Legal

Privacy Policy

Effective date: 2026-01-19Last updated: 2026-01-19

1. Scope

This Privacy Policy describes how SprayLedger collects, uses, shares, and retains information when you use SprayLedger.

2. Key statement: we do not submit your records to authorities

SprayLedger does not automatically submit your pesticide application logs or exports to the EPA, USDA, or state agencies. You choose if, when, and to whom you export or share records. We may disclose information if required by law or valid legal process.

3. Information we collect

Account information: Name, email, phone number (optional), password/auth tokens, organization/tenant name, role (Owner/Manager/Applicator/Viewer).
Logbook and operational data (Customer Data): Pesticide application logs and related fields you enter, including product information, EPA registration number, amounts, time/date, location/site, crop/site, area, applicator identifiers, approval history, void status, notes, attachments (if enabled), and exported files.
Location data: GPS coordinates and derived site/location descriptions if you enable location collection or select a site. Location may be collected at log time and may be included in exports.
Weather and enrichment data: If enabled, we may request weather snapshots using time and location to populate wind/temperature/humidity fields. If enabled, we may query product datasets for lookup features using identifiers or product search text.
Device and usage data: Device identifiers, operating system version, app version, crash logs, performance metrics, and basic usage events for security and reliability.
Communications: Messages you send to support and any information you provide in those communications.
Notifications: If you enable email/SMS notifications, we process recipient contact details and notification content needed to deliver the message.

4. How we use information

Provide the Service (create logs, sync data, manage tenants/roles, generate exports).
Maintain an audit trail (approvals, timestamps, voiding history).
Provide offline capability and synchronization.
Deliver notifications you request.
Provide customer support.
Secure the Service (fraud prevention, access control, abuse detection).
Improve reliability and performance.

5. How we share information

Within your organization (multi-tenant): Customer Data is shared with users in the same tenant according to roles/permissions set by the Account Owner/Managers.
Service providers: We share information with vendors that help operate the Service (cloud hosting/storage, databases, analytics, crash reporting, email/SMS delivery). They act as service providers/processors under contract.
Integrations you enable: If you enable weather or product lookup integrations, limited information may be sent to those providers (for example, location/time for weather; lookup terms/identifiers for product search). We do not control those providers’ services.
Legal and safety: We may disclose information if we believe disclosure is required by law, legal process, or to protect rights, safety, and security.
Business transfers: If we are involved in a merger, acquisition, financing, or sale of assets, information may be transferred as part of that transaction.

6. Data retention

Service retention: We retain Customer Data while the account is active and for 3 years by default, unless you configure a longer retention period.
Your responsibility: You are responsible for retaining pesticide records for the period required by law, labeling, contracts, and audits, including keeping copies outside the Service if needed.
Deletion and backups: If you delete data or close an account, we will delete or de-identify data within 30 days, except where we must retain it for legal, security, or backup purposes. Backups may persist for up to 90 days.

7. Security

We use administrative, technical, and physical safeguards designed to protect information. No system is 100% secure. You are responsible for choosing strong credentials and controlling tenant access.

8. Your choices and controls

Access and export: you can export logs using the Service’s export tools.
Role controls: Account Owners/Managers can add/remove users and control access.
Location: you can disable location permissions, but some features may not work.
Notifications: you can enable/disable email/SMS notifications.

9. Children

The Service is not intended for children under 13. We do not knowingly collect personal information from children under 13.

10. International users

If you use the Service outside the United States, your information may be processed in the United States and other locations where we or our service providers operate.

11. Changes

We may update this Privacy Policy by posting a new version with an updated “Last updated” date.

12. Contact

SprayLedger, Roederbergweg 12, 60385 Frankfurt am Main, Germany. Privacy contact: privacy@sprayledger.com. Support: support@sprayledger.com.

3. Information we collect

Account information: Name, email, phone number (optional), password/auth tokens, organization/tenant name, role (Owner/Manager/Applicator/Viewer).

Logbook and operational data (Customer Data): Pesticide application logs and related fields you enter, including product information, EPA registration number, amounts, time/date, location/site, crop/site, area, applicator identifiers, approval history, void status, notes, attachments (if enabled), and exported files.

Location data: GPS coordinates and derived site/location descriptions if you enable location collection or select a site. Location may be collected at log time and may be included in exports.

Weather and enrichment data: If enabled, we may request weather snapshots using time and location to populate wind/temperature/humidity fields. If enabled, we may query product datasets for lookup features using identifiers or product search text.

Device and usage data: Device identifiers, operating system version, app version, crash logs, performance metrics, and basic usage events for security and reliability.

Communications: Messages you send to support and any information you provide in those communications.

Notifications: If you enable email/SMS notifications, we process recipient contact details and notification content needed to deliver the message.

4. How we use information

Provide the Service (create logs, sync data, manage tenants/roles, generate exports).

Maintain an audit trail (approvals, timestamps, voiding history).

Provide offline capability and synchronization.

Deliver notifications you request.

Provide customer support.

Secure the Service (fraud prevention, access control, abuse detection).

Improve reliability and performance.

5. How we share information

Within your organization (multi-tenant): Customer Data is shared with users in the same tenant according to roles/permissions set by the Account Owner/Managers.

Service providers: We share information with vendors that help operate the Service (cloud hosting/storage, databases, analytics, crash reporting, email/SMS delivery). They act as service providers/processors under contract.

Integrations you enable: If you enable weather or product lookup integrations, limited information may be sent to those providers (for example, location/time for weather; lookup terms/identifiers for product search). We do not control those providers’ services.

Legal and safety: We may disclose information if we believe disclosure is required by law, legal process, or to protect rights, safety, and security.

Business transfers: If we are involved in a merger, acquisition, financing, or sale of assets, information may be transferred as part of that transaction.

6. Data retention

Service retention: We retain Customer Data while the account is active and for 3 years by default, unless you configure a longer retention period.

Your responsibility: You are responsible for retaining pesticide records for the period required by law, labeling, contracts, and audits, including keeping copies outside the Service if needed.

Deletion and backups: If you delete data or close an account, we will delete or de-identify data within 30 days, except where we must retain it for legal, security, or backup purposes. Backups may persist for up to 90 days.