This Privacy Policy explains how Harlan LLC (“Harlan,” “we,” “us,” or “our”) collects, uses, shares, and protects personal information in connection with LawnLineup — our web portal, mobile apps, and related services (the “Service”). It applies to the people who run lawn care businesses on LawnLineup, the staff they invite, and the homeowners and other clients they serve.
1. Two roles, two relationships
LawnLineup is used by lawn care businesses (each a “Business Customer”) to manage their work, including information about their own clients (“End Customers”). Our role depends on whose information is involved:
- For Business Customers and their staff — we are the controller of the account, profile, and billing information needed to provide the Service, and this Policy governs how we handle it.
- For End Customer information a Business Customer enters or generates (client contact details, service addresses, jobs, quotes, invoices, payments) — we act as a service provider/processor on that Business Customer’s behalf. The Business Customer decides how that information is used. If you are an End Customer, please direct privacy requests to the business that serves you; we will support them in responding.
2. Information we collect
Account and profile information
When you create or join an account, we collect your name, email address, optional phone number, your role (owner, manager, or employee), and — for a Business Customer — your company name and business address. We geocode business and service addresses into map coordinates to power scheduling and routing.
Authentication information
LawnLineup uses passwordless sign-in. We do not store passwords. When you sign in, we email you a one-time code; we store only a hashed, short-lived version of that code, plus session tokens (and, for security, the type of browser or app and the time of access) so we can keep you signed in and detect misuse.
Business and operational data
To run your business, the Service stores the information you enter and generate, including: your clients’ names, email addresses, phone numbers, service addresses, and notes; jobs and visits; crews and schedules; time-tracking records; and quotes and invoices. Much of this is End Customer information that the Business Customer controls.
Location information
LawnLineup does not track your device’s real-time GPS location. The only location data we use comes from the property addresses you enter, which we convert into map coordinates (geocoding) and use to calculate drive times and optimize routes. We cache these address-to-coordinate and drive-time lookups to reduce repeated requests.
Payment and billing information
Subscription billing and online customer payments are handled by Stripe. We do not collect or store full payment card numbers; Stripe processes card details directly. We retain billing records such as your plan, billing interval, subscription status, the Stripe identifiers associated with your account, and — for customer invoice payments — amounts, fees, tax calculations, and payment status.
Device and notification information
If you enable push notifications, we store the device push token issued by Apple or Google, your platform, and your app version so we can deliver notifications.
Diagnostic and log information
To keep the Service reliable and secure, our servers and our error-monitoring provider record technical information such as error reports, request metadata, and timestamps. We do not use this for advertising.
Communications
If you contact us for support or other inquiries, we keep your messages and contact details to respond and keep records.
Cookies and local storage
We use only the cookies and local storage needed to make the Service work — for example, a secure session cookie to keep you signed in to the web portal, and local storage for interface preferences such as your saved layout. We do not use third-party advertising or cross-site tracking cookies, and we do not run product analytics or tracking pixels.
3. How we use information
- provide, operate, maintain, and secure the Service;
- authenticate sign-in and protect against fraud and unauthorized access;
- process subscriptions and enable online customer invoice payments;
- geocode addresses, calculate drive times, and optimize routes;
- send transactional messages such as sign-in codes, invitations, notifications, and invoice/payment emails;
- provide support and respond to your requests;
- monitor, debug, and improve performance and reliability; and
- comply with legal obligations and enforce our Terms.
4. How we share information
We do not sell your personal information, and we do not share it for cross-context behavioral advertising. We share information only as described below.
Service providers (subprocessors)
We use a small set of trusted providers to operate the Service. Each receives only the information needed for its function and is bound to protect it:
| Provider | Purpose | Information involved |
|---|---|---|
| Stripe | Subscription billing, customer invoice payments, and sales-tax calculation | Business and End Customer billing details, payment amounts, addresses for tax |
| Mailgun | Sending transactional email | Recipient email addresses and message contents (e.g., codes, invitations, invoice links) |
| Mapbox | Geocoding, drive times, and routing | Property addresses and map coordinates |
| Sentry | Error and performance monitoring | Technical diagnostics and error reports |
| DigitalOcean | Cloud hosting, database, and file storage | All Service data, stored and processed on our behalf |
Within your business
Information in a Business Customer’s account is visible to that business’s Authorized Users according to their roles and permissions.
End Customers
When a Business Customer sends a quote or invoice, the relevant details are made available to the intended End Customer through a secure link.
Legal and safety
We may disclose information if required by law or legal process, or where we believe in good faith that disclosure is necessary to protect rights, safety, or the integrity of the Service.
Business transfers
If we are involved in a merger, acquisition, financing, or sale of assets, information may be transferred as part of that transaction, subject to this Policy.
5. Data retention and deletion
We keep personal information for as long as your account is active and as needed to provide the Service, then delete or de-identify it as described here:
- sign-in codes expire within minutes; sessions expire and can be revoked;
- address and drive-time caches refresh periodically;
- when an account owner deletes a Business Customer account, we delete the company’s account and associated Customer Data; when an individual staff member deletes their own account, their personal sign-in credentials are removed and their access is revoked;
- we may retain limited records where required for legal, tax, or accounting purposes, and copies may persist in routine backups for a limited period before being overwritten.
6. Security
We use technical and organizational measures designed to protect personal information, including encryption in transit, hashed authentication codes, tenant isolation so each business’s data is kept separate, scoped access for staff, and reputable cloud infrastructure. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.
7. Your choices and rights
You can view and update much of your information directly in the Service, and account owners can delete their account. Depending on where you live, you may also have rights to access, correct, delete, or obtain a copy of your personal information, and to appeal a decision about a request. To make a request, email [email protected]. We will verify your request and respond as required by law. We will not discriminate against you for exercising these rights.
If you are an End Customer of a Business Customer, the business controls your information in the Service. Please direct your request to that business; if you contact us, we will refer your request to them and assist as their service provider.
8. California privacy rights
This section provides additional detail for California residents under the California Consumer Privacy Act, as amended (CCPA/CPRA).
Categories of personal information we collect
- Identifiers — name, email, phone, account and device identifiers, address.
- Commercial information — subscription, invoice, and payment records.
- Geolocation — coarse location derived from property addresses (not device GPS).
- Internet or network activity — diagnostic logs and error reports.
- Professional or employment information — your role and work scheduling/time records.
We collect these from you and your Business Customer, and use and disclose them for the business purposes described in this Policy. We retain them as described in “Data retention and deletion.”
Sale and sharing
We do not sell personal information, and we do not share it for cross-context behavioral advertising. We do not knowingly sell or share the personal information of minors.
Your California rights
You may request to know, access, correct, or delete your personal information, and to receive it in a portable format. You may use an authorized agent to submit a request. To exercise these rights, email [email protected].
9. Children’s privacy
The Service is intended for business use and is not directed to children. We do not knowingly collect personal information from anyone under 16. If you believe a child has provided us information, contact us and we will delete it.
10. Where your information is processed
We are based in the United States and process information in the United States. If you access the Service from outside the United States, you understand that your information will be processed here.
11. Changes to this Policy
We may update this Policy from time to time. If we make material changes, we will provide notice (for example, by email or in the Service). The “Last updated” date at the top reflects the current version.
12. Contact us
For privacy questions or requests, contact us at [email protected].
Harlan LLC
South Carolina, USA