Barry

Privacy Policy

Last updated: June 1, 2026

1. Introduction

Kamase Labs Inc., operating as Barry ("Barry," "we," "us," or "our"), is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website at www.hirebarry.com (the "Site"), use our web application at app.hirebarry.com (the "Dashboard"), interact with Barry through messaging channels including SMS, MMS, RCS, Apple Messages (iMessage / Messages for Business), WhatsApp, and Telegram (collectively, the "Messaging Services"), connect third-party integrations, or use any of our related services (collectively, the "Service"). Barry is an AI-powered operations assistant for trades and home services businesses.

Barry is headquartered in Vancouver, British Columbia, Canada. We operate under the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy legislation, including Quebec's Law 25 where it applies. Where our users are located in other jurisdictions, we also respect the principles of the California Consumer Privacy Act, as amended by the California Privacy Rights Act (together, the "CCPA/CPRA"), other U.S. state privacy laws, and the EU and UK General Data Protection Regulation ("GDPR") as applicable.

2. Information We Collect

2.1 Information You Provide Directly

  • Waitlist signup: When you join our waitlist, we collect your email address and the referral source (e.g., direct visit, newsletter, advertisement), and we may record marketing attribution details such as UTM parameters.
  • Account registration: When you create an account, we collect your name, email address, company name, phone number, and billing information.
  • Messaging content: When you or your team members interact with Barry through any of the Messaging Services, we receive and process text messages, photos, voice memos, and other content you send. This content may include project details, site conditions, location data embedded in photos, and voice recordings.
  • Dashboard usage: Information you enter into the Dashboard, including project names, addresses, team member details, task assignments, and notes.
  • Integration data: If you connect a third-party integration, we collect the data you authorize that integration to share with us in order to provide the connected features.
  • Communications: When you contact us at team@hirebarry.com, we retain the content of your correspondence.

2.2 Information Collected Automatically

  • Analytics data: We use PostHog for product analytics. PostHog collects page views, session data, browser type, operating system, referring URLs, and general interaction patterns. We configure PostHog to create person profiles only for identified (logged-in) users.
  • Advertising data: We use Google Ads (Google Tag Manager) to measure the effectiveness of our advertising campaigns. Google may collect information about your visit through cookies and tracking pixels.
  • Server logs: Our hosting infrastructure automatically records IP addresses, request timestamps, and request metadata for security and operational purposes.
  • Photo metadata: Photos sent through the Messaging Services may contain EXIF data, including GPS coordinates, timestamps, and device information. We use this metadata to organize and tag project documentation.

2.3 Information from Third Parties

  • Messaging platforms and carriers: Messages reach us through telecommunications carriers and messaging platforms (such as Apple, Meta/WhatsApp, and Telegram). These providers may pass along sender phone numbers or identifiers and delivery metadata. Messages you send through these platforms are also processed by the platform under its own terms and privacy policy.
  • Connected integrations (including Intuit / QuickBooks): Third-party services you connect to Barry may share data with us as authorized by you. For example, if you connect an Intuit account, we access data from QuickBooks Time and/or QuickBooks Online. Depending on the products you connect and the permissions you grant, this may include team member and employee records, timesheets and time-tracking entries, jobs and projects, schedules, customers, invoices, and estimates. We use data accessed through a connected integration only to provide the Service to you (see "How We Share Your Information" below for how we handle it).
  • Referral sources: If you arrive at our Site through a partner, newsletter (such as the Toolbox Brief), or advertising campaign, we may receive referral information.

2.4 Sensitive Information

Some of the information you submit may be considered sensitive under applicable privacy laws. In particular, precise geolocation (for example, GPS coordinates embedded in photos) and voice recordings and their transcriptions may be treated as sensitive personal information. We collect and use this information only as necessary to provide the Service and as described in this policy. You should avoid submitting sensitive, regulated, or confidential information that you are not permitted to share.

3. How We Use Your Information

We use the information we collect to:

  • Provide the Service: Process messages across the Messaging Services, generate AI reports and summaries, track issues, organize project documentation, and power the Dashboard.
  • Communicate with you: Send waitlist updates, onboarding information, product announcements, and respond to your inquiries.
  • Process AI features: Use your content as input for our AI systems to generate reports, answer questions, and provide recommendations and project insights. We process this content solely to deliver the Service to you (see Section 4).
  • Improve the Service: Analyze usage patterns and feedback to improve features, fix issues, and develop new capabilities. We do not use your content to train or fine-tune our own or any third party's AI models (see Section 4).
  • Ensure security: Detect and prevent fraud, abuse, and unauthorized access. This includes IP-based rate limiting on our waitlist API.
  • Comply with legal obligations: Meet our obligations under applicable laws and respond to lawful requests from authorities.
  • Measure advertising: Understand how users find our Site and measure the effectiveness of our marketing efforts.

4. AI Processing and Automated Recommendations

Barry uses artificial intelligence to generate reports, answer questions, organize project data, and produce recommendations. To do this, we transmit the content you submit ("Inputs") and information derived from it to trusted third-party AI providers, currently Anthropic (Claude), Google (Gemini), and OpenAI (collectively, our "AI Providers"). Your Inputs and the resulting outputs are processed by these AI Providers solely to generate responses for you. Voice memos are transcribed by a third-party speech-to-text provider, currently Deepgram, which processes the recording solely to return a transcript to us.

4.1 No Training on Your Content

We do not use your content to train, fine-tune, or improve our own AI models. We use our AI Providers under their commercial / enterprise API terms, under which, by default, your Inputs and outputs are not used to train or improve their models. AI Providers may retain limited data for a short period (typically 30 days or less) solely for security, abuse-monitoring, and legal-compliance purposes, after which it is deleted.

4.2 Subject to AI Provider Policies

Data processed through our AI features is also subject to the applicable AI Provider's data-usage and privacy terms, available here: Anthropic, Google Gemini, and OpenAI. Our use of AI Providers may change over time; the list in this policy reflects our current providers, and we will update it as our providers change.

4.3 Recommendations Are Decision Support, Not Decisions

Barry's reports, answers, and recommendations are generated through automated processing. They are decision-support tools intended to inform, not replace, human judgment. They are AI-generated and may be incomplete or inaccurate, and they should be reviewed by a qualified person before you rely on them. We do not use automated processing to make decisions about you that produce legal or similarly significant effects without human involvement.

4.4 Your Rights Regarding Automated Processing

Where applicable law grants them (including under the GDPR and the CCPA/CPRA), you have the right to obtain meaningful information about the logic involved in our automated processing, to request human review of and to contest an automated recommendation, and, where required, to opt out. To exercise these rights, contact us at team@hirebarry.com.

5. Messaging Channels

Barry interacts with you across several messaging channels. Each channel is operated by a third party that processes your messages under its own terms and privacy policy, and certain disclosures differ by channel:

  • SMS / MMS / RCS: Messages are delivered through telecommunications carriers and our messaging gateway providers. Standard message and data rates from your carrier may apply. You can opt out of messages at any time by replying STOP (or any reasonable opt-out request, such as STOP, END, CANCEL, UNSUBSCRIBE, or ARRÊT), and you can reply HELP for assistance. No mobile information, including text-messaging opt-in data and consent, is shared with third parties or affiliates for marketing or promotional purposes.
  • Apple Messages (iMessage / Messages for Business): Messages are transmitted and processed by Apple in accordance with Apple's terms and privacy policy. Apple Messages for Business is internet-based, so carrier message-and-data-rate charges do not apply to this channel.
  • WhatsApp: Messages are transmitted and processed by WhatsApp / Meta Platforms in accordance with Meta's terms and privacy policy. We message you on WhatsApp only after you opt in, and we use the content of your WhatsApp messages solely to provide the Service. Meta may apply automated and human review to reported messages and to unencrypted profile information to enforce its policies. You can opt out at any time by messaging us or contacting team@hirebarry.com.
  • Telegram: Messages sent to our Telegram bot are transmitted and processed by Telegram in accordance with Telegram's terms and privacy policy. We store the content you send only as long as necessary to provide the Service and will delete it upon your request, upon cessation of the bot, or when retention is no longer necessary. We do not use your Telegram data to build datasets or train AI models.

You are responsible for ensuring that everyone who interacts with Barry through the Messaging Services on your behalf is aware of, and consents to, this Privacy Policy and our Terms of Service.

6. How We Share Your Information

We do not sell your personal information, and we do not share it for cross-context behavioral advertising. We do not disclose your content to third parties except to the service providers and subprocessors who process data only on our behalf and on our instructions to deliver the Service. We keep your data internally for the benefit of operating and improving our own product. Specifically, we share information only in the following circumstances:

  • Service providers and subprocessors: We work with trusted third parties who help us operate the Service. These currently include:
    • Supabase (database, storage, and authentication hosting)
    • Vercel (website and application hosting)
    • Resend (transactional email delivery)
    • PostHog (product analytics)
    • Google (advertising measurement)
    • Messaging gateway providers and platforms (SMS/MMS/RCS, Apple, WhatsApp/Meta, Telegram message delivery)
    • AI Providers — Anthropic, Google, and OpenAI (content processing and AI-generated outputs)
    • Deepgram (voice-to-text transcription)
    • Mapbox (address geocoding and reverse-geocoding of location data, including GPS coordinates embedded in photos)
    These providers are contractually obligated to use your information only as necessary to provide their services to us, to keep it confidential, and not to use it for their own purposes.
  • Connected integrations you authorize (including Intuit and QuickBooks): When you connect a third-party integration — for example, QuickBooks Time or QuickBooks Online — data is exchanged between Barry and that service at your direction so we can provide the connected features. We use data accessed through the Intuit integration solely to provide and support the Service for you and the account that owns the connected data; we do not sell it, use it for advertising, or use it to train, fine-tune, or improve AI models. Our access to and use of Intuit data is conducted in compliance with the applicable Intuit Developer terms, and your use of QuickBooks Time, QuickBooks Online, and other Intuit products is also governed by Intuit's own terms and privacy policy. You can disconnect an integration at any time through the Dashboard or your account with the third party; when you disconnect, we stop accessing that account and handle previously retrieved data in accordance with our data retention practices (see Section 8).
  • Within your organization: Project data is shared among team members within the same account, as this is core to how the Service works.
  • Legal requirements: We may disclose your information if required by law, subpoena, court order, or government request, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
  • Business transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.

7. Cookies and Tracking Technologies

Our Site uses the following tracking technologies:

  • PostHog analytics: Sets cookies and uses local storage to track sessions and page views. Configured to create person profiles only for identified users.
  • Google Ads (gtag.js): Uses cookies to measure advertising conversions and attribute website visits to ad campaigns. Where required, we operate Google Consent Mode so that advertising and analytics tags respect your consent choices.
  • Essential cookies: Required for basic site functionality, authentication, and security.

You can control cookies through your browser settings. Where required by law, we obtain your consent before setting non-essential cookies, and we honor recognized opt-out preference signals, including the Global Privacy Control (GPC). Disabling cookies may affect your ability to use certain features of the Service.

8. Data Retention

We retain your information for as long as necessary to provide the Service and fulfill the purposes described in this policy. Specifically:

  • Active accounts: Project data, messaging content, and account information are retained for the duration of your subscription.
  • After account termination: You may request an export of your data for up to 30 days after termination. After that period, we will delete your project data within 90 days, except where retention is required by law.
  • Connected integration data: Data we access through a connected integration (such as the Intuit integration) is retained only while the integration is connected and needed to provide the Service. When you disconnect an integration, we stop accessing it and delete or de-identify the previously retrieved data within 90 days, except where retention is required by law.
  • Waitlist data: Email addresses submitted to the waitlist are retained until you are onboarded or you request removal.
  • Analytics data: Aggregated and de-identified analytics data may be retained indefinitely for product improvement purposes.
  • Server logs: Automatically collected server logs are retained for up to 90 days for security and operational purposes.
  • AI Provider processing: As noted in Section 4, our AI Providers retain Inputs and outputs only briefly (typically 30 days or less) for security and abuse-monitoring before deletion.

9. Data Security

We implement industry-standard security measures to protect your information, including encryption in transit (TLS/SSL), encryption at rest for stored data, access controls, and regular security reviews. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

If we become aware of a breach of security safeguards involving your personal information that poses a real risk of significant harm, we will notify you and the appropriate authorities as required by applicable law. If you become aware of a security incident involving your account, please contact us immediately at team@hirebarry.com.

10. Your Privacy Rights

10.1 Rights Under PIPEDA and Quebec Law 25 (Canada)

As a Canadian company, we comply with PIPEDA and, where applicable, Quebec's Law 25. You have the right to:

  • Access your personal information held by us.
  • Request correction of inaccurate personal information.
  • Withdraw consent for the collection, use, or disclosure of your personal information (subject to legal and contractual restrictions).
  • Request portability of your personal information, where applicable.
  • File a complaint with the Office of the Privacy Commissioner of Canada or, in Quebec, the Commission d'accès à l'information.

Kamase Labs Inc.'s privacy officer is responsible for our compliance with applicable privacy law and can be reached at team@hirebarry.com.

10.2 Rights Under U.S. State Privacy Laws (including California)

If you are a resident of California or another U.S. state with a comprehensive privacy law, you may have the right to:

  • Know and access the personal information we collect, use, and disclose, and the categories and purposes involved.
  • Request deletion or correction of your personal information.
  • Obtain a portable copy of your personal information.
  • Opt out of the sale or sharing of personal information and of targeted advertising. We do not sell or share your personal information for these purposes.
  • Limit the use and disclosure of your sensitive personal information to what is necessary to provide the Service.
  • Opt out of profiling in furtherance of decisions that produce legal or similarly significant effects.
  • Appeal a denial of your request, and not be discriminated against for exercising your rights.

You have the right to limit our use and disclosure of your sensitive personal information to only what is necessary to provide the Service. We honor the Global Privacy Control (GPC) as a valid opt-out signal. You may submit a request through an authorized agent; we may take reasonable steps to verify the request. To exercise any of these rights, contact us at team@hirebarry.com.

10.3 Rights Under GDPR (EU / UK)

If you are located in the EU, EEA, or UK, you have the right to:

  • Access, correct, or delete your personal data.
  • Restrict or object to processing of your personal data.
  • Data portability (receive your data in a structured, machine-readable format).
  • Withdraw consent at any time.
  • Lodge a complaint with your local data protection authority (in the UK, the Information Commissioner's Office).

Our legal bases for processing personal data under the GDPR include: performance of a contract (providing the Service), legitimate interests (improving and securing the Service), consent (marketing communications and, where applicable, processing of special-category data), and compliance with legal obligations.

11. International Data Transfers

Your information may be processed and stored in Canada, the United States, or other countries where our service providers operate. When your data is transferred outside your jurisdiction, we ensure appropriate safeguards are in place, including reliance on adequacy decisions or Standard Contractual Clauses for transfers from the EU/UK, and contractual protections requiring our service providers to maintain a comparable level of protection as required by PIPEDA. Where Quebec's Law 25 applies, we disclose that your information may be transferred outside Quebec.

12. Children's Privacy

The Service is not directed at individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us at team@hirebarry.com and we will promptly delete it.

13. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date at the top of this page and, where appropriate, notify you via email or through the Service. We encourage you to review this policy periodically.

14. Contact Us

If you have questions about this Privacy Policy, want to exercise your privacy rights, or have concerns about how we handle your personal information, please contact us at:

Kamase Labs Inc.
Vancouver, BC, Canada
Email: team@hirebarry.com

For complaints regarding your privacy rights under PIPEDA, you may also contact the Office of the Privacy Commissioner of Canada at www.priv.gc.ca.