DrillerCRM

Privacy Policy

Effective date: 2026-05-27

1. Who we are

DrillerCRM ("DrillerCRM", "we", "us") provides a software-as-a-service platform for well-drilling, pump-service, and related contracting businesses at drillercrm.com. This Privacy Policy explains what information we collect, how we use it, and the choices available to users of the Service.

This policy covers two distinct relationships:

  • Customers — the contracting businesses that subscribe to and operate the Service.
  • End users — the individuals (administrators, office staff, crew, finance, support) who sign in to the Service on a Customer's behalf, and the homeowners and businesses who interact with a Customer through the Service (proposal recipients, ETA viewers, well-confirmation participants).

For Customer Data (records belonging to a Customer's tenant), the Customer is the data controller and DrillerCRM is the data processor. For account information about end users that DrillerCRM holds in its own systems (authentication, audit logs, support correspondence), DrillerCRM is the controller.

2. Information we collect

We collect:

  • Account information. Name, email, role, tenant membership, and authentication factors when an end user signs up or is invited.
  • Customer records. Companies, contacts, projects, tasks, materials, proposals, change orders, invoices, well-completion reports, permit filings, and related operational records that Customers create in the Service.
  • Communications. Inbound and outbound SMS, email, internal notes, and call recordings or summaries created through the Service's communications features.
  • Location and field data. GPS coordinates, photos, and form responses captured by crew users when GPS is enabled by the Customer's administrators (see the Customer's GPS privacy settings).
  • Gmail data (only when a Customer connects a Google Workspace mailbox — see Section 4).
  • Quickbooks Online data (only when a Customer connects QBO — invoices, payments, customers, items).
  • Usage and device data. Standard server logs (IP address, user agent, request path, timestamps), authentication events, and product analytics needed to operate the Service.
  • Cookies. A Supabase session cookie for authentication and an active_tenant_id cookie used to scope a session to the correct tenant.

3. How we use information

We use information to:

  • Provide, maintain, and secure the Service.
  • Authenticate end users and enforce tenant isolation through row-level security in our database.
  • Deliver outbound communications a Customer or its end users initiate (SMS, email, calls), subject to consent and applicable law (TCPA, CAN-SPAM, and similar).
  • Operate AI-assisted features (drafting, summarization, classification) through our LLM router. AI output is presented as a draft for human review; nothing is sent or dispatched externally until an end user explicitly approves it.
  • Provide customer support and respond to requests.
  • Detect, prevent, and respond to fraud, abuse, and security incidents.
  • Comply with legal obligations.

4. Google API Services User Data Policy

DrillerCRM connects to Google Workspace / Gmail using the OAuth scopes gmail.send, gmail.readonly, and gmail.modify. When a Customer connects a Gmail mailbox, the Service reads message metadata and content for messages that belong to the threads the Service tracks (proposals, change orders, project communications), sends messages on the connected user's behalf, and modifies labels and read state for tracked threads. We never train AI models on Gmail content. OAuth refresh tokens are stored encrypted at rest.

Google API Services User Data Policy disclosure:

DrillerCRM's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

End users can disconnect Gmail at any time from the Service's integration settings. Disconnection revokes the stored tokens and stops further synchronization; previously synchronized messages remain visible inside the Service per the Customer's retention configuration.

5. Sharing and sub-processors

We share information only as needed to operate the Service, with sub-processors that are bound by appropriate data-protection terms. Current sub-processors include:

  • Supabase — primary database and authentication.
  • Google (Workspace / Gmail / Cloud) — email integration and certain cloud infrastructure components.
  • Twilio — SMS and voice.
  • Postmark — transactional email delivery.
  • Intuit (QuickBooks Online) — accounting integration when connected by a Customer.
  • OpenAI and Anthropic — large language model providers accessed through DrillerCRM's LLM router for AI-assisted features.
  • Netlify — web application hosting and edge delivery.
  • Sentry — error monitoring (limited to non-PII metadata).

We do not sell personal information.

We may disclose information in response to lawful requests from public authorities, to enforce our terms, to protect the rights, safety, or property of DrillerCRM or others, or in connection with a corporate transaction subject to confidentiality protections.

6. Retention and deletion

We retain Customer Data while a subscription is active and for a limited grace window thereafter. A Customer administrator can initiate tenant deletion from the in-app danger-zone settings, which begins a thirty (30) day grace period during which deletion can be revoked. After the grace period, Customer Data is deleted or anonymized.

Server logs, audit records, and other operational data are retained for shorter periods consistent with security and legal requirements.

7. Security

We use technical and organizational controls appropriate to the risk, including encryption in transit, encryption at rest for sensitive fields (including OAuth refresh tokens), tenant-scoped access controls enforced at the database layer, role-based authorization in the application, and audit logging for sensitive operations.

No system is perfectly secure. Customers are responsible for protecting their own credentials and configuring user access appropriately.

8. Consent and communications

Outbound SMS and email to end recipients depend on opt-in consent recorded against the recipient's contact record. STOP and unsubscribe requests are honored within the timeframes required by applicable law (TCPA, CAN-SPAM, and similar). Marketing emails sent by DrillerCRM include a physical mailing address and a one-click unsubscribe link.

9. Your rights

Depending on where you live, you may have rights to access, correct, delete, export, or restrict processing of personal information about you, and to object to certain processing or withdraw consent.

If you are an end user of a Customer's tenant, please direct requests to that Customer first, since they are the controller of the data they hold about you. If you need to reach DrillerCRM directly, email hello@drillercrm.com.

10. International transfers

DrillerCRM operates in the United States. If you access the Service from outside the United States, information is processed in the United States and other jurisdictions where our sub-processors operate.

11. Children

The Service is intended for business use and is not directed to children under 16. We do not knowingly collect personal information from children.

12. Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be communicated to administrators through the Service or by email before they take effect, and the effective date at the top of this document will be updated accordingly.

13. Contact

Questions about this Privacy Policy can be directed to hello@drillercrm.com.