Skip to main content

Privacy Policy

Last updated: March 12, 2026

1. Who We Are

Person Trail (“Service”) is owned and operated by That Fellow Digital LLC, a limited liability company (“Company,” “we,” “us,” or “our”). This Privacy Policy explains how we collect, use, and protect personal information when you use Person Trail at persontrail.com.

By using Person Trail, you agree to this Privacy Policy. If you do not agree, please do not use the Service.

2. Information We Collect

Account information: When you create an account, we collect your name, email address, and hashed password. Organization accounts also include your company name.

Usage data: We collect information about how you interact with the Service, including pages visited, features used, and actions taken (e.g., jobs created, assignments made).

Crew member data: Owner accounts may enter data about their crew members, including name, email, phone number, skills, and availability. This data is provided by the organization owner and is stored on their behalf.

Job and business data: Property addresses, job descriptions, schedules, and progress updates entered into the Service.

Payment information: We do not store payment card details. All payment processing is handled by Stripe, Inc. We store your Stripe Customer ID and subscription status to manage your account.

Billing event data: We record billing events such as subscription changes, payment failures, dispute filings, and refund requests. These records include the event type, amount, and associated Stripe identifiers. No payment card details are stored in billing event records.

Email verification data: When you verify your email address, we record the verification timestamp on your account. If you sign in with Google, your email is automatically marked as verified.

Activity logs: We record actions you take on the platform (such as creating jobs, updating statuses, or assigning crew members) for security and service improvement.

Performance and scheduling data: When organization owners use our scheduling features, we collect contractor performance ratings, job completion metrics, and assignment response data.

Technical data: IP address, browser type, operating system, and device information collected automatically when you use the Service.

AI interaction data: When you use our AI chat assistant or content suggestion features, your messages and prompts are transmitted to Groq, our third-party AI service provider, for processing. Chat conversations are session-only and are not saved to our database after the session ends. We record usage metrics (message count and feature type) for quota enforcement.

Auto-translation data: On our Trailblazer plan, job messages may be automatically translated using Groq's language model. The original message text is sent to Groq for translation and language detection. Both the original and translated text are stored in our database so team members can view messages in their preferred language. Groq does not retain translation data after processing.

Calendar data: If you connect your Google Calendar, we access calendar event data (event titles, times, descriptions, and locations) to synchronize your jobs and phases. This connection is per-user and opt-in. We store encrypted OAuth tokens (access and refresh tokens) to maintain your connection.

Expense and receipt data: When you use the crew expense tracking feature, we collect expense details (amounts, categories, descriptions, and dates) that you submit. Receipt images you upload are stored in Vercel Blob storage and may be processed by Groq, our AI provider, for automated data extraction on eligible plans. Groq processes receipt images under its zero data retention policy and does not retain image data after processing.

Email integration data: If you connect your Gmail or Outlook account (Pro plan), we sync email metadata (subject lines, sender/recipient addresses, dates, and a brief preview snippet) for emails that match your client email addresses. We do not sync your entire inbox or personal emails. Full email bodies are fetched on-demand when you view them and are never stored in our database. Email attachments are streamed through our servers but never stored. OAuth tokens are encrypted with AES-256-GCM. On the Trailblazer plan, email content may be sent to Groq for AI analysis (task extraction, summarization). Data retention: Pro = 90 days, Trailblazer = 365 days, after which synced email records are automatically deleted.

Document storage: Job documents (spreadsheets, PDFs) uploaded by users are stored in Vercel Blob storage.

3. How We Use Your Information

  • To provide, operate, and improve the Service
  • To authenticate users and maintain secure sessions
  • To match crew members to jobs using our scheduling system
  • To generate contractor performance insights that may inform future scheduling recommendations
  • To send transactional emails (job assignments, status updates, password resets)
  • To process subscription payments via Stripe
  • To respond to support requests
  • To maintain activity logs for security, support, and service improvement
  • To provide passwordless login options via secure email links
  • To detect and prevent fraud, abuse, or security incidents
  • To process refund requests and respond to payment disputes via Stripe
  • To synchronize jobs and phases with Google Calendar when you opt in to the calendar integration
  • To power AI chat and content suggestion features via Groq, a third-party language model provider
  • To automatically translate job messages between languages for multilingual teams (Trailblazer plan, via Groq)
  • To enforce daily AI usage quotas based on subscription tier
  • To deliver webhook notifications to URLs you configure when events occur in your account (Trailblazer plan)
  • To comply with legal obligations

We do not sell your personal information to third parties. We do not use your data for advertising purposes.

4. Algorithmic Features

Person Trail uses a scheduling system to help organization owners assign crew members to jobs. Here is how it works:

What the system considers: The scheduling system evaluates contractor qualifications, availability, and other relevant factors to generate recommendations. On paid plans, historical performance data may also be considered.

Human oversight: The algorithm generates recommendations only. An organization owner must review and confirm every assignment before it takes effect. No crew member is ever assigned to a job without a human decision.

Crew member control: On Starter and Pro plans, crew members can accept or decline job assignments from their portal. Declined assignments are never held against a crew member in the algorithm.

What we do not do: We do not use facial recognition, biometric data, credit scores, or any data outside of Person Trail to make scheduling recommendations. We do not sell or share scheduling data with third parties.

AI features: Person Trail also offers AI-powered features (a chat assistant and content suggestions) that process data through Groq, a third-party large language model provider. These features are separate from the scheduling algorithm described above. The scheduling algorithm is internal and deterministic; AI features use external language model inference. AI-generated content may contain errors or inaccuracies, and users should review all AI output before relying on it.

If you have questions about how our scheduling or AI features use your data, contact us at [email protected].

5. Third-Party Services

We use the following third-party services to operate Person Trail:

  • Vercel — hosting and CDN (United States). Vercel may process request metadata (IP address, headers) as part of serving the application.
  • Neon — managed PostgreSQL database (US East region). All user and organization data is stored here.
  • Stripe — payment processing and dispute resolution. Stripe's Privacy Policy governs any data shared with Stripe during checkout. When responding to payment disputes, we may submit evidence to Stripe including your account name, email address, product description, and service access logs.
  • Resend — transactional email delivery. Email addresses are shared with Resend to deliver notifications.
  • Pusher — real-time notification delivery. We use Pusher to deliver instant status updates within your dashboard. No personal data is stored by Pusher.
  • Google — optional sign-in and Gmail integration. If you choose to sign in with Google, we receive your name and email address. If you connect Gmail email integration (Pro plan), we access your Gmail using OAuth with read and send scopes. We store only email metadata (subject, sender, date) in our database. Full email bodies are fetched on-demand and never stored. We do not access emails unrelated to your clients.
  • Microsoft — Outlook email integration. If you connect Outlook (Pro plan), we access your mailbox via Microsoft Graph API with read and send scopes. The same metadata-only storage applies. We sync only emails matching your client email addresses.
  • Cloudflare — CAPTCHA verification (Turnstile) and file storage (R2, via Vercel Blob). Cloudflare may process request metadata as part of these services.
  • Vercel Analytics — anonymized, privacy-friendly web analytics (no cookies, no personal data collected).
  • Groq — AI model inference and translation. User prompts submitted to our AI chat assistant and content suggestion features are sent to Groq's API for language model processing. On the Trailblazer plan, job messages are also sent to Groq for automatic translation between languages. When you use AI email analysis features (Trailblazer plan), email content is sent to Groq for task extraction, summarization, and reply suggestions. Groq operates under a zero-data-retention policy and does not retain any data after processing.
  • PostHog — product analytics. Collects anonymized usage events (page views, feature usage) to help us improve the Service. PostHog respects GDPR consent preferences set through our cookie banner. No data is collected until you opt in.
  • Google Analytics (GA4) — web analytics to understand site usage, traffic sources, and user journeys. Google Analytics respects GDPR consent preferences set through our cookie banner. No data is collected until you opt in. See Google's Privacy Policy.
  • Sentry — error monitoring. Collects error reports including stack traces and request metadata to help us identify and fix bugs. No personal data is intentionally collected; errors are stripped of PII before transmission.
  • Intuit (QuickBooks Online) — accounting integration (Pro plan only, opt-in). When you enable the QuickBooks integration, we sync invoices, estimates, and client data to your connected QuickBooks account. Data shared includes client names, email addresses, billing addresses, invoice details, and estimate details. See Intuit's Privacy Statement.
  • Google (Google Calendar API) — calendar synchronization (all plans, per-user opt-in). When you connect your Google Calendar, we read and write calendar events to sync your jobs and phases. Data shared includes event titles (job type and property address), event times, and event descriptions. We store encrypted OAuth tokens (AES-256-GCM) for maintaining your connection. You can disconnect at any time from Settings. See Google's Privacy Policy.
  • DocuSign, Inc. — e-signature processing for proposals, estimates, and change orders. Data shared includes document content, recipient name, and email address. See DocuSign's Privacy Policy.
  • Open-Meteo — weather forecast data (free, open-source API). When a job has location coordinates, we query Open-Meteo for weather forecasts to power job site weather widgets and severe weather alerts. Only latitude and longitude are sent to Open-Meteo. No personal data, account data, or IP addresses are shared. Open-Meteo does not require authentication and does not track users. See Open-Meteo Terms.

6. Client Portal

Person Trail provides a client portal that allows end clients of your organization to view job details, approve or decline change orders, view invoices, and communicate with your team.

Authentication: Client portal access is secured using a PIN-based login. A session cookie (pt_client_session) is set in the client's browser to maintain their authenticated session. This cookie is used solely for portal authentication and is not used for tracking or advertising.

Client information: We collect and store the client's name and email address to provide portal access. This information is entered by the organization that manages the client relationship.

Messages: Messages sent by clients through the portal are stored alongside job messages within the organization's account. These messages are visible to the organization's team members who have access to the relevant job.

Data visibility: Clients can only view data related to their own jobs, invoices, and change orders. They cannot access other clients' data or internal organization data.

No third-party sharing: Client portal data is not shared with any third parties. It is stored and processed solely to provide the portal experience described above.

7. Data Retention

We retain your account data for as long as your account is active. If you delete your account, we will delete or anonymize your personal data within 30 days, except where retention is required by law or for legitimate business purposes (e.g., fraud prevention).

Job and scheduling records may be retained in anonymized form for aggregate analytics.

8. Data Security

We implement industry-standard security practices including TLS encryption for data in transit, bcrypt password hashing, and role-based access controls. Your organization's data is isolated from other organizations at every level of our system. We regularly review our security practices to protect your data.

During signup, we check email addresses against a list of known disposable email providers to prevent fraud. This check is performed locally and no email data is sent to third parties for this purpose.

No method of transmission over the Internet is 100% secure. We cannot guarantee absolute security, but we will notify you promptly if we become aware of a breach affecting your data.

9. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access a copy of your personal data
  • Correct inaccurate data
  • Request deletion of your data
  • Object to or restrict certain processing
  • Data portability

To exercise these rights, email us at [email protected]. We will respond within 30 days.

10. Children's Privacy

Person Trail is not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting a notice on the Service or by email. Your continued use of the Service after the effective date constitutes acceptance of the updated policy.

12. Contact

That Fellow Digital LLC
Person Trail
[email protected]