Legal
Privacy Policy
Last updated: June 12, 2026
CanvassLocal (“CanvassLocal,” “we,” “us,” or “our”) provides field-canvassing and campaign-management software for local political candidates and their teams, delivered through our web dashboard and our mobile app (together, the “Service”). This policy explains what we collect, how we use it, and the choices you have.
It covers people who sign up for and administer a campaign (“Customers”) and volunteers who use the app to canvass. It is not a contract; your use of the Service is governed by your agreement with us.
Information we collect
Account information. When you create an account we collect your name, email address, and an encrypted password (managed by our authentication provider, Supabase). For team members, we record the campaign you belong to and your role.
Campaign and voter data. Customers upload voter lists — typically sourced from publicly available voter files — which may include names, addresses, party affiliation, and contact history. We process this data on behalf of the Customer, who controls it and is responsible for using it lawfully. We do not sell it and do not use it to build profiles of our own.
Canvassing activity. When a volunteer logs a door knock, we store the response — such as support level, sentiment, and notes — and, where a resident affirmatively opts in at the door, the contact details and consent they provide.
Location data (mobile app). With your permission, the mobile app uses your device location while you are using the app to show your position on the canvassing map and to follow your walk route. This location is used on-device to power the map; we do not use it for advertising and do not track you in the background. You can revoke this permission at any time in your device settings.
Payment information. Paid plans and usage-based AI credits are billed through Stripe. Stripe collects and processes your card details directly; we receive only limited information such as the last four digits, card brand, and billing status. We never store full card numbers.
Usage and device data. To operate and improve the Service we collect product-analytics events (via PostHog) and crash and error diagnostics (via Sentry), including app version, device type, and interactions within the app.
How we use information
We use the information above to:
- provide, maintain, and secure the Service and your account;
- display canvassing maps, walk lists, and campaign analytics;
- generate suggested voter-outreach messages, when you use our AI message-crafting feature (see below);
- process payments and meter usage-based AI credits;
- diagnose problems, prevent abuse, and improve features; and
- communicate with you about your account and service updates.
AI message crafting
If you use our AI message-crafting feature, the prompt you submit — which may include campaign issues and tone preferences — is sent to our AI provider, Anthropic, to generate suggested copy. We pass only what is needed to produce the suggestion and do not send raw voter lists for this purpose. Suggestions are drafts for you to review and edit before use.
How information is shared
We do not sell personal information. We share it only with service providers that help us run the Service, each bound to protect it and use it only for us:
- Supabase — database, authentication, and storage;
- Vercel — web hosting and delivery;
- Stripe — payment processing;
- Anthropic — AI message generation;
- Mapbox — maps and geolocation display;
- PostHog — product analytics;
- Sentry — crash and error monitoring.
We may also disclose information if required by law, to enforce our terms, or to protect the rights and safety of our users and the public. If we are involved in a merger or acquisition, information may transfer as part of that transaction.
Data retention
We keep account and campaign data for as long as your account is active. Customers can delete voter records and campaign data from the dashboard. When an account is closed, we delete or de-identify associated personal data within a reasonable period, except where we must retain it to meet legal, accounting, or security obligations.
Security
Data is encrypted in transit (HTTPS) and at rest by our infrastructure providers. Access is restricted with role-based controls and authentication. No system is perfectly secure, but we work to protect your information and to notify you of incidents where required by law.
Your choices and rights
You can access and update your account information in the dashboard, revoke location permission in your device settings, and request deletion of your account by contacting us. Depending on where you live (for example, California or the EU/UK), you may have additional rights to access, correct, delete, or restrict processing of your personal information, and to appeal a decision. To exercise these rights, email us at [email protected].
For voter data that a campaign uploaded, the campaign is the controller; we will refer requests about that data to the relevant campaign.
Children
The Service is intended for use by candidates, campaign staff, and adult volunteers. It is not directed to children, and we do not knowingly collect personal information from anyone under 13.
Changes to this policy
We may update this policy from time to time. When we do, we will revise the “Last updated” date above and, for material changes, provide additional notice. Continued use of the Service after an update means you accept the revised policy.
Contact us
Questions about this policy or your data? Email [email protected] or visit our support page.