Privacy Policy

Last updated: June 2, 2026

PacketProspector ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform and services, including our web platform at app.packetprospector.com, the Dispatch field worker app (iOS and Android), and the PacketProspector Customer Portal when accessed through your Internet Service Provider's web or mobile app.

If you are an end consumer (a residential internet customer of an ISP that uses our platform), the ISP you receive service from is the data controller for your account; we operate as their data processor. Their own privacy policy may include additional disclosures specific to their service.

1. Information We Collect

Account Information

When you create an account or sign up for our services, we collect:

• Contact Information: Name, email address, phone number, company name
• Account Credentials: Email and password (passwords are encrypted)
• Billing Information: Payment card details, billing address (processed securely through our payment providers)
• Company Information: Business name, address, service areas, and team member details

Platform Usage Data

We automatically collect certain information when you use our platform:

• Device Information: IP address, browser type, operating system, device identifiers
• Usage Data: Features accessed, actions taken, time spent on the platform
• Log Data: Access times, pages viewed, errors encountered

Customer Data You Provide

As a platform for ISPs, you may upload or enter data about your customers, including:

• Lead and customer contact information
• Service addresses and locations
• Service plans and billing information
• Communication records and support tickets

You are responsible for ensuring you have proper consent to collect and store this data.

Mobile App Data (Dispatch and Customer Portal apps)

When you use our iOS or Android applications, we collect additional data the apps need to function:

• Location Information: When the Dispatch field worker app is open and you have granted permission, we use your device's location to display your position on the job map, provide turn-by-turn navigation to customer service addresses, and (when configured) geotag installation photos. Location data is not collected when the app is closed or backgrounded.
• Photos and Camera: When you capture installation photos or scan equipment QR codes inside the app, we receive the image data and any selected photos you attach to a job or ticket. We do not scan your photo library; we only receive images you explicitly capture or select.
• Push Notification Tokens: When you enable notifications, the app receives a device identifier ("push token") issued by Apple Push Notification service (APNs) on iOS or Firebase Cloud Messaging (FCM) on Android. We store this token on our servers to deliver notifications about job assignments, schedule changes, support tickets, and account events. The token is reset when you sign out or uninstall the app.
• Biometric Authentication Metadata: If you enable Face ID, Touch ID, or fingerprint sign-in, your biometric data never leaves your device. We receive only a confirmation that biometric authentication succeeded or failed; the underlying fingerprint or face data is stored exclusively in the device's secure enclave by Apple or your device manufacturer.
• Crash Diagnostic Data: If the app encounters a crash or unhandled error, we collect a stack trace along with your user identifier (a random GUID, never your email or name) so we can diagnose and fix the issue. Crash data is sent to our error-monitoring service (Sentry) and is not used for tracking or advertising.
• Device Information: Operating system version, model identifier, app version, and storage / network status to support the app and diagnose issues.

2. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve our platform and services
• Process payments and manage your subscription
• Send you important account notifications and service updates
• Provide customer support and respond to your inquiries
• Analyze usage patterns to improve our platform
• Detect, prevent, and address technical issues or security threats
• Comply with legal obligations

3. SMS/Text Message Communications

SMS Messages from PacketProspector

When you provide your mobile phone number and consent to receive SMS messages from PacketProspector, you agree to receive text messages related to your account, including but not limited to:

• Account verification codes and two-factor authentication
• Appointment and installation reminders
• Service outage notifications
• Billing and payment reminders
• Technician arrival notifications
• Important account alerts

Message Frequency: Message frequency varies based on your account activity and communication preferences. You may receive multiple messages per month depending on scheduled appointments, billing cycles, and service events.

Opt-Out: You may opt out of SMS messages at any time by replying STOP to any message you receive. You may also update your communication preferences in your account settings or contact us at [email protected]. After opting out, you will receive a confirmation message and no further SMS messages will be sent unless you re-enable SMS communications.

Help: For assistance with SMS messaging, reply HELP to any message or contact [email protected].

Message and Data Rates: Standard message and data rates may apply. Please contact your mobile carrier for details about your messaging plan.

Third-Party Service Providers: SMS messages are delivered through third-party service providers including Twilio and Azure Communication Services. Your phone number is shared with these providers solely for the purpose of delivering messages to you.

No Sharing for Marketing: We will not sell, rent, loan, trade, lease, or otherwise transfer your phone number or any personal information collected through SMS messaging to any third parties for their promotional or marketing purposes. Your mobile information will not be shared with third parties/affiliates for marketing/promotional purposes. All categories of information disclosed and described above will be shared solely for the purpose of providing services to you.

Carrier Disclaimer: Carriers (AT&T, T-Mobile, Verizon, etc.) are not liable for delayed or undelivered messages.

SMS Messages Sent by ISPs Using Our Platform

Our platform enables ISPs (our business customers) to send SMS notifications to their customers. When ISPs use these features:

• Messages are transmitted through our SMS service providers
• The ISP is responsible for obtaining proper consent from their customers
• The ISP must comply with all applicable SMS regulations (TCPA, CTIA guidelines, etc.)
• Message delivery data is logged for troubleshooting and compliance purposes

If you receive SMS messages from a PacketProspector customer (an ISP using our platform), that ISP's privacy policy governs the use of your information. Reply STOP to any message to opt out of messages from that ISP.

4. Data Sharing and Disclosure

We may share your information in the following circumstances:

• Service Providers: With third-party vendors who help us operate our platform. Each provider receives only the data needed to perform its specific function. We do not authorize them to use that data for any other purpose.
• Legal Requirements: When required by law, subpoena, or legal process
• Protection of Rights: To protect our rights, property, safety, or that of our users
• Business Transfers: In connection with a merger, acquisition, or sale of assets
• With Your Consent: When you have given us permission

Named Third-Party Service Providers

Our platform and mobile apps use the following third-party services. Each is bound by data-processing agreements requiring privacy protections comparable to those described in this policy:

• Microsoft Azure: Cloud hosting, database, file storage, Key Vault for secrets management, Notification Hubs for push delivery. Data is processed in United States data centers.
• Apple Push Notification service (APNs): Delivers push notifications to iOS devices. Receives only the encrypted notification payload and the device push token; cannot see notification content in plain text.
• Firebase Cloud Messaging (FCM, by Google): Delivers push notifications to Android devices. Same constraints as APNs.
• Sentry: Crash and error monitoring for the Dispatch app and our web platform. Receives stack traces and an anonymous user identifier (GUID); does not receive your name, email, phone, or other identifying details.
• Apple Sign in with Apple: Used when you sign in with your Apple ID. Apple may share your name and email (or a private relay email) only at the time of first sign-in, per your selections in Apple's sign-in dialog.
• Google Identity Services: Used when you sign in with your Google account. Google shares your name, email, and profile picture per your sign-in consent.
• Stripe: Payment processing. Receives payment card details and billing address only at the moment you submit a payment. We do not store full card numbers; we receive a tokenized reference only.
• Twilio: SMS message delivery. Receives your phone number and the message text only when an SMS is sent to you.
• SendGrid (Twilio): Transactional email delivery. Receives your email address and the message body.
• Mapbox: Map tile rendering and address geocoding inside the Dispatch app. Receives map area coordinates as you pan or search; receives the address text you enter for geocoding. Mapbox does not receive your account information.

We do not sell your personal information to third parties. Mobile information shared with the service providers above is used solely to deliver the service indicated; it is not shared with affiliates or third parties for their own marketing purposes.

5. Data Security

We implement industry-standard security measures to protect your information:

• Encryption of data in transit (TLS/SSL) and at rest
• Secure cloud infrastructure (Microsoft Azure)
• Role-based access controls and authentication
• Regular security assessments and monitoring
• Employee security training

While we strive to protect your information, no method of transmission or storage is 100% secure. Please use strong passwords and protect your account credentials.

6. Data Retention

We retain your information for as long as your account is active or as needed to provide services. After account termination:

• Account data is retained for 30 days to allow for reactivation
• After 30 days, personal data is deleted or anonymized
• Backup copies are deleted within 90 days

Regulatory Retention for ISP Records

Certain data is retained for longer periods because federal and state law requires it, regardless of an end-customer's deletion request. For end consumers (residential internet customers) of ISPs that use our platform:

• Customer Proprietary Network Information (CPNI): Retained for approximately 2 years per FCC requirements.
• Billing and tax records: Retained for up to 7 years per IRS and applicable state requirements.
• FCC §8.1 broadband label disclosures: Snapshots issued during your service period are retained per FCC §8.1 record-keeping rules.
• Truth-in-Billing records: Retained for 1 year minimum.
• CALEA-related records: Retained per applicable lawful-intercept requirements.

When the regulatory retention window expires, the records are either deleted or anonymized (PII is stripped while transactional records are kept in aggregated form for audit purposes).

7. Your Rights and Choices

You have control over your data on our platform. Depending on your location, you may also have additional rights under laws like the California Consumer Privacy Act (CCPA) or the General Data Protection Regulation (GDPR).

Rights Available to All Users

• Access: Request a copy of your personal data
• Correction: Request correction of inaccurate information
• Deletion: Request deletion of your personal data, subject to the regulatory retention obligations described in Section 6
• Export / Portability: Request your data in a portable format
• Opt-Out: Opt out of marketing communications (account-related and security messages cannot be opted out of while you have an active account)
• Withdraw Consent: Where processing relies on consent, withdraw that consent at any time

How to Initiate Account Closure or Data Deletion

End consumers can close their account directly from inside the Customer Portal:

1. Sign in to the Customer Portal provided by your ISP
2. Go to Account from the navigation menu
3. Scroll to Close your account
4. Click Close my account and follow the multi-step flow (reason → disclosure of what is retained → confirmation)
5. Your request is submitted; you can withdraw it any time before the effective closure date from the same screen

Platform users (ISP staff and field workers) can close their account by contacting their internal administrator, who can deactivate the account in the admin console.

To exercise any other rights described above, contact us at [email protected]. We respond to verifiable requests within 45 days (CCPA) or 30 days (GDPR), with up to one extension where allowed by law.

California Residents (CCPA / CPRA)

California residents have additional rights under the California Consumer Privacy Act, including the right to know what personal information is collected, the right to delete personal information, the right to correct inaccurate personal information, the right to opt out of the sale or sharing of personal information (we do not sell or share for cross-context behavioral advertising), and the right to non-discrimination for exercising any of these rights. To exercise California-specific rights, email [email protected] with the subject line "CCPA Request" and indicate which right you wish to exercise.

European Economic Area, United Kingdom, and Switzerland (GDPR / UK GDPR)

If you are in the EEA, UK, or Switzerland, the lawful basis for processing your personal data is one of: (a) your consent, (b) the necessity of processing to perform a contract with you, (c) compliance with our legal obligations, or (d) our legitimate business interests in operating and securing the platform. You have the rights to access, rectify, erase, restrict, or object to processing of your data, and to data portability and to lodge a complaint with a supervisory authority. PacketProspector is the data controller for its own platform users; for end-consumer data processed on behalf of an ISP, the ISP is the data controller and PacketProspector is the data processor.

8. Multi-Tenant Data Isolation

PacketProspector is a multi-tenant platform. Each tenant's (ISP's) data is logically isolated:

• Your data is only accessible to your organization and authorized users
• Other tenants cannot access your data
• We do not share data between tenants
• Administrative access is logged and audited

9. Cookies and Tracking

We use cookies and similar technologies to:

• Essential Cookies: Required for authentication and platform functionality
• Analytics Cookies: Help us understand how you use our platform
• Preference Cookies: Remember your settings (theme, language)

You can control cookies through your browser settings.

10. International Data Transfers

Your information may be transferred to and processed in the United States and other countries where our service providers operate. We ensure appropriate safeguards are in place for international transfers.

11. Children's Privacy

Our platform is not intended for children under 13, and we do not knowingly collect information from children under 13. The Dispatch field worker app and the Customer Portal are business and account-management tools and are not directed to children. If you believe we have inadvertently collected information from a child, please contact us at [email protected] and we will delete it.

12. Mobile App Permissions, Push Notifications, and How to Revoke Consent

Our mobile apps request the following device permissions only as needed for the features that use them. You can grant or revoke each one at any time from your device settings, and the app will continue to work in a reduced-feature mode if permissions are denied.

• Location (When In Use): Used to display your position on the field-job map, navigate to customer addresses, and geotag installation photos. Revoke at iOS: Settings → Privacy & Security → Location Services → Dispatch. Android: Settings → Apps → Dispatch → Permissions → Location.
• Camera: Used to capture install photos and scan equipment QR codes. Revoke at iOS: Settings → Privacy & Security → Camera → Dispatch.
• Photo Library: Used to attach existing photos to a job record. Revoke at iOS: Settings → Privacy & Security → Photos → Dispatch.
• Face ID / Touch ID: Used for biometric sign-in. Revoke at any time inside the app at Profile → Face ID toggle.
• Push Notifications: Used to alert you to new job assignments, schedule changes, urgent tickets, and account events. Revoke at iOS: Settings → Notifications → Dispatch, or inside the app at Profile → Notifications.

Disabling a permission disables only the feature that depends on it. The rest of the app continues to function.

13. Apple App Store Privacy Disclosure (iOS)

This section is provided to align with Apple's App Privacy framework and our App Store privacy declarations. Together with the disclosures above, it gives you a complete picture of how the Dispatch iOS app handles data.

Data We Collect Through the iOS App

• Name, Email, Phone, Physical Address (linked to your account)
• Coarse and Precise Location (linked to your account; only while the app is in use)
• Photos or videos you capture in-app (linked to your account)
• Device identifier (push notification token, linked to your account)
• Crash data (linked to an anonymous user identifier, never to your name or email)

App Tracking Transparency

We do not track you. The Dispatch app does not use the iOS Advertising Identifier (IDFA) or any cross-app or cross-website tracking technology, does not link your data with data collected by other companies for advertising or advertising measurement purposes, and does not share your data with data brokers. Because we do not track, the Dispatch app does not display an App Tracking Transparency prompt.

Privacy Manifest

The Dispatch iOS app ships with an Apple Privacy Manifest (PrivacyInfo.xcprivacy) declaring the data categories listed above and the required-reason APIs the app accesses (UserDefaults for storing the push installation ID and biometric enrollment state; file timestamps used by the in-app web view's cache). These declarations match the Data We Collect list above.

14. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on our website and, where appropriate, by email. Your continued use after changes take effect constitutes acceptance.

15. Contact Us

If you have questions about this Privacy Policy or our privacy practices: