Homey D. Agent

Privacy Policy

Last updated: March 15, 2026

1. Introduction

Homey D. Agent ("we," "us," or "our") operates the homeydagent.com website and platform (the "Service"). This Privacy Policy explains how we collect, use, protect, and handle your information when you use our Service.

We are committed to protecting your privacy and ensuring you have full control over your data. By using our Service, you agree to the practices described in this policy.

2. Your Data Belongs to You

We want to be unequivocally clear: your data is yours.

  • Ownership. All business data you import, sync, or generate through the Service (including but not limited to customer records, job history, financial data, marketing metrics, call records, equipment records, service agreements, and any analytics derived from your data) remains your sole property at all times.
  • No sharing. Your data is never shared with, sold to, rented to, or disclosed to any third party. Period. We do not share your data with other clients, advertisers, data brokers, or any entity outside of users you have explicitly authorized to access your account.
  • No training. Your business data is never used to train machine learning models, algorithms, or AI systems. Your data is used solely to provide the Service to you.
  • Client isolation. Each client account operates as a completely separate, isolated data environment. No data is shared or visible between clients. Users who belong to multiple client accounts see only the data for the client they are currently viewing.
  • Your authorized users only. Your data is accessible only to users you have explicitly added to your client account and assigned a role. You control who has access, what level of access they have, and you can revoke access at any time.

3. Your Right to Delete Your Data

You have the absolute right to delete your data at any time.

  • Account deletion. You may request complete deletion of your client account and all associated data by contacting us at privacy@homeydagent.com. Upon receiving your request, we will permanently delete all data associated with your client account within 30 days.
  • Selective deletion. Administrators can delete individual records, disconnect integrations (which stops future data syncing), and remove users from their client account at any time through the Settings pages.
  • Disconnecting integrations. When you disconnect a third-party integration (such as ServiceTitan, Google Ads, CallRail, etc.), we stop syncing data from that platform. You may also request deletion of previously synced data from that integration.
  • Permanent deletion. When data is deleted, it is permanently removed from our active databases. Backups containing deleted data are purged within 90 days of the deletion request.
  • Personal data. Individual users can manage their personal data (name, email, phone number) through the Manage Profile section, and can request deletion of their personal account at any time.

4. Information We Collect

4.1 Account Information

When you register, we collect:

  • Email address (used as your login identifier)
  • Password (stored using industry-standard one-way hashing; we cannot see your password)
  • Phone number (optional, for account recovery)
  • Company name and business details you provide during setup

4.2 Business Data from Integrations

When you connect third-party platforms, we sync data from those platforms on your behalf. This may include:

  • Field service platforms (ServiceTitan, Jobber, Housecall Pro, FieldEdge): Customer records, job history, invoices, equipment records, service agreements, technician data, property information
  • Call tracking (CallRail): Call records, caller information, call dispositions, tracking numbers
  • Email marketing (Klaviyo, Mailchimp, Listrak): Campaign data, email events, subscriber segments
  • Advertising (Google Ads): Campaign performance, keywords, ad copy, geographic metrics, auction insights

We only sync data that you authorize through the OAuth connection process. We access these platforms using credentials you provide and only retrieve data relevant to operating the Service.

4.3 Automatically Collected Data

We automatically collect limited technical data to operate and secure the Service:

  • IP address and browser type (for security and session management)
  • Pages visited and features used within the Service (for improving the user experience)
  • Timestamps of logins and actions (for audit logging)

We do not use third-party tracking pixels, advertising cookies, or analytics services that share your browsing data with third parties.

4.4 Public Data Sources

We supplement your service area data with publicly available information from:

  • National Weather Service: Weather forecasts and alerts for your service area zip codes
  • U.S. Census Bureau: Demographic and housing data for your service area zip codes

This public data is not personal information and is available to anyone.

5. How We Use Your Information

We use your information solely to provide and improve the Service for you:

  • Displaying your business data on dashboards, reports, and through the AI chat assistant
  • Generating insights, recommendations, and analytics from your data
  • Sending you notifications about your account, data syncs, and business alerts you have configured
  • Authenticating your identity and securing your account
  • Providing customer support when you contact us
  • Maintaining and improving the reliability and performance of the Service

We do not use your data for advertising, profiling, or any purpose unrelated to delivering the Service to you.

6. AI and Data Processing

Our Service includes an AI chat assistant that answers questions about your business data. When you use the chat:

  • Your questions are processed by a third-party AI model provider to generate responses
  • We send only the minimum data necessary to answer your question (such as query results from your database)
  • We do not send your full database or personally identifiable customer information to AI providers unless it is directly relevant to your question
  • AI providers are contractually prohibited from using your data to train their models
  • Chat conversations are stored in your account for your reference and can be deleted at any time

7. Data Security

We implement industry-standard security measures to protect your data:

  • Encryption in transit: All data transmitted between your browser and our servers is encrypted using TLS 1.2 or higher
  • Encryption at rest: Sensitive credentials (API keys, OAuth tokens) are encrypted before storage
  • Access controls: Role-based access controls ensure users only see data appropriate to their assigned role
  • Authentication: Passwords are hashed using industry-standard algorithms. We support two-factor authentication for additional security
  • Infrastructure: Our Service is hosted on Microsoft Azure with enterprise-grade physical and network security
  • Monitoring: We monitor for unauthorized access attempts and security anomalies

8. Data Retention

  • Active accounts: We retain your data for as long as your account is active and you continue to use the Service
  • Inactive accounts: If your account is inactive for 12 consecutive months, we will notify you before taking any action on your data
  • After deletion: When you delete your account, all data is permanently removed from active systems within 30 days and from backups within 90 days
  • Legal obligations: We may retain limited data if required by law (e.g., billing records for tax purposes), but only the minimum necessary and only for the legally required duration

9. Third-Party Services

We integrate with third-party services solely at your direction:

  • Integration platforms (ServiceTitan, Google Ads, CallRail, etc.): We access these on your behalf using credentials you provide through OAuth. These platforms have their own privacy policies governing how they handle your data.
  • Email delivery (SendGrid): We use SendGrid to send transactional emails (account notifications, password resets). Only your email address and the message content are shared with SendGrid for delivery purposes.
  • AI processing: As described in Section 6, limited data is sent to process your chat queries.
  • Hosting (Microsoft Azure): Our infrastructure runs on Azure. Microsoft's data processing terms apply to the hosting environment.

We do not sell, rent, or trade your information with any third party for their own purposes.

10. Cookies

We use only essential cookies required to operate the Service:

  • Authentication cookie: Keeps you logged in during your session
  • Anti-forgery token: Protects against cross-site request forgery attacks

We do not use advertising cookies, tracking cookies, or third-party analytics cookies.

11. Children's Privacy

The Service is designed for business use and is not directed at individuals under 18 years of age. We do not knowingly collect personal information from children.

12. Your Rights

Depending on your jurisdiction, you may have the following rights:

  • Access: Request a copy of all personal data we hold about you
  • Correction: Request correction of inaccurate personal data
  • Deletion: Request deletion of your personal data and business data (see Section 3)
  • Portability: Request an export of your data in a machine-readable format
  • Restriction: Request that we limit processing of your data in certain circumstances
  • Objection: Object to processing of your data for specific purposes

To exercise any of these rights, contact us at privacy@homeydagent.com. We will respond within 30 days.

13. California Residents (CCPA)

If you are a California resident, you have the right to:

  • Know what personal information we collect and how it is used
  • Request deletion of your personal information
  • Opt out of the sale of your personal information (we do not sell personal information)
  • Not be discriminated against for exercising your privacy rights

14. European Residents (GDPR)

If you are located in the European Economic Area, our legal basis for processing your data is:

  • Contract performance: Processing necessary to provide the Service you signed up for
  • Legitimate interest: Processing necessary to maintain security and improve the Service
  • Consent: Where you have explicitly consented (e.g., connecting third-party integrations)

You may withdraw consent at any time by disconnecting integrations or deleting your account.

15. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you via email or through a prominent notice on the Service at least 30 days before the changes take effect. Your continued use of the Service after changes become effective constitutes acceptance of the updated policy.

16. Contact Us

If you have questions about this Privacy Policy, your data, or your rights, contact us: