Privacy Policy

Last Updated: May 18, 2026

This Privacy Policy describes how Claims Management ("the Software") collects, uses, and protects your information. By using the Software, you consent to the practices described in this policy.

1. Information We Collect

Account Information

Your name, email address, and phone number
Google account information (when you connect Google services)
OAuth refresh and access tokens for connected services (stored locally on your device; we do not store passwords)

Claim Data

Claim numbers, dates, and status information
Insured names, addresses, phone numbers, and email addresses
Property information and inspection details
Notes, photos, and documents associated with claims

Communication Records

Emails sent through the Software
Text messages sent through the Software
Communication timestamps and delivery status

Usage Information

Feature usage and preferences
AI tool queries and responses
Error logs and diagnostic information

2. How We Use Your Information

We use your information to:

Provide and maintain the Software functionality
Process and manage your claims data
Send communications on your behalf to claimants
Sync data across your devices (if enabled)
Provide AI-powered research and assistance features
Improve the Software and develop new features
Maintain audit logs for compliance purposes
Respond to your support requests

3. Third-Party Services and Google API Access

The Software integrates with the following third-party services. Each section below describes exactly what data is accessed, why, and how it is stored.

3.1 Google Services — OAuth Scopes Requested

When you connect your Google account, the Software requests the following OAuth scopes. Each scope is requested only because a feature you use requires it.

Identity (non-sensitive)

Scope: openid

What it grants: OpenID Connect — confirms the user is who Google says they are.

How the app uses it: Establishes the signed-in identity used by the Software's authentication system.

How data is stored: No persistent data is stored from this scope beyond the standard OAuth ID token, which is held locally on the user's device.

Scope: https://www.googleapis.com/auth/userinfo.email

What it grants: The user's Google email address.

How the app uses it: Identifies the user's account and pre-fills the "from" address for emails the user chooses to send.

How data is stored: Stored locally on the user's device as part of the user profile. Not shared with any third party.

Scope: https://www.googleapis.com/auth/userinfo.profile

What it grants: The user's name and profile picture.

How the app uses it: Displays the signed-in user's name and avatar inside the Software.

How data is stored: Cached locally on the user's device. Not shared with any third party.

File Access (non-sensitive, per-file scope)

Scope: https://www.googleapis.com/auth/drive.file

What it grants: Per-file Google Drive access. The Software can only see and modify files it created itself, or files the user explicitly opened through a Google file picker. The Software cannot browse the user's full Drive.

How the app uses it: Creates and reads claim-related files (PDFs, photos, documents) in folders the Software itself creates in the user's Drive.

How data is stored: Files reside in the user's own Google Drive under the user's control. The Software does not copy, proxy, or mirror these files to our servers.

Sensitive Scopes

The following three scopes are classified as sensitive by Google and are subject to verification review. We use only what each feature requires.

Scope: https://www.googleapis.com/auth/gmail.send

What it grants: Permission to send email as the user. This scope is send-only. The Software cannot read, modify, delete, or label any mail in the user's inbox, drafts, sent folder, or any other mailbox.

How the app uses it: Sends inspection-scheduling and follow-up emails to insureds from the adjuster's own Gmail address, on the adjuster's behalf.

How data is stored: Outgoing message metadata (recipient, timestamp, delivery status) is retained locally on the user's device for audit and compliance purposes. Message bodies are not stored on our servers; they are transmitted directly through Google.

Scope: https://www.googleapis.com/auth/calendar

What it grants: Read and write access to the user's Google Calendar events.

How the app uses it: Creates and updates inspection appointments tied to a claim; reads existing events so the Software can show the user's availability and avoid double-booking.

How data is stored: Event identifiers and minimal scheduling metadata are cached locally on the user's device to support sync and conflict detection. We do not store full calendar contents on our servers.

Scope: https://www.googleapis.com/auth/contacts

What it grants: Read and write access to the user's Google Contacts.

How the app uses it: Provides caller-ID lookup for incoming calls; saves insured contact info to the user's Contacts so the claimant's name appears when they call back.

How data is stored: Contact data is read on demand and cached locally on the user's device in an encrypted database. We do not transmit the user's contact list to our servers.

3.2 Scopes the Software Deliberately Does NOT Request

For transparency and security, the Software intentionally avoids the following scopes, even when a feature could technically use them:

https://www.googleapis.com/auth/gmail.readonly — the Software cannot read the user's email.
https://www.googleapis.com/auth/gmail.modify — the Software cannot modify, delete, or label existing mail.
https://www.googleapis.com/auth/drive and https://www.googleapis.com/auth/drive.readonly — the Software cannot browse, list, or read files outside the per-file scope described above.
https://www.googleapis.com/auth/spreadsheets — the Software cannot access Google Sheets. (This scope was removed on 2026-05-14 because it was never used by any feature.)

If the Software ever needs to request an additional scope in the future, you will be prompted for consent at that time, and this policy will be updated.

3.3 AI Services

The Software uses a third-party AI service to power optional research and drafting features (for example, summarizing a property's loss history or drafting a first-pass inspection note). Our current AI processor is Anthropic (Claude). We may change AI providers from time to time; the commitments described below apply regardless of which provider is in use, and we will update this policy when the provider changes.

Opt-in, per query: No claim or customer data is sent to AI by default. When you choose to use an AI feature, you decide what each query contains. If you write a custom prompt, its contents are transmitted to the AI processor exactly as you write them — we cannot guarantee what data you may choose to include in a custom prompt.
AI training disclosure: Data sent to our AI processor through the Software is not used to train, retrain, or improve any machine-learning or artificial-intelligence model under our API / enterprise terms with that provider.
Data accessed through Google OAuth scopes (Gmail, Calendar, Contacts, Drive) is never sent to our AI processor or any other AI service, regardless of whether you initiate a query.

3.4 SMS Services (Bandwidth)

Phone numbers and message content are transmitted to our SMS provider (Bandwidth) solely to deliver text messages on the user's behalf. Bandwidth's handling of this data is governed by its own privacy policy.

3.5 Sync Server

If multi-device sync is enabled, claim data is transmitted over TLS to our secure sync server so that the user's devices stay synchronized. Sync data is segregated per user account and is not shared with third parties.

4. Data Storage and Security

Claim data is stored locally on your device in an encrypted database
Credentials are stored securely using AES-256 encryption
Data transmitted to our servers uses TLS/HTTPS encryption
We implement reasonable security measures to protect your information
In the event of a data breach affecting your information, we will notify affected users without undue delay, consistent with applicable law.

However, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security of your data.

5. Data Retention

Claim data is retained locally until you delete it
Communication logs are retained for compliance and audit purposes
Account information is retained while your account is active
You may request deletion of your data at any time

6. Your Rights

You have the right to:

Access: Request a copy of your personal data
Correction: Request correction of inaccurate data
Deletion: Request deletion of your data
Portability: Export your claim data
Opt-out: Disable optional features like sync or AI tools
Revoke Google access: You may revoke the Software's access to your Google account at any time at https://myaccount.google.com/permissions.

To exercise these rights, contact us at privacy@adjusterphoto.com.

7. SMS Communications

When you use the text messaging feature:

Messages are sent only to claimants who have requested an inspection
Recipients may opt out by replying STOP
Opt-out requests are honored immediately
Message logs are maintained for compliance purposes

8. Children's Privacy

The Software is intended for professional use by insurance adjusters and adjusting firms. We do not knowingly collect information from children under 18.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will provide at least 30 days' advance notice of material changes through the Software. Continued use after changes constitutes acceptance of the updated policy.

10. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act:

Right to know what personal information is collected
Right to know if personal information is sold or disclosed
Right to opt out of the sale of personal information (we do not sell your data)
Right to non-discrimination for exercising your rights
Right to delete personal information
Right to know what categories of personal information are collected and the sources
Right to limit use of sensitive personal information

11. Browser Extension

The Claims Autofill browser extension:

Only communicates with the Claims Management desktop application on your local machine (localhost)
Does not send any data to external servers
Stores only the last-used claim number for convenience
Requires the desktop application to be running to function

12. Mobile Application (iOS) Privacy

Effective: May 18, 2026

This section describes how the Field Recorder iOS app handles your data. It supplements the privacy practices described elsewhere on this page; where this section conflicts with another section, this section controls for the iOS app.

12.1 What We Collect

When you use the Field Recorder iOS app, we may collect:

Account identifiers: your email address and Apple- or Google-provided user identifier when you sign in.
Voice recordings: audio you record in the field for the purpose of creating claim notes.
Photographs: images you capture using the in-app camera, including any metadata (such as GPS coordinates and timestamp) that you choose to embed.
Device information: device name, model, operating system version, and a generated device identifier used to enforce the per-account device limit.
Usage data: limited diagnostic information (crashes, errors) used to improve reliability.

We do not collect contacts, calendars, health data, financial information, or browsing history.

12.2 How We Use Your Data

Authentication: your email and provider-issued identifier are used solely to sign you in and tie your data to your account.
Transcription: voice recordings are transmitted to our server, forwarded to Deepgram for speech-to-text conversion, and then discarded. The resulting text transcript is returned to you and stored in your account.
AI report generation: transcripts and structured claim data may be sent to Anthropic (Claude) on your request to produce summary reports. We do not use your data to train any AI model.
Cloud sync (optional): if you connect a Google account, claim data, audio, and photos can be synchronized with your Google Drive at your direction. Google's privacy policy applies to data stored in Google Drive.
Device-lock enforcement: device identifiers are used to enforce the configured maximum number of devices per account.

12.3 Third-Party Processors

We share data only with the following processors, and only as necessary to deliver the features above. For the two AI processors (Anthropic and Deepgram), the app presents an in-app consent screen the first time you use the corresponding feature; you may revoke consent at any time from Settings → Privacy & AI inside the app.

Apple — Sign in with Apple authentication.
Google — Sign in with Google authentication and optional Google Drive synchronization.
Deepgram — speech-to-text transcription of audio recordings (details below).
Anthropic — AI-assisted report generation from claim notes (details below).
Expo / Expo Application Services — over-the-air application updates.

12.3.1 Anthropic (Claude) — AI Report Generation

Processor: Anthropic, PBC (San Francisco, CA, USA).

When data is sent: Only when you tap "Generate Report" on a finished inspection. No automatic background calls. No data is sent at sign-in or while you are simply browsing the app.

What is sent:

The transcript text produced by the transcription step.
The claim number you entered.
The insured's name (as you typed it into the claim).
Your firm name (the value you set at signup or in your profile).

What is NOT sent: photos, audio files, GPS coordinates, contact lists, calendar data, email, account passwords, or payment information.

What Anthropic does with it: generates a written summary report and returns the text to the app.

Training: Under our API / commercial terms with Anthropic, your prompt content is not used to train, retrain, or improve any Anthropic AI model.

Retention: Anthropic retains API request data for a limited operational period (currently up to 30 days for trust-and-safety processing) and then deletes it. We do not have access to that retained copy.

Security: data is transmitted over TLS. Anthropic publishes a SOC 2 Type II report describing equivalent technical and organizational protections.

More information: Anthropic Privacy Policy and Commercial Terms.

12.3.2 Deepgram — Audio Transcription

Processor: Deepgram, Inc. (San Francisco, CA, USA).

When data is sent: Only when you finish a voice recording and the app uploads it for transcription. No live or continuous streaming.

What is sent: the audio file you recorded (and only that audio file) for the purpose of converting it to text.

What is NOT sent: photos, location data, contacts, email contents, the claim number, or the insured's name.

What Deepgram does with it: returns a text transcript of the audio to our server, which forwards it to the app and stores the text on your account.

Training: Under our API terms with Deepgram, your audio is not used to train, retrain, or improve any Deepgram speech model.

Retention: Deepgram processes the audio and does not retain it after transcription under our account configuration.

Security: data is transmitted over TLS. Deepgram publishes a SOC 2 Type II report.

More information: Deepgram Privacy Policy.

Both processors are required to handle your data with at least equivalent privacy and security protections to those described in this Policy. You can revoke either consent inside the app at any time; revoking AI consent disables the corresponding feature but does not delete any data already on your account.

12.4 Sign in with Apple

If you sign in with Apple, you may choose to share or hide your email address. If you choose "Hide My Email," Apple provides us with a relay address; we use it exactly the same as a real email.

Apple does not share your name with us on subsequent sign-ins; we cache it locally on first sign-in so the app can address you correctly.

12.5 Data Retention and Deletion

Claim data, photos, transcripts, and PDFs are retained in your account until you delete them.
You may delete individual claims and their attachments from within the app at any time.
To delete your entire account and all associated data, email us at privacy@adjusterphoto.com from the address associated with your account. We will delete your data within 30 days.
Apple users can also revoke our access at any time via Settings → Apple ID → Sign in with Apple → Field Recorder → Stop Using Apple ID.

12.6 Permissions We Request

The app requests the following iOS permissions; you may revoke any of them in Settings → Field Recorder:

Microphone: required to record voice notes.
Camera: required to capture photos for claims.
Photo Library: optional, used only if you choose to save generated images or PDFs.
Location (While Using): optional, used to embed GPS coordinates in claim photos if enabled.

12.7 Children's Privacy (iOS App)

The Field Recorder app is intended for professional use by insurance adjusters and adjusting firms. It is not directed to children under 13, and we do not knowingly collect data from children under 13.

12.8 Contact

Questions about this section: privacy@adjusterphoto.com.

13. Contact Us

For questions about this Privacy Policy or to exercise your data rights, please contact us at privacy@adjusterphoto.com.

14. Google API Services User Data Policy — Limited Use

Claims Management's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically:

We only use Google user data to provide or improve user-facing features that are prominent in the Software's user interface. Every scope described in Section 3.1 maps to a feature the user can see and use.
We do not transfer Google user data to third parties except as necessary to provide or improve those user-facing features, to comply with applicable law, or as part of a merger, acquisition, or sale of assets — in which case we will give affected users notice.
We do not use Google user data to serve advertisements, including retargeting, personalized, or interest-based advertising.
We do not allow humans to read Google user data unless we have obtained the user's affirmative agreement to view specific messages or files, doing so is necessary for security purposes (e.g., investigating abuse), to comply with applicable law, or the data has been aggregated and anonymized for internal operations and, even then, only when no reasonable alternative exists.
We do not use Google user data to train, retrain, or improve any generalized or non-personalized machine-learning or artificial-intelligence model. Data from Gmail, Calendar, Contacts, or Drive is never sent to any AI service. Queries that you initiate against our AI processor are not used for model training under our agreement with that provider.

If you believe the Software is handling your Google data in a way that does not match this policy, please contact privacy@adjusterphoto.com.