24/7 Emergency Service Sacramento, CA
+1 (916) 472-8163 kopl.mv@gmail.com

Privacy Policy

How we handle your information

Last updated: April 8, 2026

This Privacy Policy describes how The Plumbing Spot ("we", "us", "our") operating the website at theplumbingspot.com ("the Website") collects, uses, stores, and protects your information, including information obtained through our integration with the Thumbtack API.

1. Information We Collect

We may collect the following categories of information:

  • Booking Information: Your name, phone number, email address, physical address, preferred service date and time, and project description when you submit a booking request through our website.
  • Review Information: Your name, city, rating, and review text when you submit a customer review.
  • Thumbtack Lead Data: Customer first name, service category, project description, and location data received through the Thumbtack API when a new lead (negotiation) is created on the Thumbtack platform.
  • Thumbtack Messages: Text content of messages exchanged between our business and customers through the Thumbtack messaging system.
  • Thumbtack Business Data: Business name, business ID, service categories, and account information retrieved via the Thumbtack API.
  • Technical Data: Server logs that may include IP addresses, browser type, and access timestamps.

2. How We Use Information

We use the collected information for the following purposes:

  • Processing and managing booking requests for plumbing services.
  • Communicating with you about your service requests and scheduling.
  • Displaying approved customer reviews on our website.
  • Sending automated responses to new leads received through the Thumbtack platform.
  • Logging lead and message activity for operational monitoring.
  • Sending booking notifications to our team via Telegram (when enabled).
  • Improving our services and website experience.

We do not use personal information for marketing to third parties, user profiling, targeted advertising, or any purpose unrelated to providing our plumbing services and facilitating communication via the Thumbtack platform.

3. Data Sharing

We do not sell, rent, trade, or otherwise share your personal information with any third parties, except:

  • Thumbtack: Data is transmitted back to Thumbtack as part of normal API communication (e.g., sending reply messages to leads).
  • OpenAI: Customer message text and project descriptions may be processed by OpenAI's API (GPT) to generate personalized auto-reply messages. Only the minimum necessary information is sent, and OpenAI's data is not used for training. See OpenAI's Privacy Policy for details.
  • Telegram: When enabled, new booking notifications (service details only) may be sent to our private Telegram channel for scheduling purposes.
  • Legal Requirements: We may disclose information if required by law or in response to valid legal process.

4. Data Storage and Security

  • All data is stored on a private, access-controlled server.
  • The website database (H2) is stored locally with restricted file-system permissions.
  • All communications with our website are encrypted via TLS/HTTPS using Let's Encrypt certificates.
  • API credentials and OAuth tokens are stored in configuration files with restricted access.
  • Thumbtack webhook payloads are verified using HTTP Basic Authentication with credentials validated via constant-time comparison.
  • Admin access is protected by password authentication with BCrypt hashing.
  • CSRF protection is enabled for all form submissions.

5. Data Retention and Deletion

  • Booking data is retained as long as necessary for business operations and record-keeping.
  • Customer reviews are retained while they remain relevant and approved.
  • Log data is periodically rotated and old logs are removed.
  • Thumbtack OAuth tokens are refreshed automatically; old tokens are overwritten.
  • Upon termination of our Thumbtack API access or at Thumbtack's request, all Thumbtack-sourced data will be deleted within 5 business days.
  • You may request deletion of your personal data by contacting us (see below).

6. Thumbtack API Compliance

Our use of the Thumbtack API is governed by the Thumbtack API Terms of Use. All API Data (as defined in those Terms) is treated as confidential information and processed in compliance with all applicable privacy laws, including the California Consumer Privacy Act (CCPA/CPRA). We comply with all applicable data handling requirements, including:

  • Using API data only for the purposes described and approved by Thumbtack.
  • Holding all API Data and non-public API Documentation in strict confidence.
  • Not storing data longer than necessary for the stated purpose.
  • Deleting all Thumbtack data promptly (within 5 business days) upon API access revocation or at Thumbtack's reasonable request.
  • Implementing appropriate security measures to protect API data.
  • Processing personal information received through the API solely for the purpose of providing plumbing services as a Service Professional.

7. Data Breach Notification

In the event we become aware of any unauthorized access to API Data or other personal information, we will:

  • Immediately notify Thumbtack of the incident.
  • Cooperate with Thumbtack's investigation and any legally required notices.
  • Promptly provide any information reasonably requested by Thumbtack.
  • Notify affected individuals as required by applicable law.

8. Your Rights

You have the right to:

  • Request information about what personal data we have collected about you.
  • Request correction or deletion of your personal data.
  • Opt out of receiving automated messages and communications.
  • Revoke Thumbtack OAuth authorization at any time through Thumbtack's platform settings.

9. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected data from a child, please contact us immediately.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be reflected by updating the "Last updated" date at the top of this page. Continued use of the Website after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

  • Website: theplumbingspot.com
  • Email: kopl.mv@gmail.com
  • Thumbtack: Contact us through our business profile on Thumbtack
Book Now