Customer Privacy Policy

Last updated: May 15, 2026

This Privacy Policy explains how Chisel Industries Inc. ("Chisel," "we," "us," or "our"), a corporation with its principal place of business at 150 California Street, San Francisco, California 94111, handles personal information about end customers of the field-service businesses that use our Chisel Tide platform (the "Platform"). This Policy applies to data the Platform collects about you as a customer of a Service Provider. It does not cover the separate Chisel Tide mobile application used by technicians, which has its own privacy policy.

1. Who This Policy Applies To

The Platform is used by field-service businesses ("Service Providers") to manage their customer relationships and operations. If you are a customer of a Service Provider that uses Chisel Tide, this Policy describes the information collected about you through the Platform. The Platform is intended for use in the United States by individuals 18 years or older.

2. Our Role and the Service Provider's Role

Your Service Provider — not Chisel — has the direct customer relationship with you. Your Service Provider decide what customer information to collect, what notifications to send, how long to retain records, and who within their organization has access. They are the controller of that information.

Chisel processes the information on the Service Provider's behalf and is responsible for storing it securely, keeping it intact, and operating the Platform. We act as a service provider (under California law) or processor (under similar U.S. state laws) for customer data captured through the Platform. We do not use that data for our own purposes other than as described in this Policy.

3. Information We Hold About You

(a) Information your Service Provider records.

  • Identifiers: name, email address, mailing address, phone number(s), and an account identifier.
  • Preferred contact method (Email, SMS, Phone, or App) and per-category notification preferences (billing, service, reports, approvals).
  • Property and service details: addresses serviced, equipment, access codes, and notes.
  • Billing information: invoices, payments, payment methods on file (stored by Stripe; Chisel sees only non-sensitive identifiers), payment plans, and balances.
  • Service history: scheduled visits, completed work, photos, technician notes, and signatures.
  • Customer communications you exchange with your Service Provider through the Platform.

(b) Information collected automatically.

  • Technical information needed to operate the customer portal: device type and operating system, browser version, language, time zone, and basic error and access events.
  • Authentication tokens used to keep you signed in to the portal.

We do not collect device advertising identifiers, and the Platform does not include third-party advertising or cross-site analytics SDKs targeting end customers.

4. How We Use Information

We use the information described above to:

  • (a) operate the Platform on behalf of your Service Provider;
  • (b) deliver transactional notifications (email, SMS, in-app) that you have consented to receive — see our SMS Consent & Opt-In Policy for how SMS consent is separately captured;
  • (c) process payments and reconcile billing records;
  • (d) authenticate you to the customer portal;
  • (e) maintain the security and integrity of the Platform, including detection and prevention of fraud, abuse, and unauthorized access;
  • (f) comply with our legal obligations and enforce our Terms of Service.

5. SMS / Text Messaging

If you separately consent to receive SMS notifications (as described in our SMS Consent & Opt-In Policy), Chisel collects and uses your mobile phone number solely to deliver transactional SMS notifications on behalf of your Service Provider. SMS consent is optional and is not required to use the Platform or receive service.

Mobile information will not be shared with third parties or affiliates for marketing or promotional purposes. All other categories of personal information exclude text-messaging originator opt-in data and consent; this information will not be shared with any third parties.

We do not sell your mobile information or SMS opt-in data, and we do not share it with third parties or lead generators for their own marketing. Message and data rates may apply. You may opt out at any time by replying STOP to any message, or by changing your preferred contact method in the customer portal. Replying HELP returns contact information. See the SMS Consent & Opt-In Policy for full details.

6. How We Share Information

We share personal information only as follows:

(a) With your Service Provider. All information collected about you through the Platform is made available to your Service Provider, who manages it in their administrative dashboard. Your Service Provider controls its further use within their organization.

(b) With service providers that operate parts of the Platform on our behalf. These include providers of cloud database hosting, file storage, transactional email, SMS delivery, payment processing, mapping and geocoding, and AI inference. These providers are contractually required to handle the data only as we direct them and only as necessary to provide their services.

(c) For legal and safety reasons. We may disclose information when we believe in good faith that disclosure is required by law or legal process, to protect Chisel's rights or property, to protect the safety of you, our users, or the public, or to investigate suspected wrongdoing.

(d) In a corporate transaction. If Chisel is involved in a merger, acquisition, financing, or sale of assets, information may be transferred as part of that transaction, subject to standard confidentiality protections.

We do not sell personal information, and we do not "share" personal information for cross-context behavioral advertising as those terms are defined under California law.

7. Where Data Is Stored

All personal information collected through the Platform is stored within the United States. The service providers we use to operate the Platform also process information within the United States.

8. How Long We Keep Information

We retain information for as long as your Service Provider's account remains active on the Platform. When a Service Provider account is deleted, the personal information associated with that account — including data about its customers — is deleted from our active systems within a reasonable period and removed from routine backups according to our backup-retention schedule.

If you stop being a customer of a particular Service Provider, your information remains under that Service Provider's control. They may instruct us to delete or modify your data sooner. To request deletion or changes, the most direct path is to contact your Service Provider; you may also contact us using the information in Section 12.

We may retain limited information for longer where required by law, to resolve disputes, or to enforce our agreements.

9. Security

We use industry-standard administrative, technical, and physical safeguards to protect personal information, including encryption in transit, encrypted storage at rest, scoped access controls within our team, and regular review of our security practices. Sensitive payment-card data is handled by Stripe and never touches Chisel's servers in unredacted form. No system is perfectly secure, however, and we cannot guarantee that information will always be protected against every threat. You are responsible for keeping your portal credentials secure.

10. Your California Privacy Rights

If you are a California resident, the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA) give you the following rights, subject to certain exceptions:

(a) Right to know. You may request that we disclose the categories and specific pieces of personal information we have collected about you, the sources of that information, our purposes for collecting it, and the categories of third parties with whom we share it.

(b) Right to delete. You may request that we delete personal information we have collected about you, subject to legal exceptions (for example, where we are required to retain it).

(c) Right to correct. You may request that we correct inaccurate personal information.

(d) Right to opt out of sale or sharing. We do not sell personal information, and we do not share it for cross-context behavioral advertising. There is therefore nothing to opt out of, but you have the right to confirm this in writing from us.

(e) Right against discrimination. We will not discriminate against you for exercising any of these rights.

Because most data about you is held by your Service Provider, we may forward your request to them, or instruct you to contact them directly, where they are the appropriate party to respond. To exercise any of these rights, contact us at legal@chiselindustries.com. We will verify your identity (typically by confirming control of the email or phone number associated with your account) and respond within the time period required by California law (generally 45 days, extendable in limited cases).

11. Children's Privacy

The Platform is not directed to anyone under 18, and we do not knowingly collect personal information from anyone under 18. If you believe a person under 18 has provided us with personal information, please contact us so we can take appropriate action.

12. Contact

Questions about this Policy or about how Chisel handles your personal information on the Platform can be sent to legal@chiselindustries.com or to Chisel Industries Inc., 150 California Street, San Francisco, California 94111, Attention: Privacy.

13. Changes to This Policy

We may update this Policy from time to time. If we make material changes we will notify you through the Platform or by other reasonable means and will update the "Last updated" date above. Your continued use of the Platform after the updated Policy takes effect constitutes acceptance of the updated Policy.