Privacy Policy

Summary

DoneLocal operates a home services marketplace at donelocal.com. We collect the minimum information needed to match homeowners with service professionals, process bookings and payments, and notify both parties about job status. We do not sell your personal information. We do not use your information for advertising to third parties. We do not share mobile phone numbers or SMS opt-in data with any third party for any purpose.

This policy explains what we collect, why we collect it, how we use and protect it, and what rights you have. If you have questions, email us at privacy@donelocal.com.

Who we are

DoneLocal is operated at donelocal.com. References to "we," "us," and "our" throughout this policy mean DoneLocal. References to "you" mean any user of our site or service — homeowners booking services ("Customers"), service professionals applying or working through our platform ("Pros"), and visitors to donelocal.com.

Information we collect

Information you provide directly

• Customers: name, email address, phone number, service address (street, unit, city, state, zip), access notes (e.g. gate codes, parking instructions), descriptions of the requested job, photos you choose to upload, and payment information (processed by our payment provider, see below).
• Pros: name, email address, phone number, password (stored as a salted hash — we never see your plaintext password), service categories, coverage areas, driver's license or government ID, proof of insurance, bank account details for payouts (processed by our payment provider), and tax information where required by law.
• All users: any message you send us, any review or rating you submit, and any support correspondence.

Information collected automatically

• Device and usage data: IP address, browser type, operating system, pages visited, timestamps, and referring URLs.
• Cookies and similar technologies: session cookies for authentication, preference cookies to remember your settings, and limited analytics cookies to understand how the site is used.

Information from third parties

• Payment processor (Stripe): confirmation of successful payments, payment method metadata (last four digits, brand), and payout status.
• Location lookup (Zipcodebase): city and region data tied to zip codes you enter.

How we use your information

• To create and manage your account.
• To match Customers with Pros based on service category, coverage area, and availability.
• To send transactional notifications about your bookings or jobs (see SMS section below for specifics).
• To process payments and payouts through our payment provider.
• To verify Pro identity, license, and insurance before account approval.
• To provide customer support and respond to questions or disputes.
• To detect, investigate, and prevent fraud, abuse, and security incidents.
• To comply with legal obligations.
• To improve the service — for example, understanding which features are used most — in aggregated, non-identifying form.

We do not use your information to send marketing or promotional messages via SMS. We do not share your information with advertisers or data brokers.

SMS messaging and mobile opt-in data

This section describes how we handle mobile phone numbers and consent related to SMS messaging. It applies to all SMS communications sent from DoneLocal-operated toll-free numbers.

What SMS is used for

SMS from DoneLocal is transactional only — we do not use SMS for marketing. Messages are limited to:

• Pros: job dispatch notifications when a Customer booking matches your service area and category; status updates and customer questions routed through the platform related to jobs you have claimed; account-related notifications such as approval or password reset.
• Customers: booking confirmations, pro assignment alerts, pro en-route and on-site notifications, job completion notifications, review requests, and support correspondence tied to a specific booking.

How we collect consent

We never send SMS without explicit, affirmative opt-in from the recipient.

Pros opt in via a double opt-in flow. At application time on our pro signup page, applicants must tick a required, unchecked-by-default consent checkbox stating that they agree to receive transactional SMS from DoneLocal. On submission, we send a confirmation SMS asking the applicant to reply YES, and only after receiving a YES reply do we begin sending dispatch messages. We record the consent timestamp, IP address, and the exact language the applicant agreed to.

Customers opt in via a required, unchecked-by-default consent checkbox on the booking form contact step. We record the consent timestamp, IP address, and the exact language shown.

In both cases, the exact consent language is snapshotted and stored alongside the user's record so that we can always demonstrate what a given user agreed to at a given time.

Message frequency

Pro message frequency varies based on job volume in the pro's service area; active pros typically receive approximately 5–15 messages per week. Customer message frequency is approximately 4–6 messages per booking. Message and data rates may apply per your wireless carrier's plan.

Opting out

You can opt out of SMS at any time by replying STOP to any message we send you. We will send one confirmation reply acknowledging the opt-out, after which no further SMS will be sent to that number until you explicitly resubscribe by replying START.

Opt-outs are processed within seconds via our inbound SMS webhook. We maintain a phone-number-keyed opt-out registry that is checked before every outbound message; a number on this registry cannot receive SMS from DoneLocal regardless of the account it is associated with.

Getting help

Reply HELP to any DoneLocal SMS message, or email support@donelocal.com.

Sharing of mobile phone numbers and SMS opt-in data

DoneLocal does not share mobile phone numbers or SMS opt-in data with any third party or affiliate for marketing purposes, ever. No mobile information will be shared with third parties or affiliates for marketing or promotional purposes. All categories of personal information we collect exclude mobile opt-in data and consent from sharing with third parties.

Phone numbers are shared with our SMS provider (SignalWire) solely to deliver the transactional messages you have opted in to receive. They are not shared with any other service for any purpose.

How we share information

We share information only in the limited circumstances below.

• Between Customer and Pro, to facilitate a job: once a Pro has claimed a Customer's booking, we share the Customer's first name, service address, and job details with the assigned Pro. We share the Pro's first name and star rating with the Customer. We never share the Customer's last name, email, or phone with the Pro directly, and we never share the Pro's last name, personal phone, email, or home address with the Customer. Pro and customer communication after a job is claimed is routed through the DoneLocal platform rather than via direct contact info exchange.
• Service providers: we use vetted third-party services to run the platform — Stripe (payments), SignalWire (SMS delivery), Uploadthing (document and photo storage), AWS (hosting), Pusher (real-time updates), and Zipcodebase (location lookup). These providers receive only the information necessary to perform their function and are contractually prohibited from using it for any other purpose.
• Legal and safety: we may disclose information if required by law, subpoena, or court order, or if we reasonably believe disclosure is necessary to protect rights, property, or safety.
• Business transfers: if we are acquired or merge with another company, your information may transfer as part of that transaction. We will provide notice before your information becomes subject to a different privacy policy.

We do not sell your personal information. We do not share your personal information with advertisers or data brokers.

How we protect information

We use industry-standard security practices. All traffic to and from donelocal.com is encrypted in transit via HTTPS. Passwords are stored as salted bcrypt hashes. Payment information is handled by Stripe and never stored on our servers. Access to production systems is limited to authorized personnel and logged.

No system is perfectly secure. If we become aware of a security incident affecting your personal information, we will notify affected users in accordance with applicable law.

How long we keep information

We retain account information for as long as your account is active. Job records, payment records, and related financial data are retained for at least seven years to meet tax and accounting requirements. SMS audit logs (message content, delivery status, consent state) are retained for at least four years for regulatory compliance and dispute resolution. If you delete your account, we will delete or anonymize your personal information except where retention is required by law.

Your rights

Depending on where you live, you may have the following rights regarding your personal information.

• Access: request a copy of the personal information we hold about you.
• Correction: ask us to correct inaccurate or incomplete information.
• Deletion: ask us to delete your personal information, subject to legal retention requirements.
• Opt out of SMS: reply STOP to any DoneLocal message at any time.
• Do Not Sell or Share (California residents): we do not sell or share personal information as those terms are defined under California law, so there is nothing to opt out of — but you may confirm this in writing by emailing us.
• Non-discrimination: we will not discriminate against you for exercising any of these rights.

To exercise any of these rights, email privacy@donelocal.com from the email address on file with your account. We will respond within the timeframe required by applicable law (typically 30–45 days).

Children's privacy

DoneLocal is not intended for use by anyone under 18. We do not knowingly collect personal information from children. If you believe we have collected information from a minor, please contact us and we will delete it.

International users

DoneLocal operates from and stores data in the United States. If you access the service from outside the United States, you understand your information will be transferred to and processed in the United States, which may have different data protection laws than your jurisdiction.

Changes to this policy

We may update this policy from time to time. If we make material changes, we will update the effective date at the top and, where legally required, notify you directly. Continued use of DoneLocal after an update constitutes acceptance of the revised policy.

Contact us

Privacy questions: privacy@donelocal.com
General support: support@donelocal.com
Website: donelocal.com