Privacy Policy
This policy explains how OnPoint Business collects, uses, and protects data across our trade business platform and optional connected services.
1. Introduction
Welcome to OnPoint Business. We value your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, and safeguard your information when using our website and application. Our Terms & Conditions also apply. OnPoint Business is a trade business management platform that helps service companies manage jobs, appointments, contacts, sites, quotes, invoices, payments, certificates, team scheduling, customer communication, and optional connected integrations.
2. What OnPoint Business Does
We use your data to provide the following services:
- Job and project management, offers, and contractor workflows
- Appointment scheduling, calendar, and reminders
- Contacts, sites, and customer records
- Quotes, invoices, job sheets, and payment recording
- Bank payment matching and reconciliation (when you choose to link your bank account — see section 4)
- Optional advertising attribution and offline conversion measurement when you choose to connect Google Ads
- Certificates (e.g. electrical, gas, compliance)
- Team and time management, holidays, and permissions
- Notifications, push alerts, and automatic reminders
- Customer-facing booking and contact portal
3. Information We Collect
Personal and business information
Name, email, phone number, business details, and information you provide for contacts, sites, jobs, and payments.
Usage data
App interactions, preferences, and device information.
Location data
If you enable it, for appointment scheduling and navigation.
Bank account data (optional)
If you link your business bank account via TrueLayer, we receive account identifiers, account display name and provider, and transaction data (e.g. date, amount, description/reference) for incoming payments. We use this only for invoicing and reconciliation as described in section 4. We do not initiate payments or move money.
Google Ads data (optional)
If you choose to connect Google Ads, we may receive and store advertising identifiers and account access tokens needed to attribute ad-driven leads to appointments and upload eligible offline conversions for your business. We only use this data to provide the Google Ads measurement feature you enable.
4. Connected Services Data
OnPoint Business supports optional connected services that you choose to authorise.
Bank account data (TrueLayer)
If you choose to link your business bank account:
- What we access: Account name and provider, and transaction history (incoming credits: date, amount, description/reference). Access is read-only; we cannot initiate payments or transfer funds.
- Why we need it: For invoicing and reconciliation — we match incoming bank payments to your invoices (e.g. when the payment reference contains your invoice number) and automatically mark invoices as paid and record payments. Unmatched credits are shown in Payments so you can assign them to quotes or invoices.
- Provider: Bank linking is provided through TrueLayer. Your bank credentials are not shared with us; you authorise access via TrueLayer's secure flow. You can disconnect your bank account at any time from Preferences → Bank account.
- We do not sell bank or transaction data. We use it only for the purposes described above and store only what is necessary for reconciliation and audit (e.g. that a payment was matched to an invoice).
Google Ads data
If you choose to connect Google Ads:
- What we access: The Google Ads account connection you authorise, plus the ad click identifiers and customer contact details submitted through your landing pages when those are needed for offline conversion measurement.
- Why we need it: To match ad-generated leads with appointments and invoices inside OnPoint Business, and to upload eligible offline conversions back to your Google Ads account so you can measure advertising performance.
- How it is used: We only use Google Ads access to support the attribution and reporting features that you enable for your own organisation. We do not use one customer's Google Ads data for another customer.
- You can disconnect Google Ads at any time from Preferences → Ads & Tracking. Disconnecting stops future Google Ads conversion uploads until you reconnect.
5. How We Use Your Information
- To provide and improve our services (jobs, appointments, contacts, quotes, invoices, payments, certificates, scheduling)
- To process transactions, send invoices, and record payments
- To match bank payments to invoices and reconcile when you have linked your bank account
- To attribute leads and upload eligible offline conversions when you have linked Google Ads
- To manage team scheduling, permissions, and notifications
- To send reminders, push notifications, and service-related messages
- To ensure app security and compliance
6. Data Sharing & Security
We do not sell your personal or bank data.
We may share information with trusted third-party providers necessary to run the service (e.g. hosting, authentication, Google, payment and bank linking providers such as TrueLayer, email and push notification services). These providers are bound by their own privacy and security obligations.
Data is encrypted and protected using industry-standard measures. Bank access is read-only and provided through TrueLayer's regulated infrastructure. Google Ads access is granted only through the secure OAuth authorisation flow that you choose to complete.
7. Your Rights
- Access, modify, or delete your personal data where applicable
- Disconnect your bank account at any time from Preferences → Bank account
- Disconnect Google Ads at any time from Preferences → Ads & Tracking
- Opt-out of marketing emails at any time
8. Contact Us
If you have any questions about this Privacy Policy or our use of your data, please contact us:
support@onpointbusiness.co.uk