Who we are
JLCS ("JLCS," "we," "us") provides JLCS Essentials — a multi-tenant operations platform for field-based teams, delivered as a mobile app and a web platform. For anything in this policy, contact jlcs@jlcs.app.
LEGAL
Privacy Policy
This is the privacy policy for the JLCS Essentials mobile app on iOS and Android and for the jlcs.app website. It explains what data we collect, how it's used, who can see it, how it's protected, and how to delete it.
Last updated: June 12, 2026 · Applies to: JLCS Essentials app (Apple App Store · Google Play) and jlcs.app
01 — SCOPE & ROLES
One policy — the app and the website.
Your employer runs your tenant
If you use the app for work, your employer (or the company that invited you) operates its own JLCS tenant and decides which modules are on, who can see what, and how long records are kept. For that data your employer is the data controller and JLCS processes it on their instructions. Questions about your employer's configuration or policies go to your administrator first.
For data you give us directly on this website — such as a demo request — JLCS is responsible for it under this policy.
02 — THE DATA
What we collect, and when.
Data you or your employer provide
Account and profile data: name, work email, phone number, employee ID, badge photo, role, and certifications. Work records you create in the app: check-ins and check-outs, daily reports, timecards, on-screen signatures, inspections, safety incidents (including injury details and post-accident drug-test results where your employer uses those modules), expenses and receipts, lodging stays, and documents you sign or upload.
Collected by the app when you use it
| LOCATION | precise GPS captured at the moment you check in or check out, to validate the job-site geofence. The app does not track your location in the background. |
| CAMERA & PHOTOS | photos you choose to take or attach — site photos, receipts, inspections, incident documentation. |
| QR / NFC | the tag identifier scanned at gates, tools, parts, and rigs. |
| SIGNATURES | on-screen signatures for JHAs, documents, and sign-offs. |
| NOTIFICATIONS | a push token, only if you enable notifications. |
| DEVICE & DIAGNOSTICS | device model, OS and app version, IP address, and crash/error logs used to keep the app working. |
Every permission — location, camera, photos, NFC, notifications — is asked for in context and can be revoked anytime in your device settings.
From this website
If you request a demo we collect what you submit: name, company email, company name, company size, and your notes. Our web server keeps basic access logs. This site uses no advertising trackers.
What we don't do
We do not sell personal data. We do not show third-party advertising. We do not track you across other companies' apps or websites. Per-tenant data is never used to train shared AI models.
03 — HOW IT'S USED
Used to run the record — nothing else.
Operating the service
Your data flows through the shared record to do the work you see: a check-in becomes a daily-report row and a timecard; an incident becomes an OSHA 300 entry; a receipt becomes a coded expense. We also use it to provide support and to secure the service.
Your employer's compliance
Where your employer uses those modules, records support legally required artifacts — OSHA 300 logs, certified payroll, DOT drug-testing pools with chain-of-custody documents. Some of these carry statutory retention periods set by law, not by us.
AI features
AI is used for receipt scanning, charge-to-stay matching, drafting warnings from incidents, weekly report summaries, and an HR chatbot that answers only from your company's own handbook and knowledge base. Your tenant's data is processed to deliver these features to your tenant — never to train models shared with anyone else.
04 — SHARING
Who can see it.
Your employer
People in your company see your work records according to the roles and permissions your administrator sets. Every access and change is written to a per-action audit log.
Service providers
We use a small set of providers to run the platform — hosting and infrastructure, AI processing, email and SMS delivery, form and scheduling tools on this website (for example Netlify and Google Calendar for demo requests), and Stripe for subscription billing. They process data only on our instructions and are bound by contract to protect it at least as strictly as this policy. We do not share data with data brokers or advertisers.
Public-link surfaces
Your employer can generate tokenized public links — vendor portals, document signing, inspection forms — that expose only the specific record they point to, without a login, and with a full audit trail.
Legal and business events
We disclose data when the law requires it or to protect people's safety and our rights. If JLCS is ever part of a merger or acquisition, this policy continues to apply to your data and we'll notify tenants of any change.
05 — SECURITY
Protected at every layer.
How data is protected
TLS 1.2+ in transit, AES-256 at rest, per-tenant key separation for sensitive fields, role-based access control, per-action audit logs, and per-tenant subdomain isolation. Nobody sees your records but you and the people your employer authorizes.
If something goes wrong
If a breach affects your data, we notify the affected tenants without undue delay and tell them what happened, what was involved, and what we're doing about it.
06 — RETENTION & DELETION
Kept while it's needed. Deleted when it's not.
How long we keep data
Work records are kept while your employer's tenant is active, under the retention settings your employer configures. Some records — certified payroll, OSHA logs, drug-testing chain-of-custody — have retention periods required by law and are kept for those periods. When a tenant ends its subscription, its data is deleted or returned per its agreement with us.
Delete your account
Accounts are provisioned by your employer's administrator — the app has no self-service account creation. To delete your account and the personal data tied to it, use our account deletion form (you don't need the app installed), ask your employer's administrator, or email jlcs@jlcs.app from your account email. We verify every request and complete it within 30 days. Records your employer is legally required to retain (for example payroll or OSHA records) are kept by the employer for the legally mandated period and then deleted.
Withdraw a permission anytime
Location, camera, photos, NFC, and notifications can each be turned off in your iOS or Android settings at any time. The app keeps working; only the feature that needs the permission stops (for example, geofence-validated check-ins need location at the moment of the scan).
07 — YOUR RIGHTS
Your choices, wherever you are.
Access, correction, deletion, portability
Depending on where you live (including under the GDPR and the CCPA), you may have the right to access, correct, delete, or export your personal data, and to object to or restrict certain processing. For work records, start with your employer's administrator — they control the tenant. For anything else, email jlcs@jlcs.app. We never penalize anyone for exercising a privacy right.
Children
JLCS Essentials is a workplace tool. It is not directed at children under 16, and we do not knowingly collect data from them.
Where data is processed
Data is processed in the United States and in the locations where our service providers operate, with contractual safeguards applied to transfers.
Changes to this policy
If we make material changes we'll update this page, change the date at the top, and notify tenants through the app or their administrators before the changes take effect.
Contact
JLCS — Attn: Privacy · jlcs@jlcs.app. We respond to every privacy request.