Privacy Policy

This Privacy Policy describes how Field.is LLC (“Field,” “we,” “us”) collects, uses, and protects information when you use our practice management platform.

1. Who This Policy Applies To

This policy applies to three categories of people:

Operators: Professionals who subscribe to Field to manage their practice. You have a direct account and contractual relationship with us.
Operator Clients: End users of an Operator's services who access the Field portal or whose data is processed through Field. You may not have a direct relationship with Field — your relationship is with your Operator.
Visitors: People who visit field.is or run a scan without creating an account.

If you are an Operator's client: Your Operator is the data controller for your information. Field processes your data on your Operator's behalf as a data processor. Questions about how your data is used should be directed to your Operator first.

2. What We Collect

From Operators:

• Account information — name, email, password, practice name
• Billing information — processed by Stripe, not stored by Field
• Integration credentials — API keys for Harvest, Stripe, AI providers (stored server-side with provider-managed encryption at rest)
• Practice configuration — pricing, labels, template settings
• Usage data — interaction patterns (topic and category, not content)

From Operator activity (on behalf of Operators):

• Email content — inbound emails forwarded to the Operator's Field intake address, stored as source_body
• AI assessments — structured extractions from email content, stored as assessment_json
• Client and project data — including, where applicable, scan results, findings, uptime checks, and health scores
• Work records — time entries, proposals, budget consumption, expenses
• Client communications — updates, reports, and notices sent through Field
• Invoices and billing records

From Operator Clients (via the portal):

• Authentication data — email address, magic link tokens, access codes
• Service requests — content submitted through the portal
• Display preferences — depth setting

From Visitors:

• Scan submissions — site URL and results
• Referral attribution — which Operator referred the scan (?ref= parameter)

3. How We Use Your Information

All data is used exclusively to provide the Field platform services. Specifically:

• To operate the practice management pipeline (inbound, triage, work, settlement)
• To generate reports, assessments, and stewardship records
• To process email triage and provide Signal assessments
• To calculate budgets, billing, and invoicing
• To send transactional emails (reports, notifications, invoices)
• To provide monitoring and alerting services where applicable

We do not sell data. We do not use Operator or Client data for advertising, profiling, or any purpose outside of providing the service.

4. AI Processing

Field uses three classes of AI processing:

Platform AI (Field's key — Anthropic): Site scanning, request parsing, and report draft generation use Field's own Anthropic credentials. This processing is part of the core service and does not require Operator configuration.

Voice transcription (Field's key — OpenAI Whisper): When an Operator records a voice command in the admin surface, the audio is transmitted to OpenAI's Whisper API using Field's credentials to convert speech to text. The transcribed text is then handed to the Operator's configured AI provider (BYOK, below) for intent parsing. Audio is not retained by Field after transcription completes.

Operator AI (BYOK): Email triage, inline assessment, command bar features, and voice-command intent parsing use the Operator's configured AI provider credentials (Bring Your Own Key). The data relationship for these features is between the Operator and their AI provider; Field facilitates the transmission but does not act as an intermediary processor for the API call itself.

In all cases, data transmitted for AI processing passes through Field's servers. Raw email content (source_body) and AI-generated assessments (assessment_json) are stored in Field's database as described in Section 6.

5. Third-Party Processors

Field shares data with the following third-party services as necessary to provide the platform:

• Anthropic — AI processing. Platform features (site scanning, request parsing, report drafts) use Field's own Anthropic credentials; operator-level features (email triage, inline assessment, command bar, voice intent) run under the Operator's own BYOK key directly to Anthropic
• OpenAI — Voice transcription (Whisper API) for operator voice commands
• Google PageSpeed Insights — Public-page performance metrics during site scans (URLs only, no client data)
• WPScan — WordPress plugin/theme vulnerability lookups (plugin slugs only, no client data)
• WordPress.org — Public advisory RSS feed (no data sent)
• Cloudflare R2 — Object storage for the Field Agent install package (URLs only, no client data)
• Stripe — Payment processing and subscription billing
• Resend — Transactional email delivery (outbound)
• ImprovMX — Inbound email forwarding for Field intake addresses (*@in.field.is)
• Supabase — Database hosting and authentication (US East)
• Vercel — Application hosting and edge functions
• Pushover — Operator push notifications
• Harvest — Time-tracking sync, when an Operator connects their Harvest account

Each processor is governed by its own privacy policy and data processing terms. We select processors that maintain appropriate security standards.

6. Data Retention

We retain data according to the following schedule:

• Active Operator data: Retained while the account is active
• Inbound email content (source_body) and AI-generated assessments (assessment_json): The source_body, assessment_json, and inbox body fields are permanently nulled 18 months after the row was received, by an automated monthly process. Other fields on the same row (request title and description, work entries, attribution status, sender email, in-thread conversation messages) are retained as part of the active operational record; on account closure they are subject to the deletion process described below
• Scan findings and site data: Retained while the related site is active. Sites marked offboarded are retained in the platform for ongoing passive monitoring; permanent deletion is available on request
• Billing and invoice records: Retained for 7 years per tax requirements
• Authentication logs: Retained for 90 days
• Passive monitoring data (offboarded clients): Retained for 12 months, then auto-decommissioned

Operators may request immediate deletion of their data at any time (see Section 7). Billing records subject to tax retention requirements cannot be deleted early. On account closure, all Operator and Operator-Client data not subject to tax retention is permanently deleted within 60 days.

7. Operator Rights

Operators have the right to:

• Access — request a copy of all data Field holds about you and your clients
• Correction — update or correct inaccurate information
• Deletion — request permanent deletion of your account and associated data, subject to the retention schedule above
• Export — receive your data in a portable format
• Restriction — request that Field stop processing specific data while a dispute is resolved

To exercise any of these rights, contact privacy@field.is. Access, deletion, and export are currently handled as manual processes; we will acknowledge requests within 5 business days and respond substantively within 30 days. Operators with elevated compliance timelines should discuss bespoke arrangements with us in advance.

8. End-Client Data

Field holds data about Operator Clients — people who may not have a direct relationship with Field. This data is processed on behalf of the Operator under the data processor relationship described in our Terms of Service. Operator Clients who wish to exercise privacy rights regarding their data should contact their Operator directly. Operators are responsible for responding to their clients' data requests and may request Field's assistance via privacy@field.is to fulfill them.

If an Operator Client believes their data is being processed improperly, they may contact Field directly at privacy@field.is and we will work with the relevant Operator to address the concern.

9. Security

Field implements industry-standard security measures including:

• Encryption in transit (HTTPS/TLS on all connections)
• Encryption at rest (Supabase managed encryption)
• Row-level security on all database tables
• Operator MFA support (TOTP)
• Scoped API key authentication for integrations
• Integration credentials stored server-side with provider-managed encryption at rest

No system is perfectly secure. If we discover a data breach that affects your information, we will notify affected parties in accordance with applicable law.

10. Cookies and Tracking

Field uses essential cookies for authentication and session management. We do not use tracking cookies, analytics pixels, or third-party advertising trackers. We do not sell or share browsing data with third parties.

11. Children's Privacy

Field is not directed at children under 13. We do not knowingly collect information from children. If you believe a child has provided information to us, contact us and we will delete it.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email to Operators at least 14 days before taking effect. The “Last updated” date at the top reflects the most recent revision.

13. Contact

For privacy questions or to exercise your data rights:
privacy@field.is
Field.is LLC
[DECISION NEEDED: mailing address]