your name, email address, and profile picture as permitted by your settings with that provider. We do not receive your password from these providers.

03

How We Use Your Information

We use the information we collect for the following purposes:

  • To provide the Service — process bookings, assign staff, accept payments, send confirmations, and deliver all core platform functionality.
  • To operate GPS tracking features — record staff arrival and completion locations on bookings, display real-time job status to customers and administrators, and calculate time-on-site metrics.
  • To process payments — transmit payment details securely to Stripe for authorization and capture; generate receipts; track payment history and loyalty points.
  • To send notifications — deliver booking confirmations, on-the-way alerts, payment receipts, reminders, and in-app notifications via email (Resend) and push notifications (Firebase).
  • To manage your account — authenticate your identity, maintain your profile, enforce access controls based on your role (admin, staff, or customer).
  • To provide customer support — respond to inquiries, troubleshoot issues, and communicate service updates.
  • To improve the Service — analyze usage patterns, diagnose technical problems, and develop new features. We use anonymized and aggregated data where possible.
  • To enforce our Terms — detect and prevent fraud, abuse, or violations of our Terms of Service Agreement and Acceptable Use Policy.
  • To comply with legal obligations — respond to lawful requests from government authorities, comply with applicable laws and regulations, and protect the legal rights of Langston Digital and our users.
  • To send marketing communications — send product updates, feature announcements, or promotional materials to Subscribers. You may opt out at any time using the unsubscribe link in any email or by contacting privacy@advantedge.service.

We do not use your personal information for automated decision-making that produces legal or similarly significant effects without human review.

04

How We Share Your Information

We do not sell your personal information. We share information only in the following circumstances:

4.1

Within the Platform (Role-Based Access). The AdvantEdge platform is multi-tenant. Data is strictly isolated by organization — one business's data is never accessible to another. Within an organization, information is shared based on role:

  • Administrators can see all bookings, customer profiles, staff profiles, GPS coordinates, payment summaries, and analytics for their organization.
  • Staff members can see their own assigned jobs, the customer name and service address for those jobs, and job status history.
  • Customers can see their own bookings, payment history, loyalty points, and reviews. They can see the assigned staff member's name and real-time job status.
4.2

Service Providers. We share information with trusted third-party vendors who perform services on our behalf, including payment processing, cloud infrastructure, email delivery, and push notifications. These providers are contractually bound to use your data only to perform services for us and may not use it for their own purposes. See Section 5 for a full list.

4.3

Legal Requirements. We may disclose your information if required to do so by law, court order, or governmental authority, or if we believe in good faith that disclosure is necessary to protect the rights, property, or safety of Langston Digital, our users, or the public.

4.4

Business Transfers. If Langston Digital is involved in a merger, acquisition, asset sale, or other business transaction, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice within the Service before your information is transferred and becomes subject to a different privacy policy.

4.5

With Your Consent. We may share your information for any other purpose with your explicit consent.

05

Third-Party Services

The following third-party services are integrated into the AdvantEdge platform. Each has its own privacy policy governing how they handle data.

Supabase
Cloud database and backend infrastructure. Stores all application data including user profiles, bookings, and GPS coordinates. Data is stored in the United States.
supabase.com/privacy ↗
Stripe, Inc.
Payment processing for in-app purchases and tips. Stripe handles all raw payment card data. We store only payment status, amount, and transaction ID.
stripe.com/privacy ↗
Firebase (Google)
Push notification delivery via Firebase Cloud Messaging. Stores device push tokens. Also used for app crash reporting and performance monitoring.
firebase.google.com/support/privacy ↗
Resend
Transactional email delivery. Used to send booking confirmations, on-the-way alerts, payment receipts, and reminders. Stores email addresses and delivery logs.
resend.com/legal/privacy-policy ↗
Google Maps
Map display for job tracking screens and staff navigation. When a user views a map, their device may send location data to Google per Google's own privacy policy.
policies.google.com/privacy ↗
Apple / Google SSO
Optional sign-in via Sign in with Apple or Google. If used, we receive your name and email address from the provider. Your password stays with Apple or Google.
apple.com/legal/privacy ↗

We are not responsible for the privacy practices of any third-party service. We encourage you to review their privacy policies before using features powered by them.

06

Location Data

6.1

Staff Location. When a staff member taps "I've Arrived" or "Mark Complete" on a job, the app records a GPS coordinate (latitude and longitude) and timestamp. This data is stored in the booking record and is visible to the organization's administrators. Location is recorded only at these two explicit action points — not continuously tracked throughout the day.

6.2

Customer Visibility. Customers can view a map showing the real-time status of their booking (e.g., "on the way," "arrived"). The customer view shows job status and estimated context but does not expose staff GPS coordinates directly.

6.3

Permission Required. The mobile app requests location permission from the device operating system before accessing GPS. On iOS, this appears as a prompt at first use. On Android, location permission is requested at runtime. You may deny this permission; however, staff members who deny location permission will be unable to use the "I've Arrived" and "Mark Complete" features.

6.4

Navigation. When a staff member uses the in-app turn-by-turn navigation feature, the app opens Apple Maps or Google Maps on the device. Navigation is handled entirely by the third-party maps application and is subject to Apple's or Google's privacy policies.

6.5

Retention. GPS coordinates recorded on bookings are retained as part of the booking record for as long as the booking record itself is retained. See Section 8 for retention periods.

07

Cookies and Tracking Technologies

7.1

Marketing Website. Our marketing website at advantedge.service may use cookies and similar tracking technologies to understand visitor behavior and improve the site. This may include session cookies (deleted when you close your browser) and persistent cookies (remain on your device for a set period).

7.2

Mobile App. The mobile application uses local storage and secure device storage (via flutter_secure_storage) to persist your authentication session and app preferences. These are not traditional browser cookies and are not accessible to other apps or websites.

7.3

Your Choices. Most web browsers allow you to control cookies through browser settings. Disabling cookies may affect some functionality of our marketing website but will not affect the mobile app experience. We do not currently respond to "Do Not Track" signals from browsers, as there is no industry-standard interpretation of such signals.

7.4

Analytics. We may use analytics tools to understand how users interact with the Service. Any analytics data is collected in aggregate or anonymized form and is not linked to your personal identity.

08

Data Retention

We retain personal information for as long as necessary to provide the Service, comply with our legal obligations, resolve disputes, and enforce our agreements. The following table summarizes our general retention practices:

Data Type Retention Period
Account profile (active accounts) Duration of account plus 30 days after deletion request
Booking records and GPS coordinates 3 years from booking date, or as required by applicable law
Payment records and transaction history 7 years (required for tax and financial compliance)
Reviews and ratings Duration of the associated account; deleted upon verified request
Push notification tokens (FCM) Until you uninstall the app, revoke notification permission, or delete your account
Email delivery logs 90 days (retained by Resend per their policy)
Web server and application logs 90 days
Deleted account data (Customer Data export) Available for export for 30 days post-cancellation, then permanently deleted

When data is no longer needed, we delete or anonymize it. If deletion is not immediately possible (e.g., because data is stored in backup archives), we isolate the data from further processing until deletion is possible.

09

Data Security

We take the security of your personal information seriously and implement the following measures to protect it:

  • Encryption in transit — all data transmitted between the mobile app, web app, and our servers is encrypted using TLS (HTTPS).
  • Encryption at rest — data stored in our Supabase database is encrypted at rest using AES-256.
  • Row-Level Security (RLS) — database access is enforced at the row level using Supabase RLS policies. Users can only query data belonging to their organization and permitted by their role.
  • Authentication security — passwords are hashed and never stored in plaintext. Session tokens are stored securely on device using encrypted storage. Sessions automatically expire after 30 minutes of inactivity.
  • Biometric authentication — the mobile app supports Face ID and Touch ID as an additional authentication layer on supported devices.
  • Input sanitization — all user-supplied inputs are sanitized before processing to mitigate injection attacks.
  • Access controls — internal access to customer data is restricted to employees who need it to perform their job duties.

No method of transmission over the internet or electronic storage is 100% secure. While we use commercially reasonable measures to protect your information, we cannot guarantee absolute security. If you believe your account has been compromised, please contact security@advantedge.service immediately.

10

Your Privacy Rights

Depending on your location, you may have the following rights with respect to your personal information:

Access
Request a copy of the personal information we hold about you.
Correction
Request that we correct inaccurate or incomplete personal information.
Deletion
Request deletion of your personal information, subject to legal retention obligations.
Portability
Request an export of your data in a machine-readable format within 30 days of account cancellation.
Opt-Out
Opt out of marketing emails at any time using the unsubscribe link or by contacting us directly.
Restrict Processing
Request that we limit how we use your data in certain circumstances.

To exercise any of these rights, submit a request to privacy@advantedge.service. We will respond within 30 days. We may need to verify your identity before processing your request.


You have the right to withdraw consent at any time where we rely on consent as the legal basis for processing. Withdrawing consent does not affect the lawfulness of processing before withdrawal.

11

California Privacy Rights (CCPA / CPRA)

If you are a California resident, the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) provides you with additional rights:

  • Right to Know — you may request disclosure of the categories of personal information we collect, the purposes for collection, and the categories of third parties with whom we share it.
  • Right to Delete — you may request deletion of personal information we have collected about you, subject to certain exceptions.
  • Right to Correct — you may request correction of inaccurate personal information we hold about you.
  • Right to Opt-Out of Sale or Sharing — we do not sell or share personal information for cross-context behavioral advertising. This right therefore does not currently apply to our practices.
  • Right to Limit Use of Sensitive Personal Information — we use sensitive personal information (such as precise geolocation) only as necessary to provide the Service.
  • Right to Non-Discrimination — we will not discriminate against you for exercising any of your CCPA rights.

To submit a CCPA request, email privacy@advantedge.service with the subject line "CCPA Rights Request." We will respond within 45 days, with a possible 45-day extension if needed. We may need to verify your identity to process your request.

11.1

Categories of Personal Information Collected. In the past 12 months, we have collected the following categories of personal information as defined by the CCPA: identifiers (name, email, device ID); commercial information (payment and transaction history); geolocation data (GPS coordinates on job records); internet or network information (usage data, log data); and inferences drawn from the above to improve service recommendations.

12

Children's Privacy

The AdvantEdge Service is not directed to children under the age of 13, and we do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe that your child has provided us with personal information without your consent, please contact us at privacy@advantedge.service and we will take steps to delete such information promptly.


Users must be at least 18 years old to create a Subscriber account. Customers booking services must be at least 13 years old, or must have verifiable parental consent if between ages 13 and 18.

13

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

  • Post the updated policy on this page with a revised "Effective Date" at the top.
  • Send an email notification to the registered email address of all active Subscribers at least 30 days before the changes take effect.
  • Display a prominent notice within the Service for at least 14 days following the update.

Your continued use of the Service after the effective date of any changes constitutes your acceptance of the updated Privacy Policy. If you do not agree to the updated policy, you must stop using the Service and may cancel your account per our Terms of Service.

14

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Entity
Langston Digital LLC
Website
advantedge.service
Privacy Requests
privacy@advantedge.service
Security Issues
security@advantedge.service
General Legal
legal@advantedge.service
Response Time
Within 30 days of receipt

This Privacy Policy is incorporated by reference into the AdvantEdge Terms of Service Agreement. Capitalized terms used but not defined in this policy have the meanings given in the Terms of Service.