Privacy Policy
Last updated: April 21, 2026
Strobi LLC, doing business as EosLog ("EosLog," "we," "us," or "our"), is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our platform, website (eoslog.com), mobile applications, and related services (collectively, the "Service").
By using the Service, you agree to the practices described in this Privacy Policy. If you do not agree, please do not use the Service.
1. Roles: Controller vs. Processor
We act in two distinct roles depending on the data:
- Controller: For account holder data (your name, email, billing information, usage data), we determine the purposes and means of processing. This Privacy Policy governs our processing as a controller.
- Processor: For data you enter about your clients, jobs, invoices, and other business records ("Customer Data"), we process that data on your behalf and only per your instructions. Our Data Processing Addendum governs our processing as a processor.
If you are an end-client using our client portal, the service company you interact with is the controller of your data, and EosLog processes it on their behalf.
2. Information We Collect
2.1 Information You Provide
| Category | Examples | Purpose |
|---|---|---|
| Account Data | Name, email, phone, company name, password | Account creation, authentication, communication |
| Billing Data | Payment method (via Stripe), billing address, plan details | Subscription management, payment processing |
| Business Data | Clients, jobs, invoices, quotes, services, schedules | Providing the Service |
| Communication Data | Support requests, feedback, emails you send us | Customer support, service improvement |
| SMS Data | Phone numbers, message content, delivery status | Sending transactional SMS on your behalf |
2.2 Information Collected Automatically
- Usage Data: Features used, actions taken, pages visited, time spent
- Device Data: Browser type, operating system, device identifiers
- Log Data: IP address, access times, pages viewed, referring URL
- Cookies: Session cookies for authentication, preference cookies, analytics cookies (see Section 9)
3. How We Use Your Information
- Provide, maintain, and improve the Service
- Process transactions and manage subscriptions
- Send transactional emails (invoices, notifications, password resets)
- Send SMS messages on your behalf to your clients (with your consent and direction)
- Provide customer support and respond to inquiries
- Detect, prevent, and address fraud, security, and technical issues
- Comply with legal obligations
- Develop new features and improve existing ones (using aggregated, de-identified data)
- Send product updates and marketing communications (with your consent; opt-out anytime)
4. Legal Bases for Processing (GDPR)
For users in the EU/EEA/UK, we process personal data based on:
- Contract: Processing necessary to perform our contract with you (providing the Service)
- Legitimate Interests: Improving the Service, ensuring security, preventing fraud
- Consent: Marketing communications, non-essential cookies
- Legal Obligation: Tax records, fraud prevention, law enforcement requests
5. How We Share Your Information
We do not sell your personal information. We share information only as follows:
5.1 Sub-Processors and Service Providers
We use the following third-party service providers to process data on our behalf:
| Provider | Purpose | Data Shared | Location |
|---|---|---|---|
| Stripe | Payment processing, Stripe Connect | Billing data, payment details | US |
| SignalWire | SMS messaging | Phone numbers, message content | US |
| Resend | Transactional email delivery | Email addresses, email content | US |
| Sentry | Error monitoring, diagnostics | Error logs, device data, IP | US |
| Render | Cloud hosting, infrastructure | All data stored in the Service | US |
| Redis Cloud | Caching, background job processing | Session data, job queues | US |
| Intuit (QuickBooks) | Accounting integration (if enabled) | Invoice data, client data, payments | US |
5.2 Other Disclosures
- Legal Requirements: To comply with law, regulation, legal process, or government request
- Rights Protection: To enforce our Terms, protect our rights, privacy, safety, or property
- Business Transfers: In connection with a merger, acquisition, or sale of assets (with notice to you)
- With Your Consent: Any other sharing with your explicit consent
6. International Data Transfers
Our Service is hosted in the United States. If you access the Service from outside the US, your data will be transferred to and processed in the US. We rely on the following mechanisms for lawful data transfers:
- EU/EEA/UK: Standard Contractual Clauses (SCCs) approved by the European Commission, as supplemented by additional safeguards where necessary. Our Data Processing Addendum includes the applicable SCCs.
- Other Jurisdictions: Appropriate safeguards as required by applicable law.
7. Data Retention
| Data Category | Retention Period |
|---|---|
| Account Data | Duration of account + 30 days after deletion |
| Billing Data | Duration of subscription + 7 years (tax/legal requirements) |
| Customer Data (your business records) | Duration of account + 30-day export grace period |
| SMS Data | Up to 12 months (carrier compliance) |
| Usage/Log Data | Up to 24 months |
| Error/Diagnostic Data | Up to 90 days |
We may retain data longer where required by law, to resolve disputes, or to enforce our agreements.
8. Your Privacy Rights
8.1 All Users
- Access: Request a copy of your personal data
- Correction: Request correction of inaccurate data
- Deletion: Request deletion of your personal data (subject to legal retention requirements)
- Portability: Receive your data in a structured, machine-readable format
- Opt-Out: Unsubscribe from marketing communications at any time
8.2 EU/EEA/UK Residents (GDPR)
In addition to the above rights, you have the right to:
- Object to processing based on legitimate interests
- Restrict processing in certain circumstances
- Lodge a complaint with your local data protection authority
- Withdraw consent at any time (without affecting the lawfulness of processing before withdrawal)
8.3 California Residents (CCPA/CPRA)
Under the California Consumer Privacy Act and California Privacy Rights Act, California residents have the following rights:
- Right to Know: Request the categories and specific pieces of personal information we have collected, the sources, business purposes, and third parties with whom we share it
- Right to Delete: Request deletion of personal information we have collected (subject to exceptions)
- Right to Correct: Request correction of inaccurate personal information
- Right to Opt-Out of Sale/Sharing: We do not sell or share your personal information as defined under CCPA/CPRA
- Right to Limit Use of Sensitive Personal Information: We do not use sensitive personal information beyond what is necessary to provide the Service
- Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights
- Authorized Agents: You may designate an authorized agent to submit requests on your behalf
Categories of Personal Information Collected (past 12 months):
- Identifiers (name, email, phone, IP address)
- Commercial information (subscription details, billing history)
- Internet activity (usage data, browsing history on our platform)
- Geolocation data (approximate, derived from IP address)
We do not sell or share personal information as defined under CCPA/CPRA.
8.4 Other US State Privacy Laws
Residents of Virginia, Colorado, Connecticut, Utah, Texas, Oregon, and other states with enacted privacy laws have similar rights, including the right to access, delete, correct, and opt out of certain processing. To exercise these rights, contact us at privacy@eoslog.com.
9. Cookies and Tracking
We use cookies and similar technologies:
- Essential Cookies: Required for authentication and core functionality. These cannot be disabled.
- Analytics Cookies: Help us understand how the Service is used. You can opt out of non-essential cookies.
- Preference Cookies: Remember your settings and preferences.
You can control cookies through your browser settings. Disabling essential cookies may impair the Service's functionality.
10. SMS Communications
When EosLog sends SMS messages on your behalf (appointment reminders, notifications, etc.):
- We act as a processor — you determine who receives messages and what they say
- You are responsible for obtaining proper consent from recipients (TCPA, CTIA)
- Recipients can opt out by replying STOP at any time
- We do not sell or share phone numbers with third parties for marketing purposes
- SMS data is retained for up to 12 months for carrier compliance and dispute resolution
11. Children's Privacy
The Service is not intended for individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we learn that we have collected personal information from a child under 16, we will promptly delete it. If you believe a child has provided us with personal information, please contact us at privacy@eoslog.com.
12. Data Security
We implement appropriate technical and organizational measures to protect your data, including:
- Encryption of data in transit (TLS/SSL) and at rest
- Access controls and authentication
- Regular security assessments and monitoring
- Employee access controls and confidentiality agreements
No method of transmission or storage is 100% secure. We cannot guarantee absolute security, but we are committed to protecting your data.
13. Data Breach Notification
In the event of a personal data breach that poses a risk to your rights and freedoms, we will:
- Notify affected users without undue delay (and within 72 hours where required by GDPR)
- Notify relevant supervisory authorities as required by law
- Provide information about the nature of the breach, likely consequences, and measures taken
14. Third-Party Links and Services
The Service may contain links to third-party websites or integrate with third-party services (e.g., Stripe, QuickBooks). We are not responsible for the privacy practices of third parties. We encourage you to review their privacy policies before providing personal information.
15. Do Not Track
We do not currently respond to "Do Not Track" (DNT) signals from browsers, as there is no industry standard for such signals.
16. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by email or through the Service at least 30 days before changes take effect. The "Last updated" date at the top of this page reflects the most recent revision.
17. Contact Us
For privacy-related questions, data requests, or to exercise your rights:
Strobi LLC (d/b/a EosLog)
2108 N St STE N
Sacramento, CA 95816
General: support@eoslog.com
For EU/EEA inquiries, you may also contact your local data protection authority.
Data Protection Officer: To be designated. In the interim, privacy inquiries are handled by our privacy team at support@eoslog.com.