NexStride LLC

Privacy Policy

Last updated: April 2026

Who we are

FieldPilot is a product of NexStride LLC ("we," "us," "our"). This policy explains what data we collect, how we use it, who we share it with, and how you can control it.

Information we collect

Account information

Name, email address, company name, and role — provided when you sign up through Supabase Auth (email/password, Google, or Microsoft sign-in).

Calendar data

Event metadata (titles, times, locations) from calendars you connect — Google Calendar via OAuth, Microsoft Outlook via OAuth, or ICS calendar links you provide. Used to detect gaps in your schedule. Calendar data is stored in our database and refreshed when you sync.

CRM data (Salesforce)

When you connect Salesforce, we access Accounts (name, industry, revenue, employee count), Contacts (name, title, email, phone), Leads (name, company, email, status), and Activities (tasks, events, call logs) using your personal Salesforce credentials via OAuth. We only access data your Salesforce permissions allow. CRM data is stored as targets for the suggestion and trip planning engines. Write-back to Salesforce is not enabled in the current version.

Stops, targets, and trip data

Addresses, company names, notes, priority levels, and NAICS industry codes for stops you create and targets you upload via CSV or enter manually. Trip plans including dates, daily schedules, anchor assignments, and AI-generated itineraries.

Prospect data

Company information from Apollo.io (name, address, city, state, ZIP, phone number, website, revenue, employee count, LinkedIn URL, headcount growth, coordinates, NAICS codes) cached in our database for trip planning and prospect suggestions.

Location data

Target addresses are geocoded via Google Maps to determine coordinates. Coordinates are cached after the first geocode. We also query Google Places, Mapbox, TomTom, and OpenStreetMap to discover nearby facilities and points of interest for suggestions. Location coordinates are excluded from internal telemetry logs.

Usage data

Feature interactions (e.g., suggestion shown, accepted, skipped), page views, and conversion events. Internal telemetry events are stored in our database, scoped to your account. Sensitive fields (coordinates, addresses, search queries) are stripped before logging. Google Analytics collects anonymized page views and conversion events.

Payment data

Billing is processed by Stripe. We store your Stripe customer ID, subscription status, and team size. We do not store payment card numbers — Stripe handles all card data directly.

How we use your information

AI trip planning. Calendar, CRM, target, prospect, and location data are sent to Anthropic's Claude API to generate multi-day trip plans with optimized routes and prospect recommendations.
Suggestions. Calendar, CRM, target, and location data are used to generate ranked suggestions for stops between your scheduled meetings.
Route calculation. Addresses and coordinates are sent to Google Maps for driving time and distance computation.
Prospect search. Search criteria are sent to Apollo.io to find companies matching your target industry profile.
Service operation. Account info, usage data, and error logs are used to operate, debug, and improve the product.
Billing. Subscription and entitlement data determine your access level and feature availability.
Team features. If you are part of an organization, your manager may see aggregated coverage data, target assignments, and team-level metrics.
Communications. We use your email to send service-related messages (invite links, access request notifications) via Resend. We do not send marketing email without consent.

Data shared with third parties

We do not sell your data. We share data only with the service providers listed below, under their respective data processing terms, and when required by law.

Anthropic (Claude AI)

Data sent: Home base address and coordinates, trip dates and schedule preferences, anchor account names/cities/states/coordinates, selected account names/cities/states/coordinates, NAICS industry codes, prospect company data from tool responses (company name, address, city, state, ZIP, phone, website, revenue, employee count, LinkedIn URL, headcount growth, coordinates), and user account names/locations/priorities.

Purpose: AI-powered trip plan generation.

Data retention by Anthropic: Anthropic does not use API inputs or outputs to train its models. Data is processed for the duration of the API request only and is subject to Anthropic's API data usage policy, which provides for limited retention for trust and safety purposes.

Google Maps Platform (Routes, Places, Geocoding)

Data sent: Origin and destination addresses or coordinates, intermediate waypoints, departure time preferences (Routes API); text search queries with optional coordinates and radius (Places API); latitude/longitude coordinates (Geocoding API).

Purpose: Driving time calculation, place search, and address resolution.

Policy: Google Maps Platform Terms

Apollo.io

Data sent: Search filters including cities, states, industry keywords, and employee count ranges.

Data received: Company name, address, city, state, ZIP, phone, website, domain, revenue, employee count, LinkedIn URL, headcount growth, and coordinates. Cached in our database for trip planning.

Purpose: B2B prospect discovery for trip planning and suggestions.

Policy: Apollo.io Privacy Policy

Stripe

Data sent: User ID, email address, organization ID, team size (rep count), and selected price plan.

Purpose: Payment processing and subscription management. FieldPilot does not store payment card numbers.

Policy: Stripe Privacy Policy

Salesforce

Data accessed: Accounts (name, industry, revenue, employees), Contacts (name, title, email, phone), Leads (name, company, email, status), Activities (tasks, events, call history), and Opportunities — via your personal OAuth credentials. Only data your Salesforce permissions allow.

Purpose: CRM data sync for target lists and suggestion scoring.

Google Calendar & Microsoft Outlook

Data accessed: Calendar event titles, times, locations, and attendees via OAuth. Google requests calendar.events and calendar.readonly scopes. Microsoft requests Calendars.ReadWrite scope.

Purpose: Detect schedule gaps and create events for planned stops.

Supabase

Data stored: All application data — authentication records, user profiles, organization membership, targets, trip plans, telemetry, and OAuth tokens. Hosted in US-based infrastructure with row-level security.

Policy: Supabase Privacy Policy

Mapbox & TomTom

Data sent: Latitude/longitude coordinates and search radius.

Purpose: Reverse geocoding and nearby point-of-interest discovery.

OpenStreetMap (Overpass API)

Data sent: Geographic bounding boxes (coordinate ranges).

Purpose: Public facility and territory boundary data. No authentication required; public data only.

Resend

Data sent: Recipient email addresses and message content.

Purpose: Transactional email delivery (team invitations, notifications).

Vercel

Data collected: Web Vitals, performance metrics, and anonymized usage analytics.

Purpose: Application hosting and performance monitoring.

Policy: Vercel Privacy Policy

Google Analytics

Data collected: Anonymized page views, funnel events (role selection, team size, checkout), and conversion tracking via Google Analytics 4 and Google Ads.

Purpose: Understanding product usage and marketing attribution.

Data retention

Trip plans: Retained while your account is active.
Customer lists and targets: Retained while your account is active. Archived (hidden, not deleted) when you disconnect an integration.
AI processing: Not retained by Anthropic beyond the API request, subject to their trust and safety retention policy.
Prospect cache (Apollo.io data): Retained indefinitely for performance and trip planning accuracy.
OAuth tokens: Stored while the integration is connected. Deleted when you disconnect.
Account closure: Data is deleted after a reasonable retention period unless a legal obligation requires otherwise. You can request immediate deletion by contacting support.

Data security

All external API calls use HTTPS encryption.
Database security policies enforce per-user and per-org data isolation.
API keys are stored in server-side environment variables, never exposed to client code.
Authentication is handled by Supabase Auth with support for email/password, Google, and Microsoft sign-in.
Host allowlists for calendar imports prevent SSRF attacks.
Webhook signature verification for Stripe events.
Time-limited invite tokens for team access.
Location data (coordinates, addresses) is stripped from internal telemetry logs.

No system is 100% secure. We use reasonable administrative, technical, and physical safeguards to protect your data.

Anonymized and aggregated data

Anonymized, aggregated usage data may be used to improve recommendations across the platform. No personally identifiable information or organization-specific data is shared between customers.

Your rights

You can:

Access your data by viewing your account, targets, and trip plans in the app.
Export your data by contacting support.
Delete your data by closing your account or contacting support.
Revoke integrations in FieldPilot Settings or directly at the provider (Google, Microsoft, Salesforce). CRM-sourced targets are archived and restored if you reconnect.

Changes

We may update this policy. Material changes will be communicated via the email on your account. Continued use after changes take effect constitutes acceptance.

Contact

NexStride LLC — jide@getfieldpilot.com

For questions about our data practices, contact jide@getfieldpilot.com.