Barry

Privacy Policy

Last updated: March 15, 2026

1. Introduction

Kamase Labs Inc., operating as Barry ("Barry," "we," "us," or "our"), is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website at www.hirebarry.com (the "Site"), use our web application at app.hirebarry.com (the "Dashboard"), interact with our SMS-based AI tools (the "SMS Service"), or use any of our related services (collectively, the "Service").

Barry is headquartered in Vancouver, British Columbia, Canada. We operate under the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy legislation. Where our users are located in other jurisdictions, we also respect the principles of the California Consumer Privacy Act (CCPA) and the EU General Data Protection Regulation (GDPR) as applicable.

2. Information We Collect

2.1 Information You Provide Directly

  • Waitlist signup: When you join our waitlist, we collect your email address and the referral source (e.g., direct visit, newsletter, advertisement).
  • Account registration: When you create an account, we collect your name, email address, company name, phone number, and billing information.
  • SMS content: When crew members interact with Barry via SMS, we receive and process text messages, photos, and voice memos. This content may include project details, site conditions, location data embedded in photos, and voice recordings.
  • Dashboard usage: Information you enter into the Dashboard, including project names, addresses, team member details, task assignments, and notes.
  • Communications: When you contact us at team@hirebarry.com, we retain the content of your correspondence.

2.2 Information Collected Automatically

  • Analytics data: We use PostHog for product analytics. PostHog collects page views, session data, browser type, operating system, referring URLs, and general interaction patterns. We configure PostHog to create person profiles only for identified (logged-in) users.
  • Advertising data: We use Google Ads (Google Tag Manager) to measure the effectiveness of our advertising campaigns. Google may collect information about your visit through cookies and tracking pixels.
  • Server logs: Our hosting infrastructure automatically records IP addresses, request timestamps, and request metadata for security and operational purposes.
  • Photo metadata: Photos sent via SMS may contain EXIF data, including GPS coordinates, timestamps, and device information. We use this metadata to organize and tag project documentation.

2.3 Information from Third Parties

  • SMS carriers: We receive messages routed through telecommunications providers, which may include sender phone numbers and delivery metadata.
  • Referral sources: If you arrive at our Site through a partner, newsletter (such as the Toolbox Brief), or advertising campaign, we may receive referral information.

3. How We Use Your Information

We use the information we collect to:

  • Provide the Service: Process SMS messages, generate AI daily reports, track issues, organize project documentation, and power the Dashboard.
  • Communicate with you: Send waitlist updates, onboarding information, product announcements, and respond to your inquiries.
  • Process AI features: Use your content as input for our AI systems to generate reports, answer crew questions, and provide project insights. We process this content solely to deliver the Service to you.
  • Improve the Service: Analyze usage patterns and feedback to improve features, fix issues, and develop new capabilities.
  • Ensure security: Detect and prevent fraud, abuse, and unauthorized access. This includes IP-based rate limiting on our waitlist API.
  • Comply with legal obligations: Meet our obligations under applicable laws and respond to lawful requests from authorities.
  • Measure advertising: Understand how users find our Site and measure the effectiveness of our marketing efforts.

4. How We Share Your Information

We do not sell your personal information. We share your information only in the following circumstances:

  • Service providers: We work with trusted third parties who help us operate the Service. These include:
    • Supabase (database and authentication hosting)
    • Resend (transactional email delivery)
    • PostHog (product analytics)
    • Google (advertising measurement)
    • Vercel (website hosting)
    • SMS gateway providers (message delivery)
    • AI model providers (content processing)
    These providers are contractually obligated to use your information only as necessary to provide their services to us.
  • Within your organization: Project data is shared among team members within the same account, as this is core to how the Service works.
  • Legal requirements: We may disclose your information if required by law, subpoena, court order, or government request, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
  • Business transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.

5. Cookies and Tracking Technologies

Our Site uses the following tracking technologies:

  • PostHog analytics: Sets cookies and uses local storage to track sessions and page views. Configured to create person profiles only for identified users.
  • Google Ads (gtag.js): Uses cookies to measure advertising conversions and attribute website visits to ad campaigns.
  • Essential cookies: Required for basic site functionality, authentication, and security.

You can control cookies through your browser settings. Disabling cookies may affect your ability to use certain features of the Service. Most browsers allow you to refuse cookies or alert you when cookies are being sent.

6. Data Retention

We retain your information for as long as necessary to provide the Service and fulfill the purposes described in this policy. Specifically:

  • Active accounts: Project data, SMS content, and account information are retained for the duration of your subscription.
  • After account termination: You may request an export of your data for up to 30 days after termination. After that period, we will delete your project data within 90 days, except where retention is required by law.
  • Waitlist data: Email addresses submitted to the waitlist are retained until you are onboarded or you request removal.
  • Analytics data: Aggregated and anonymized analytics data may be retained indefinitely for product improvement purposes.
  • Server logs: Automatically collected server logs are retained for up to 90 days for security and operational purposes.

7. Data Security

We implement industry-standard security measures to protect your information, including encryption in transit (TLS/SSL), encryption at rest for stored data, access controls, and regular security reviews. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

If you become aware of a security incident involving your account, please contact us immediately at team@hirebarry.com.

8. Your Privacy Rights

8.1 Rights Under PIPEDA (Canada)

As a Canadian company, we comply with PIPEDA. You have the right to:

  • Access your personal information held by us.
  • Request correction of inaccurate personal information.
  • Withdraw consent for the collection, use, or disclosure of your personal information (subject to legal and contractual restrictions).
  • File a complaint with the Office of the Privacy Commissioner of Canada.

8.2 Rights Under CCPA (California)

If you are a California resident, you have the right to:

  • Know what personal information we collect, use, and disclose.
  • Request deletion of your personal information.
  • Opt out of the sale of your personal information. Note: we do not sell personal information.
  • Not be discriminated against for exercising your privacy rights.

8.3 Rights Under GDPR (European Economic Area)

If you are located in the EEA, you have the right to:

  • Access, correct, or delete your personal data.
  • Restrict or object to processing of your personal data.
  • Data portability (receive your data in a structured, machine-readable format).
  • Withdraw consent at any time.
  • Lodge a complaint with your local data protection authority.

Our legal bases for processing personal data under the GDPR include: performance of a contract (providing the Service), legitimate interests (improving and securing the Service), consent (marketing communications), and compliance with legal obligations.

9. International Data Transfers

Your information may be processed and stored in Canada, the United States, or other countries where our service providers operate. When your data is transferred outside your jurisdiction, we ensure appropriate safeguards are in place, including contractual protections with our service providers.

10. Children's Privacy

The Service is not directed at individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us at team@hirebarry.com and we will promptly delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date at the top of this page and, where appropriate, notify you via email or through the Service. We encourage you to review this policy periodically.

12. Contact Us

If you have questions about this Privacy Policy, want to exercise your privacy rights, or have concerns about how we handle your personal information, please contact us at:

Kamase Labs Inc.
Vancouver, BC, Canada
Email: team@hirebarry.com

For complaints regarding your privacy rights under PIPEDA, you may also contact the Office of the Privacy Commissioner of Canada at www.priv.gc.ca.