Privacy Policy

TaskLine is a service operated by Solvr Labs LLC ("Solvr Labs," "we," "our," or "us"), a limited liability company organized under the laws of the State of Arizona. This Privacy Policy explains how we collect, use, disclose, store, and safeguard your information when you access or use the TaskLine platform, including our website, applications, APIs, AI-powered tools (including TaskLine AI Agent for calls, messaging, voice dictation, analysis, and quote drafting), payment processing (including Stripe Connect for accepting client payments with an optional platform fee on AI-sourced jobs), scheduling and booking features, client portal, Kanban task management, SMS and voice communication via Twilio and Retell AI, and related services (collectively, the "Service").

By accessing or using the Service, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with any part of this Privacy Policy, you must not access or use the Service. This Privacy Policy applies to all users of the Service, including freelancers, agencies, their clients, and any other individuals who interact with the platform.

"Personal Information" means any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual or household.

"User" or "you" refers to any individual who accesses or uses the Service, whether as a registered account holder (freelancer or agency) or as a client, visitor, or other end user.

"Client Data" means information about clients that is entered into the Service by a User, including client names, email addresses, phone numbers, addresses, project details, and payment records.

"Service Data" means data generated through use of the Service, including usage logs, analytics, performance metrics, and aggregated or de-identified data.

"Third-Party Service" means any external service, platform, or provider integrated with or used by the Service, including but not limited to payment processors, communication providers, mapping services, AI providers, and hosting infrastructure.

We collect Personal Information that you voluntarily provide to us when you register for an account, use the Service, or communicate with us. This includes:

• Full name and date of birth, collected during account registration • Email address, used for authentication, communications, and account recovery • Password credentials, stored in hashed form and never accessible in plain text • Business information, including business name, business type (freelancer, sole proprietor, LLC, corporation, partnership, nonprofit, or other), business phone number, business address, Tax ID / RFC, and website URL • Client information that you enter into the Service, including client names, email addresses, phone numbers, company names, physical addresses (including street, unit, city, state, ZIP code, and country), and geographic coordinates derived from address geocoding • Project and task information, including descriptions, deadlines, status updates, budgets, timelines, and media files uploaded in connection with service requests • Invoice and financial information, including amounts, currencies, due dates, payment statuses, and processing fee preferences • Booking and scheduling information, including appointment dates, times, client contact details, and cancellation reasons • SMS/text message content and metadata, including message bodies, delivery statuses, timestamps, and consent records • AI assistant interaction data, including service request content submitted for AI analysis, custom instructions you provide, and analysis results • Communication preferences, including notification settings, language preferences, and SMS opt-in/opt-out status

When you access or use the Service, we automatically collect certain information about your device and usage patterns, including:

• Device information such as browser type, operating system, device identifiers, and screen resolution • Network information such as your Internet Protocol (IP) address and internet service provider • Usage data such as pages visited, features used, timestamps of access, referring URLs, and interaction patterns • Authentication tokens and session data necessary to maintain your logged-in state • Log data generated by our servers, including request logs, error logs, and performance metrics

This information is collected through standard web technologies including cookies, server logs, and similar technologies as described in the Cookies section of this policy.

We may receive information about you from third-party services that you choose to connect with the Service:

• If you authenticate using Google OAuth or other social sign-in providers, we receive your name, email address, and profile information as authorized by you during the authentication process. We do not receive or store your Google password. • If you process payments through Stripe, we receive transaction confirmations, payment statuses, and limited payment method information (such as the last four digits of a card number and expiration date). Full payment card numbers are never transmitted to or stored on our servers. • If your clients submit service requests or book appointments through the platform, we receive the information they provide including their name, email, phone number, address, and project details.

We collect your date of birth during account registration for the following purposes:

• To verify that you meet the minimum age requirement for using the Service (13 years of age or older) • To comply with the Children's Online Privacy Protection Act (COPPA) and similar age-related regulations • To provide age-appropriate features and communications

Your date of birth is stored securely in our database and is not shared with third parties except as required by law. Users between the ages of 13 and 17 may use the Service only with the involvement and consent of a parent or legal guardian. If we learn that we have collected Personal Information from a child under 13 without verifiable parental consent, we will take steps to delete that information promptly.

We use the information we collect for the following purposes:

• Service delivery: To provide, maintain, and improve the Service, including project management, task tracking, invoicing, scheduling, client communications, and all core platform features • Account management: To create and manage your account, authenticate your identity, process account changes, and maintain your profile and preferences • Communications: To send you service-related notifications, including project updates, task reminders, invoice alerts, booking confirmations, and account security notifications via email and/or SMS • Payment processing: To process subscription payments, invoice payments, refunds, and manage billing through our payment processor (Stripe) • AI-powered analysis: To provide AI-assisted features including service request analysis, project recommendations, priority scoring, sentiment analysis, and draft generation using our AI provider (Anthropic) • Security and fraud prevention: To detect, prevent, and respond to fraud, abuse, security incidents, and other harmful activities, including rate limiting, audit logging, and suspicious activity monitoring • Legal compliance: To comply with applicable laws, regulations, legal processes, and government requests • Service improvement: To analyze usage patterns, diagnose technical issues, and develop new features and improvements in aggregated or de-identified form • Customer support: To respond to your inquiries, resolve disputes, and provide technical assistance

TaskLine integrates with multiple AI providers to power the TaskLine AI Agent (our 24/7 AI receptionist), voice dictation, transcription, analysis, quote drafting, and other intelligent features. When you use AI-powered features, data may be transmitted to the following providers for processing:

• Anthropic (Claude): Handles analysis, agent reasoning, quote drafting, project proposal generation, and conversational responses. Receives service request content, client information, custom instructions, and business context needed to generate a response. • OpenAI (Whisper API): Handles speech-to-text transcription when you or your clients use voice dictation or when the TaskLine AI Agent transcribes phone calls and voice messages. Receives only the audio to be transcribed. • Retell AI: Powers the TaskLine AI Agent voice experience for inbound phone calls, including speech recognition, conversational turn-taking, and tool invocations during a call. Receives phone audio and the business context needed to answer the caller. • ElevenLabs: Generates natural-sounding text-to-speech audio for voice responses. Receives only the text to be synthesized.

Data handling disclosures:

• None of these providers train their models on your data. Anthropic, OpenAI (under their API data usage policy), Retell AI, and ElevenLabs process your data solely to generate the response for the specific request, subject to their respective privacy policies and data processing terms. • AI-generated content — including analysis summaries, quotes, proposals, call transcripts, and agent replies — is provided for informational and assistive purposes only and does not constitute professional, legal, financial, medical, or expert advice of any kind. • We do not guarantee the accuracy, completeness, or reliability of AI-generated outputs. • You are solely responsible for reviewing, verifying, and approving any AI-generated content before acting on it or sharing it with clients or third parties. • Analysis results, transcripts, call recordings (where applicable), and usage metrics (token counts, minute counts, message counts) are stored in our database and associated with your account for service delivery, billing, and AI tier limit enforcement.

Solvr Labs LLC (operating as TaskLine) enables freelancers and agencies to communicate with their clients via SMS/text messages for service-related purposes. These communications may include project updates, appointment reminders and confirmations, invoice notifications, task status updates, service request follow-ups, and other transactional messages related to the services provided through the platform.

By opting in to receive text messages, the recipient consents to receive recurring automated text messages from their service provider, sent via the Solvr Labs LLC platform (TaskLine). Message frequency varies based on account activity and the nature of the services being provided. Message and data rates may apply depending on the recipient's mobile carrier plan. Consent to receive text messages is not a condition of purchasing any goods or services.

All SMS communications are transmitted through our messaging provider, Twilio, in compliance with the Telephone Consumer Protection Act (TCPA), the Cellular Telecommunications Industry Association (CTIA) guidelines, and applicable A2P 10DLC registration requirements.

Recipients may opt in to receive SMS messages through the Solvr Labs LLC platform (TaskLine) by providing their phone number via a web form (such as a service request form or booking form), by explicit in-person or written request to the freelancer or agency, or by texting a keyword to our designated number.

Recipients can opt out of SMS messages at any time by replying any of the following keywords to any message received: STOP, STOPALL, UNSUBSCRIBE, CANCEL, END, or QUIT. After opting out, a confirmation message will be sent and no further text messages will be delivered unless the recipient re-opts in.

For help or questions about text messaging, recipients can reply HELP to any message or contact us at jessy@solvrlabs.com.

All opt-in and opt-out events are logged with timestamps, IP addresses (when available), user agent information, and the consent language presented at the time of opt-in. These records are maintained for regulatory compliance purposes.

We do not sell, rent, loan, trade, lease, or otherwise transfer for profit any phone numbers or personal information collected through our SMS messaging program to any third parties for their marketing or promotional purposes.

Mobile opt-in data and consent information will not be shared with any third parties or affiliates for marketing purposes at any time. We may share phone numbers with our SMS service provider (Twilio) solely for the purpose of delivering text messages on your behalf.

No mobile information will be shared with third parties or affiliates for marketing or promotional purposes. This commitment applies regardless of any future business transaction, including merger, acquisition, or sale of assets.

Payment processing for TaskLine is handled by Stripe, Inc. ("Stripe"), a PCI-DSS Level 1 certified payment processor. Stripe is used both to accept client invoice payments and to route payouts to freelancers through Stripe Connect Express.

• Full credit card numbers, bank account numbers, and other sensitive payment credentials are transmitted directly to Stripe and are never transmitted to, processed by, or stored on TaskLine servers. • We store only limited payment references, including Stripe customer IDs, Stripe Connect account IDs, checkout session IDs, subscription IDs (for optional AI tiers), and payment intent IDs, which allow us to reference and manage transactions without accessing full payment details. • Invoice payment records including amounts, currencies, due dates, payment dates, and payment statuses are stored in our database for accounting and service delivery purposes. • Freelancer payouts: Freelancers connect their own Stripe account via Stripe Connect Express onboarding. Stripe Express collects identity and bank information directly from the freelancer to enable payouts; TaskLine does not see or store this information. Stripe manages payout schedules, balances, and tax reporting according to their own terms.

Platform fees:

• When the TaskLine AI Agent assists on a job (for example, when the Agent captures a lead, drafts the quote, or books the appointment), a small platform fee is charged to the freelancer's Stripe account through Stripe's `application_fee_amount` mechanism at the time the client pays the invoice. The rate depends on the freelancer's AI tier: 2.5% on the free Radar tier, 2.25% on the Pro tier, and 2.0% on the Max tier. • A 0.6% base platform fee also applies to non-AI invoices while the TaskLine AI Agent is active on a freelancer's account, which helps cover SMS infrastructure and related platform costs. • These fees are deducted from the freelancer's payout by Stripe. They are not charged to clients unless the freelancer has enabled processing fee pass-through for Stripe's standard processing fees. • No credit card is required to sign up for TaskLine or to enable the AI Agent. The platform itself is free.

Stripe's privacy policy and data handling practices are available at https://stripe.com/privacy. We encourage you to review their policy.

TaskLine uses the Google Maps API to provide address autocomplete, geocoding, and mapping features. When addresses are entered into the Service (for service requests, projects, client records, or bookings), the following data may be collected and stored:

• Formatted address strings and individual address components (street, unit, city, state, ZIP code, country) • Geographic coordinates (latitude and longitude) derived from address geocoding • Google Places identifiers (place IDs) used to uniquely identify locations

This data is used to display maps, facilitate address management, and enable location-based service features. Google's use of data collected through the Google Maps API is governed by Google's Privacy Policy (https://policies.google.com/privacy). Google may collect additional data through the Maps API as described in their terms.

We use the following third-party service providers to operate the Service. Each provider receives only the minimum data necessary to perform its function, and each is bound by its own privacy policy and data processing terms:

• Supabase (database and authentication): Stores all application data including user profiles, clients, projects, tasks, invoices, bookings, messages, and related records. Provides authentication services including magic link sign-in and password-based authentication. Data is encrypted in transit and at rest, and protected by Row-Level Security policies. • Stripe (payment processing and Stripe Connect): Processes client invoice payments, optional AI tier subscriptions, and freelancer payouts through Stripe Connect Express. Receives payment method details, billing information, Connect onboarding data (collected directly by Stripe), and transaction data. Platform fees on AI-sourced jobs are collected via Stripe's `application_fee_amount` mechanism. • Twilio (SMS and voice backup): Delivers SMS/text messages and handles voice calls as a fallback channel. Operates under A2P 10DLC registration and TCPA/CTIA compliance. Receives phone numbers, message content, and call metadata. • Linq (primary client messaging): Delivers text and media messages to clients as the primary outbound communication channel when the TaskLine AI Agent is active. Receives phone numbers, message content, and delivery metadata. • Anthropic (Claude): Provides the large language model used for analysis, agent reasoning, quote drafting, and content generation. Receives request content, client information, custom instructions, and business context needed to generate a response. Does not train on your data. • OpenAI (Whisper API): Provides speech-to-text transcription for voice dictation and for transcribing audio captured by the TaskLine AI Agent. Receives only the audio to be transcribed. Under OpenAI's API data usage policy, does not train on your data. • Retell AI (voice agent platform): Powers the TaskLine AI Agent's inbound voice call experience, including live speech recognition, conversational turn-taking, and tool invocations. Receives phone audio and the business context needed to handle the call. • ElevenLabs (text-to-speech): Generates spoken audio from text for voice responses. Receives only the text to be synthesized. • Resend (email delivery): Sends transactional emails including magic links, invoice deliveries, booking confirmations, notifications, and account management emails. Receives recipient email addresses and email content. • Google Maps Platform (address validation and geocoding): Provides address autocomplete, geocoding, and map display. Receives address strings and returns geographic coordinates and place identifiers. Used only for address validation and mapping — we do not perform location tracking of users or clients. • Upstash (Redis): Provides rate limiting, session caching, voice turn budget enforcement, and caching of frequently accessed data such as user settings and tier limits. Cached data is transient and subject to automatic expiration.

Each of these providers maintains its own privacy policy and data handling practices. We encourage you to review them.

We do not sell your Personal Information to third parties. We do not share your Personal Information with third parties for their own marketing purposes. We may disclose your information in the following limited circumstances:

• Service providers: We share information with the third-party service providers described in Section 14, solely for the purpose of operating and providing the Service. • Legal requirements: We may disclose your information if required to do so by law, regulation, legal process, or governmental request, including responding to subpoenas, court orders, or similar legal processes. • Safety and enforcement: We may disclose information when we believe in good faith that disclosure is necessary to protect the rights, property, or safety of Solvr Labs, our users, or the public, or to enforce our Terms of Service. • Business transfers: In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on the Service of any change in ownership or uses of your Personal Information. • With your consent: We may share your information with third parties when you have given us explicit consent to do so. • Aggregated data: We may share aggregated or de-identified information that cannot reasonably be used to identify you for analytics, research, or business purposes.

We implement and maintain reasonable technical, administrative, and organizational security measures designed to protect your Personal Information against unauthorized access, alteration, disclosure, destruction, or loss. These measures include:

• Encryption of data in transit using TLS/SSL protocols • Encryption of data at rest in our database infrastructure • Row-Level Security (RLS) policies on all database tables to ensure users can only access their own data • Rate limiting on API endpoints to prevent abuse and brute-force attacks • Security headers including Content-Security-Policy, HTTP Strict Transport Security (HSTS), X-Frame-Options, and X-Content-Type-Options • Audit logging of security-relevant events and access patterns • Password strength validation and secure credential storage using industry-standard hashing algorithms • Regular security assessments and monitoring of our infrastructure

While we strive to use commercially acceptable means to protect your Personal Information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee the absolute security of your information. You are responsible for maintaining the confidentiality of your account credentials and for any activities that occur under your account.

We retain your Personal Information for as long as your account is active or as needed to provide you with the Service. Specific retention periods vary by data type:

• Account profile data: Retained for the duration of your active account plus 30 days after account deletion • Project, task, and invoice records: Retained for the duration of your active account. Upon account deletion, records are deleted within 30 days except where retention is required for legal or accounting purposes • SMS/text message records and consent logs: Retained for a minimum of five (5) years after the last communication for regulatory compliance with TCPA and A2P 10DLC requirements • Call logs: Retained for the duration of your active account plus compliance retention periods • AI analysis results: Retained for the duration of your active account and deleted upon account deletion • Payment and billing records: Retained for a minimum of seven (7) years as required by applicable tax and accounting regulations • Server logs and security audit data: Retained for up to twelve (12) months for security and operational purposes • Cached data: Automatically expired based on configured cache time-to-live (TTL) periods, typically ranging from minutes to hours

After the applicable retention period expires, we will securely delete or anonymize your information.

You may delete your account at any time through the Settings > Account section of the Service. Upon account deletion:

• Your Personal Information, including your profile, business information, and date of birth, will be permanently deleted within 30 days • All associated data including projects, tasks, invoices, clients, bookings, notifications, and AI analysis results will be deleted through cascading database deletions • Your Stripe subscription (if any) will be canceled • Active SMS messages and scheduled communications will cease

The following data may be retained beyond the 30-day deletion period:

• SMS consent and opt-out records, retained for regulatory compliance • Payment and invoice records, retained as required by tax and accounting regulations • Anonymized and aggregated data that cannot be used to identify you • Any data we are legally required to retain pursuant to applicable law, regulation, or valid legal process

To request deletion of your account, you may also contact us at jessy@solvrlabs.com. We will process your request within 30 days and confirm deletion by email.

Depending on your jurisdiction, you may have certain rights regarding your Personal Information:

For all users: • Right to access: You may request a copy of the Personal Information we hold about you • Right to correction: You may request that we correct inaccurate or incomplete Personal Information • Right to deletion: You may request that we delete your Personal Information, subject to certain exceptions • Right to opt out of SMS: You may opt out of SMS communications at any time by replying STOP

For California residents (CCPA/CPRA): • Right to know what Personal Information we collect, use, disclose, and sell • Right to delete your Personal Information, subject to certain exceptions • Right to opt out of the sale of Personal Information (we do not sell Personal Information) • Right to non-discrimination for exercising your privacy rights • Right to correct inaccurate Personal Information • Right to limit the use and disclosure of sensitive Personal Information

For users in the European Economic Area (GDPR): • Right to access, rectify, erase, restrict processing, data portability, and object to processing • Right to withdraw consent at any time where processing is based on consent • Right to lodge a complaint with a supervisory authority

To exercise any of these rights, please contact us at jessy@solvrlabs.com. We will respond to your request within 30 days (or 45 days if an extension is necessary, with notice to you). We may request verification of your identity before processing your request.

The Service is operated from the United States. If you access the Service from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States and other countries where our service providers operate.

By using the Service, you consent to the transfer of your information to the United States and other jurisdictions that may have different data protection laws than your country of residence. We take steps to ensure that your information receives an adequate level of protection in the jurisdictions in which we process it, including through the use of standard contractual clauses and other appropriate safeguards where required.

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we process your Personal Information on the following legal bases: (a) performance of a contract with you, (b) our legitimate business interests, (c) compliance with legal obligations, or (d) your consent, where applicable.

The Service is not directed to children under the age of 13. We do not knowingly collect Personal Information from children under 13 years of age without verifiable parental consent. Users between the ages of 13 and 17 may use the Service with the involvement and consent of a parent or legal guardian.

If we become aware that we have collected Personal Information from a child under 13 without verifiable parental consent, we will take prompt steps to delete that information from our servers. If you are a parent or guardian and believe that your child under 13 has provided Personal Information to us without your consent, please contact us at jessy@solvrlabs.com so we can take appropriate action.

In compliance with the Children's Online Privacy Protection Act (COPPA), we will not knowingly: (a) collect more Personal Information from children under 13 than is reasonably necessary, (b) condition participation in activities on the disclosure of more Personal Information than is necessary, or (c) share Personal Information of children under 13 with third parties for marketing purposes.

We use cookies and similar tracking technologies to operate and improve the Service. The types of cookies we use include:

• Essential cookies: Required for the Service to function, including authentication tokens, session management, and security features. These cookies cannot be disabled. • Functional cookies: Used to remember your preferences, language settings, and other customization choices. • Analytics cookies: Used to understand how users interact with the Service, including page views, feature usage, and navigation patterns. This data helps us improve the Service.

You can manage cookie preferences through your browser settings. Most browsers allow you to block or delete cookies. However, disabling essential cookies may prevent you from using certain features of the Service.

We do not use cookies for third-party advertising purposes. We do not participate in cross-site tracking or behavioral advertising networks.

Some web browsers transmit "Do Not Track" (DNT) signals to websites. Because there is no universally accepted standard for how to interpret DNT signals, the Service does not currently respond to browser DNT signals. However, we do not engage in cross-site tracking of users.

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make changes, we will:

• Update the "Last updated" date at the top of this Privacy Policy • Post the revised Privacy Policy on this page • For material changes, provide notice through the Service or via email to the address associated with your account

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information. Your continued use of the Service after the posting of changes constitutes your acceptance of those changes.

If you have questions, concerns, or complaints about this Privacy Policy or our data practices, or if you wish to exercise your privacy rights, please contact us at:

Solvr Labs LLC Email: jessy@solvrlabs.com

We will endeavor to respond to your inquiry within 30 days. If you are not satisfied with our response, you may have the right to lodge a complaint with your local data protection authority.