Privacy Policy

Last Updated: May 13, 2026

PurposeBuilt Systems LLC ("we," "our," or "us") operates the Digital Traffic Control Diary ("DTCD") mobile applications and web dashboard (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. By using the Service, you consent to the practices described in this Policy.

Sensitive Personal Information notice (CPRA / Cal. Civ. Code § 1798.140(ae)): The Service collects precise geolocation, which is "Sensitive Personal Information" under California law. Geolocation is collected only when you actively create a closure, capture a photo, or enable Mobile Work mode. We use it solely to provide the Service. We do not use Sensitive Personal Information to infer characteristics about you, and you have the right under § 1798.121 to limit our use of it (see Section 10).

Key Points:

We collect work zone data to provide traffic control documentation and DOT compliance services.
We do not currently sell or share your personal information for monetary or other valuable consideration as those terms are defined under the CCPA, CPRA, and analogous state privacy laws.
We reserve the right to license aggregated, statistical, or fully de-identified work zone data in the future. If we begin to do so, we will update this Policy, provide at least 30 days' advance notice, and offer all required opt-out, opt-in, and Do-Not-Sell mechanisms before any such sale or sharing begins.
If you wish to be notified personally of any change to our data-sale or data-sharing practices, email matthew@purposebuilt.systems with subject line "Data Practice Notification Request."

1. Information We Collect

1.1 Information You Provide

Account Information: Email address, name, organization name, phone number
Organization Details: Company name, address, state, counties of operation, organization type (DOT, contractor, etc.)
Work Zone Data: Road names, closure types, work descriptions, dates/times, flaggers, pilot cars
Payment Information: Processed securely through Stripe (we do not store credit card numbers)
DOT Certifications: Certification documents, license numbers, expiration dates

1.2 Information Collected Automatically

Location Data: GPS coordinates for work zone boundaries, photo locations, and mobile work operations (striping, sweeping, mowing). Location is only collected when you actively create a closure or enable mobile work mode. Background location is used ONLY for real-time mobile work tracking when explicitly enabled by the user.
Photos: GPS-tagged photos of traffic control signs, work zones, and equipment. Photos are stored in Firebase Cloud Storage and associated with your work zones.
Device Information: Device model, operating system version, unique device identifier (for preventing password sharing and managing device limits)
Google Advertising ID (GAID): We collect your Google Advertising Identifier through Firebase Analytics for app analytics, crash reporting, and service improvement purposes only. We do NOT use this identifier for personalized advertising or ad targeting. You can reset your advertising ID or opt out of personalized ads in your Android device settings under Settings > Privacy > Ads.
Usage Data: App interactions, features used, timestamps, session duration
MUTCD Sign Recognition: When you photograph traffic control signs, our AI analyzes the image to suggest MUTCD codes. Images are processed on-device or via Firebase ML Kit.

1.3 Connected Device Data

Arrow board status and location
Portable Changeable Message Sign (PCMS) data
Device communication logs
Battery levels and operational modes

2. How We Use Your Information

We use the collected information for the following purposes:

Service Delivery: Create and manage work zone closures, generate WZDx feeds, produce compliance reports
MUTCD Compliance: Verify proper traffic control sign placement and documentation
DOT Certification: Manage certification workflows, review submissions, track expiration dates
WZDx Feed Publishing: Generate real-time work zone data feeds for navigation systems (Waze, Google Maps, etc.)
Billing & Invoicing: Process payments, generate invoices, track subscription usage
Account Management: Authenticate users, enforce device limits, prevent password sharing
Customer Support: Respond to inquiries, troubleshoot issues, provide assistance
Service Improvement: Analyze usage patterns, fix bugs, develop new features
Safety & Compliance: Ensure proper work zone documentation for worker and public safety
Legal Compliance: Meet regulatory requirements, respond to legal requests

3. Location Data Usage

3.1 When We Collect Location

Creating Work Zones: GPS coordinates mark the beginning and end of closures
Taking Photos: Photos are tagged with GPS location for compliance documentation
Mobile Work Operations: Real-time location tracking ONLY when you enable mobile work mode (striping, sweeping, mowing)
Map Display: Your current location helps center the map view

3.2 Background Location

Background location access is used EXCLUSIVELY for mobile work operations when you explicitly enable mobile work mode. This allows us to generate real-time WZDx feeds showing the current position of striping, sweeping, or mowing equipment. Background location is NOT used for user tracking, advertising, or any other purpose.

How to disable: Turn off mobile work mode in the app, or revoke location permissions in your device settings.

4. Photo & Camera Usage

Camera and photo library access are used for:

Taking GPS-tagged photos of traffic control signs, work zones, and equipment
MUTCD sign recognition using on-device computer vision
Compliance documentation for DOT certification
Photo checklists for inspections (begin signs, end signs, tapers, etc.)

Photos are stored in Firebase Cloud Storage and associated with your work zones. You can delete photos at any time through the app.

4A. Machine-Learning Training on User Content

To improve the on-device MUTCD sign recognizer, work-zone classifier, and other AI features, we train and refine machine-learning models using User Content (photos, sign codes you confirm, OCR text, sensor readings) generated through the App. Section 17A of our Terms of Service governs the underlying license. This section explains the privacy mechanics.

Training is conducted by either or both of the following methods:

(i) On-device (federated) training. Your device updates model parameters locally using your User Content as inputs. Only the resulting model-weight updates — not your raw photos, sensor readings, or location data — are transmitted to our servers. Weight updates from many devices are aggregated to produce a shared model. Your raw User Content never leaves your device for the purpose of training.

(ii) Server-side training. Photos and other User Content already stored in our infrastructure are used for supervised training. Server-side training is only conducted after we have applied automated de-identification to the source materials (including face detection and license-plate redaction) and removed direct personal identifiers, OR where you have provided separate, granular opt-in consent by written request to matthew@purposebuilt.systems to contribute non-de-identified photos.

Your right to opt out. You may opt out of contributing User Content to server-side training at any time by emailing matthew@purposebuilt.systems with the subject "Opt out of ML training." We will process opt-out requests within thirty (30) days of receipt and confirm completion by reply email.

Opting out does not affect your access to the Services. Opt-out applies prospectively: it excludes your User Content from any future training run but does not remove your User Content from models that have already been trained on it (model retraining schedules vary; new models incorporating the opt-out will be produced on the next training cycle).

What models are trained on. Training inputs may include the photo bytes, the user-confirmed MUTCD code label, the OCR text recognized from the photo, the photo's geographic coordinates and timestamp, and sensor readings (magnetometer, accelerometer, gyroscope) captured at the moment of capture. Training outputs are model weights, not databases of your photos. Photos remain stored in your Firebase Cloud Storage account and continue to be governed by the rest of this Policy.

What training does not do. Training does not transfer your photos to third parties, does not power advertising, and does not generate user-identifying outputs. Trained models are used inside DTCD and its companion applications.

5. Data Sharing & Disclosure

5.1 WZDx Feed Publishing

When you publish a work zone to a WZDx feed, the following data becomes publicly available:

Road name and location coordinates
Closure type (lane closure, full road closure, etc.)
Begin and end times
Reduced speed limits
Work zone geometry (polyline)

Note: WZDx feeds do NOT include personal information, photos, or organization details. Only certified DOT personnel can publish work zones to public feeds.

5.2 Third-Party Services

We use the following third-party services:

Firebase (Google): Authentication, database, cloud storage, hosting, analytics
Google Maps: Map display and geocoding services
Stripe: Payment processing (PCI-DSS compliant)
Apple App Store / Google Play: In-app purchase receipt validation

5.3 Data Sales and Licensing — Reserved Right (No Current Sales)

            Current practice: As of the "Last Updated" date at the top of this Policy, we do not sell, share for cross-context behavioral advertising, or otherwise transfer your personal information for monetary or other valuable consideration as those terms are defined under the California Consumer Privacy Act (CCPA), California Privacy Rights Act (CPRA), Virginia Consumer Data Protection Act (VCDPA), and analogous state privacy laws.
        

Reserved future right. We reserve the right, in the future, to license aggregated, statistical, or fully de-identified data derived from work zone activity (such as anonymized regional traffic-pattern statistics, aggregate compliance metrics, and work-zone time-and-location aggregates) to commercial partners — for example, connected vehicle platforms, navigation services, DOTs, traffic management companies, insurance carriers, research institutions, and technology companies. Any such future licensing would, by design, use only aggregated or fully de-identified information and would not constitute a sale of personal information under applicable law.

If we ever begin to sell or share data that constitutes "personal information" under any applicable law, before any such sale or sharing begins we will:

Update this Privacy Policy with at least 30 days' advance notice, posted in-app and on the dashboard;
Send an email notification to your registered email address;
Deploy a "Do Not Sell or Share My Personal Information" link conspicuously on every page of the Service;
Honor the Global Privacy Control (GPC) browser signal as a valid opt-out;
Provide all opt-out, opt-in, right-to-limit-use-of-Sensitive-Personal-Information, and other rights required by your state's law;
Update App Store Privacy Nutrition Labels and Google Play Data Safety disclosures to reflect the new practice; and
Honor any opt-out request received before commencement.

WZDx Feeds remain unaffected by this section. Public WZDx feeds (Section 5.1 above) contain only the publicly publishable work-zone fields (road, location, closure type, times, geometry) and are intentionally non-personal. Publishing to a WZDx feed is a feature of the Service and is not a "sale" or "share" of personal information under any privacy law of which we are aware.

Personal-information protection if licensing commences. Before any future data licensing begins, we will remove or fully de-identify (in a manner consistent with applicable de-identification standards):

User names, email addresses, and contact information
Employee, flagger, and worker names and personal details
Photos containing identifiable individuals or license plates
Account credentials, authentication tokens, and device identifiers
Organization-specific identifiers that could uniquely identify individual companies

Personal data-practice notification request. If you wish to be notified by email before we begin any data sale or sharing that affects your personal information, email matthew@purposebuilt.systems with subject line "Data Practice Notification Request." We will add you to a notification list for any future material change.

5.4 Cross-App Ecosystem Data Sharing

            Important: Your work zone data may be shared across our integrated app ecosystem to provide enhanced services and interoperability.
        

Digital Traffic Control Diary is part of an integrated transportation and infrastructure app ecosystem. To provide comprehensive services, your work zone and project data may be shared with and accessible through the following connected applications:

ClearPath EMS (Emergency Management System): Law enforcement and first responders may view your work zone locations, speed limits, flagger presence, and traffic control configurations in real-time. This enables officers to:
- Locate active work zones for traffic enforcement and public safety
- Generate citation evidence packages with GPS-verified work zone compliance data
- Verify proper MUTCD signage and work zone setup for legal proceedings
- Coordinate emergency response in and around work zones
Utility AsBuilt & Permit Management: Work zone data may be linked to utility permits, locate tickets, and asbuilt documentation for:
- Cross-referencing work zones with active utility permits
- Tracking asbuilt documentation and GPS-verified infrastructure records
- Coordinating multi-contractor projects and shared road closures
- Verifying locate ticket compliance and expiration tracking
Future Integrated Apps: As we expand our ecosystem, your data may be shared with additional transportation, construction, and infrastructure management applications to provide seamless project coordination and enhanced safety features.

What Data Is Shared Across Apps:

Work zone locations (GPS coordinates, road names, directions)
Closure types, dates/times, and status
Traffic control configurations (speed limits, signs, flaggers)
GPS-tagged photos of work zones and traffic control devices
Project IDs, permit numbers, and contract references
MUTCD compliance documentation
Organization information (name, type, contact details)

Access Controls: Cross-app data sharing is subject to geographic and subscription-based access controls:

Shared Visibility Model: All work zones are visible to all authenticated users within their authorized geographic area (counties/states based on subscription tier). This means DOTs, contractors, law enforcement, Traffic Management Centers (TMCs), and utility companies can all see the same work zones on the same map, enabling unprecedented coordination and communication across all stakeholders.
Geographic Restrictions: Users can only view work zones within the counties or states included in their subscription package. For example, a county-level subscription allows viewing all work zones in that county, regardless of which organization created them.
Role-Based Permissions: While all users can VIEW work zones in their area, EDIT permissions are restricted to the organization that created the work zone. Different user types (DOT, contractor, law enforcement, utility company) have appropriate access levels for their specific functions (e.g., only law enforcement can generate citation evidence).
Authentication Required: All apps in the ecosystem use shared Firebase authentication to ensure secure, verified access
Audit Logging: Cross-app data access is logged for security and compliance purposes

Benefits of Ecosystem Integration:

Unprecedented Coordination: All stakeholders (DOTs, counties, contractors, TMCs, law enforcement, utilities) see the same real-time work zone map, eliminating communication silos and enabling instant awareness of all active work zones in your area
Enhanced Public Safety: Law enforcement and emergency responders can instantly locate all work zones, verify compliance, and coordinate emergency response
Conflict Prevention: Contractors can see other active work zones before planning new closures, preventing scheduling conflicts and overlapping work areas
Traffic Management: TMCs and DOTs get comprehensive visibility into all work zone activity for better traffic flow management and incident response
Utility Coordination: Utility companies can align work with existing closures, share permits, and avoid redundant road disruptions
Streamlined Compliance: Automated WZDx feeds, court-ready citation evidence, and unified MUTCD documentation
Cost Savings: Reduced duplicate data entry, shared resources, and better project coordination across all organizations

Opt-Out: While ecosystem integration is a core feature of our service, you can request limited data sharing by contacting us at matthew@purposebuilt.systems. Note that opting out may reduce functionality and prevent use of certain features (e.g., citation evidence generation, cross-app project linking).

5.6 Legal Requirements

We may disclose your information if required by law, court order, or government request, or to protect our rights, property, or safety.

6. Data Security (Reasonable Security Procedures)

We implement and maintain reasonable security procedures and practices appropriate to the nature of the personal information we collect, as required by Cal. Civ. Code § 1798.150 and analogous state and federal authorities:

Encryption in transit: All client-server traffic uses HTTPS/TLS 1.2 or higher.
Encryption at rest: Firebase Firestore and Cloud Storage encrypt all data at rest using Google-managed keys.
Authentication: Firebase Authentication with industry-standard token management; passwords are hashed and never stored in plaintext.
Access Controls: Role-based permissions, Firestore security rules, and admin-only access to compliance and audit collections.
Audit Logging: Tamper-evident audit logs with sha-256 chain hashes for all legally-significant compliance events.
Device Management: 2-device limit per user, concurrent session detection.
Receipt Validation: Apple App Store and Google Play purchase verification to prevent fraud.
Backups: Automated Firebase backups with point-in-time recovery.
Webhook Idempotency: Stripe webhook events are deduplicated to prevent duplicate processing.
Vendor Selection: We use SOC 2 / ISO 27001 audited vendors (Google Firebase, Stripe, Apple, Google Play) for infrastructure, payments, and analytics.

Data Breach Notification. In the event of a security incident affecting your personal information, we will notify affected users without unreasonable delay and in compliance with applicable state breach-notification laws (including Iowa Code § 715C, Cal. Civ. Code § 1798.82, and analogous statutes). Notice will describe the categories of information involved, the steps taken in response, and the steps you may take to protect yourself.

7. Data Retention

Active Work Zones: Retained indefinitely for compliance and reporting
Completed Work Zones: Retained for 7 years (typical DOT record retention requirement)
Photos: Retained as long as associated work zone is active, can be deleted by user
Account Data: Retained while account is active, deleted 30 days after account closure
WZDx Feeds: Historical work zones retained in feed for 90 days after closure completion
Analytics Data: Aggregated usage data retained indefinitely (anonymized)

8. Your Privacy Rights

You have the right to:

Access: Request a copy of your personal data
Correction: Update or correct inaccurate information
Deletion: Request deletion of your account and data (subject to legal retention requirements)
Data Portability: Export your work zone data in JSON/WZDx format
Opt-Out: Disable analytics, location tracking, or photo features
Revoke Permissions: Disable camera, location, or photo access in device settings

To exercise these rights, contact us at matthew@purposebuilt.systems

9. Children's Privacy

Our Service is intended for adult professional use only. The Service is not directed to children under 13 (or under 16 in the European Economic Area) and we do not knowingly collect personal information from children. If we learn that we have collected personal information from a child without verifiable parental consent as required by the Children's Online Privacy Protection Act (15 U.S.C. § 6501 et seq.), we will promptly delete it. If you believe a child has provided personal information to us, contact us immediately at matthew@purposebuilt.systems.

10. California Privacy Rights (CCPA / CPRA)

California residents have additional rights under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA).

            "Do Not Sell or Share My Personal Information." As disclosed in Section 5.3, we do not currently sell or share your personal information for monetary or other valuable consideration as those terms are defined under the CCPA/CPRA. The right to opt out of sale or sharing therefore has no current application. We have reserved the right to license aggregated or de-identified data in the future; if we ever begin any practice that would constitute a sale or share of personal information under California law, we will provide at least 30 days' advance notice, deploy a "Do Not Sell or Share My Personal Information" link, honor the Global Privacy Control browser signal, and offer all required opt-out and opt-in mechanisms before commencement.
        

Your CCPA / CPRA Rights:

Right to Know: Request disclosure of what personal information is collected, used, shared, or sold, and the categories of third parties who received it.
Right to Delete: Request deletion of personal information (subject to legal and contractual retention exceptions).
Right to Correct: Request correction of inaccurate personal information.
Right to Opt-Out of Sale or Sharing: Currently inapplicable (we do not sell or share). Will become operational if our practices change; see Section 5.3.
Right to Limit Use of Sensitive Personal Information: Direct us to limit our use of Sensitive Personal Information (including precise geolocation) to only what is necessary to provide the Service.
Right to Non-Discrimination: You will not be denied service, charged different prices, or receive degraded service for exercising your privacy rights.

How to Exercise Your CCPA / CPRA Rights:

Email us at matthew@purposebuilt.systems with subject line "CCPA Request," "Limit Use of SPI," or "Data Practice Notification Request" (as applicable).
Include your account email and specify which right(s) you wish to exercise.
We will respond within 45 days. We may request verification of your identity before processing requests.

Data Categories Sold or Shared (Trailing 12 Months): None.

Categories of Third Parties Who Received Personal Information for Sale or Cross-Context Behavioral Advertising (Trailing 12 Months): None.

Categories of Third Parties Who Received Personal Information for Service Delivery (Trailing 12 Months): Service providers necessary to operate the Service — Google (Firebase authentication, Firestore, Cloud Storage, Analytics, ML Kit), Stripe (payment processing), and Apple App Store / Google Play (in-app purchase receipt validation). See Section 5.2.

We will respond to CCPA requests within 45 days. We may request verification of your identity before processing requests.

Additional CPRA Rights (effective 2023):

Right to Correct: You may request correction of inaccurate personal information we hold about you.
Right to Limit Use of Sensitive Personal Information: You may direct us to limit our use of Sensitive Personal Information (including precise geolocation) to only what is necessary to provide the Service. To exercise, email us with subject line "Limit Use of SPI."
Right to Opt-Out of Automated Decision-Making and Profiling: We do not currently use your personal information for automated decision-making that produces legal or similarly significant effects.
Authorized Agents: You may designate an authorized agent to make a request on your behalf. The agent must provide written, signed authorization and we may verify the request directly with you.

Do-Not-Track / Global Privacy Control (GPC): We honor the Global Privacy Control browser signal as a valid opt-out of sale or sharing for California residents under Cal. Code Regs. tit. 11 § 7025. As of the "Last Updated" date above we do not sell or share personal information (see Section 5.3), so the GPC signal currently has no operational effect, but it is recorded and would take effect immediately upon any future commencement of sale or sharing practices.

"Shine the Light" — Cal. Civ. Code § 1798.83: California residents may request, once per calendar year, information about disclosures of personal information to third parties for direct marketing purposes. We do not currently disclose personal information to third parties for direct marketing.

10A. Other State Consumer Privacy Rights

Residents of states with comprehensive consumer privacy laws (including Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA), Texas (TDPSA), Oregon (OCPA), Delaware (DPDPA), New Hampshire (NHPA), Iowa (ICDPA, effective 2025), Tennessee (TIPA), Indiana (ICPA), Montana (MCDPA), New Jersey (NJDPA), Minnesota (MCDPA), Maryland (MODPA), and Florida (FDBR)) have rights similar to the CCPA/CPRA, including the rights to:

Know what personal data we process and request access to it
Correct inaccurate data
Delete data, subject to legal exceptions
Obtain a portable copy of data you provided
Opt out of sale, targeted advertising, and certain profiling
Appeal a denied request (where state law provides an appeal right)

To exercise any of these rights, contact us at matthew@purposebuilt.systems with subject line "Privacy Request — [State]." We respond within the timeframes required by your state's law (generally 30–45 days; appeal responses within 60 days where applicable).

11. European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR):

Right to access, rectification, erasure, restriction of processing
Right to data portability
Right to object to processing
Right to withdraw consent at any time
Right to lodge a complaint with a supervisory authority

Legal Basis: We process your data based on contract performance, legal obligations, and legitimate interests (service improvement, fraud prevention).

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

Posting the updated policy in the app with a new "Last Updated" date
Sending an email notification to your registered email address
Displaying an in-app notification

Your continued use of the Service after changes become effective constitutes acceptance of the updated Privacy Policy.

13. International Data Transfers

Your information may be transferred to and processed in the United States or other countries where our service providers operate. We ensure appropriate safeguards are in place to protect your data in accordance with this Privacy Policy and applicable laws.

14. Third-Party Links

Our Service may contain links to third-party websites or services (e.g., DOT websites, MUTCD resources). We are not responsible for the privacy practices of these third parties. Please review their privacy policies before providing any information.

14A. App Store and Google Play Privacy Disclosures

Apple App Store Privacy Nutrition Labels and Google Play Data Safety disclosures published for DTCD describe the same data practices set out in this Policy. If you observe any inconsistency between the App Store / Play Store disclosures and this Policy, this Policy controls and we will update the store-listing disclosures promptly.

14B. Governing Law for Privacy Disputes

This Privacy Policy is governed by the laws of the State of Iowa, without regard to its conflict-of-laws principles. For any privacy dispute that is not subject to the mandatory arbitration provision in our Terms of Service, the parties consent to the exclusive personal jurisdiction and venue of the District Court for Polk County, Iowa or, where federal jurisdiction exists, the United States District Court for the Southern District of Iowa. The substantive privacy rights granted by your state of residence (CCPA/CPRA, VCDPA, GDPR, etc.) apply notwithstanding this choice-of-law provision.

15. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

Purpose Built Systems LLC
Email: matthew@purposebuilt.systems
Website: https://digital-traffic-control-f1cc2.web.app

16. Consent

By using our Service, you consent to this Privacy Policy and agree to its terms. If you do not agree with this Privacy Policy, please do not use our Service.

© 2024-2026 PurposeBuilt Systems LLC. All rights reserved. Patent Pending.
Digital Traffic Control Diary™ is a trademark of PurposeBuilt Systems LLC.
PurposeBuilt Systems LLC is independent of and not affiliated with the Iowa Department of Transportation or any other governmental agency.