Last updated: April 30, 2026

This Privacy Policy describes how SAM Service ("we", "us", "our") operating the website at artur.suleymanov.work ("the Website") collects, uses, stores, and protects your information, including information obtained through our integration with the Thumbtack API.

1. Information We Collect

We may collect the following categories of information:

• Booking Information: Your name, phone number, email address, physical address, preferred service date and time, and project description when you submit a booking request through our website.
• Review Information: Your name, city, rating, and review text when you submit a customer review.
• Thumbtack Lead Data: Customer first name, service category, project description, and location data received through the Thumbtack API when a new lead (negotiation) is created on the Thumbtack platform.
• Thumbtack Messages: Text content of messages exchanged between our business and customers through the Thumbtack messaging system.
• Thumbtack Business Data: Business name, business ID, service categories, and account information retrieved via the Thumbtack API.
• Phone Numbers for SMS: Your mobile phone number, collected through our booking request form (with an explicit, unchecked "I agree to receive SMS" checkbox you must actively check before submitting) or through Thumbtack lead data, used to send you service-related text messages (SMS) about your specific service request. Consent to receive SMS messages is not a condition of purchasing any goods or services; you may engage our services without consenting to SMS.
• Technical Data: Server logs that may include IP addresses, browser type, and access timestamps.

2. How We Use Information

We use the collected information for the following purposes:

• Processing and managing booking requests for handyman services.
• Communicating with you about your service requests and scheduling.
• Displaying approved customer reviews on our website.
• Sending automated responses to new leads received through the Thumbtack platform.
• Logging lead and message activity for operational monitoring.
• Sending booking notifications to our team via Telegram (when enabled).
• Sending service-related SMS text messages to customers, including appointment confirmations, quotes, project updates, scheduling coordination, and follow-up communications related to a specific job.
• Improving our services and website experience.

We do not use personal information for marketing to third parties, user profiling, targeted advertising, or any purpose unrelated to providing our handyman services and facilitating communication via the Thumbtack platform.

3. Data Sharing

We do not sell, rent, trade, or otherwise share your personal information with any third parties, except:

• Thumbtack: Data is transmitted back to Thumbtack as part of normal API communication (e.g., sending reply messages to leads).
• Telegram: When enabled, new booking notifications (service details only) may be sent to our private Telegram channel for scheduling purposes.
• Twilio (SMS Provider): Phone numbers and message content are transmitted through Twilio's platform to deliver SMS text messages. Twilio's handling of this data is governed by their Privacy Policy.
• Legal Requirements: We may disclose information if required by law or in response to valid legal process.

4. Data Storage and Security

• All data is stored on a private, access-controlled server.
• The website database (H2) is stored locally with restricted file-system permissions.
• All communications with our website are encrypted via TLS/HTTPS using Let's Encrypt certificates.
• API credentials and OAuth tokens are stored in configuration files with restricted access.
• Thumbtack webhook payloads are verified using HMAC-based secret validation.
• Admin access is protected by password authentication with BCrypt hashing.
• CSRF protection is enabled for all form submissions.

5. Data Retention and Deletion

• Booking data is retained as long as necessary for business operations and record-keeping.
• Customer reviews are retained while they remain relevant and approved.
• Log data is periodically rotated and old logs are removed.
• Thumbtack OAuth tokens are refreshed automatically; old tokens are overwritten.
• Upon termination of our Thumbtack API access or at Thumbtack's request, all Thumbtack-sourced data will be deleted within 5 business days.
• You may request deletion of your personal data by contacting us (see below).

6. Thumbtack API Compliance

Our use of the Thumbtack API is governed by the Thumbtack API Terms of Use. We comply with all applicable data handling requirements, including:

• Using API data only for the purposes described and approved by Thumbtack.
• Not storing data longer than necessary for the stated purpose.
• Deleting all Thumbtack data promptly upon API access revocation.
• Implementing appropriate security measures to protect API data.

7. Your Rights

You have the right to:

• Request information about what personal data we have collected about you.
• Request correction or deletion of your personal data.
• Opt out of receiving automated messages and communications.
• Revoke Thumbtack OAuth authorization at any time through Thumbtack's platform settings.

7a. SMS/Text Messaging Policy

We send transactional SMS (text) messages to communicate about your service request, appointments, and project updates. You opt in to receive these messages by checking the explicit, unchecked "I agree to receive SMS" consent checkbox on our booking form at artur.suleymanov.work/booking, or by directly contacting us via Thumbtack about your own job. Consent to receive SMS messages is not a condition of purchasing any goods or services.

No mobile information will be shared with third parties or affiliates for marketing or promotional purposes. Information sharing with subcontractors who support our services (such as our SMS service provider, Twilio) is permitted solely to deliver the messages you requested. All other categories exclude text-messaging originator opt-in data and consent; this information will not be shared with any third parties.

• Message Types: Appointment confirmations, service quotes, project status updates, scheduling reminders, and follow-up communications.
• Message Frequency: Message frequency varies based on your service requests. Typically 1–5 messages per service interaction.
• Opt-Out: You can opt out of SMS messages at any time by replying STOP to any message. After opting out, you will receive one final confirmation message and no further texts will be sent.
• Help: Reply HELP to any message for assistance, or contact us at the details below.
• Costs: Message and data rates may apply. Check with your mobile carrier for details about your text messaging plan.
• Carriers: Carriers are not liable for delayed or undelivered messages.
• No Sharing: We will never share your phone number or opt-in data with third parties or affiliates for marketing or promotional purposes. Phone numbers are shared only with our SMS service provider (Twilio) for the sole purpose of delivering messages you requested.
• Re-Opt-In: If you opt out, you may opt back in at any time by replying START or by contacting us through the information below.

8. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected data from a child, please contact us immediately.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be reflected by updating the "Last updated" date at the top of this page. Continued use of the Website after changes constitutes acceptance of the updated policy.

10. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

• Website: artur.suleymanov.work
• Email: [email protected]
• Thumbtack: Contact us through our business profile on Thumbtack