Exoserva is an AI-native operations platform designed for field service contractors including HVAC, plumbing, and electrical companies. It provides AI-powered voice assistants, smart scheduling and dispatch, automated invoicing, real-time GPS tracking, and customer communication tools. Unlike traditional field service management software, Exoserva uses 12 specialized AI modules that work together to automate day-to-day operations.

How is Exoserva different from ServiceTitan, Jobber, or HouseCall Pro?

Exoserva is built AI-first, not AI-bolted-on. While ServiceTitan, Jobber, and HouseCall Pro added AI features to existing platforms, Exoserva was designed from the ground up with AI at its core. Key differentiators include: AI voice receptionist that answers calls 24/7, AI-powered smart scheduling that optimizes technician routes, automated dispatch that matches the right tech to each job, and predictive maintenance that identifies equipment issues before they fail.

How much does Exoserva cost?

Exoserva offers transparent pricing at $199/tech/month for Founding Members (limited to 50 spots) or $249/tech/month standard. All plans include every AI module, 14-day free trial with no credit card required, and a 90-day money-back guarantee. No contracts and no hidden fees.

Is there a free trial?

Yes, Exoserva offers a 14-day free trial with full access to all AI modules and features. No credit card required. You can explore AI scheduling, voice assistants, automated dispatch, and all other features during the trial period.

What industries does Exoserva support?

Exoserva is built specifically for field service contractors in HVAC, plumbing, and electrical industries. The platform includes industry-specific features: HVAC load calculations and seasonal scheduling, emergency plumbing dispatch with priority routing, and electrical permit tracking with certification-aware technician assignment.

What features does Exoserva include?

Exoserva includes: AI Voice Receptionist (answers calls 24/7), Smart Scheduling and Dispatch (AI-optimized routes), Customer Management (CRM with full history), Invoicing and Payments (automated billing with Stripe), Estimates and Proposals (quick professional estimates), GPS Fleet Tracking (real-time technician locations), Work Order Management, Inventory Management, Vendor Portal, Maintenance Scheduling, Analytics and Reporting, and a Mobile App for field technicians.

How do you spell Exoserva? Is it Exoserve, Exoserv, or ExoServa?

The correct spelling is Exoserva (ex-oh-SER-vah). Common misspellings include Exoserve, Exoserv, ExoServa, Exosrva, and Exo Serva. The name comes from 'Exo' (external/beyond) and 'Serva' (service) — reflecting our mission to go beyond traditional field service management with AI-native operations.

Privacy Policy

Last updated: March 10, 2026

Your Privacy at a Glance

AES-256 encryption for data at rest, TLS 1.3 in transit
Multi-tenant data isolation - your data is never mixed
Export your data anytime in portable format
We never sell your personal information
Voice calls recorded only with caller notification
AI features process data with human oversight and opt-out controls

1Introduction

Knock Knock Contractor LLC, doing business as Exoserva (“we,” “our,” or “us”), is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you access or use the Exoserva platform, including our website, web application, mobile applications, APIs, and any related services (collectively, the “Service”).

Exoserva is a business-to-business (“B2B”) software-as-a-service platform designed for field service companies. In this context, we act as the data controller for account and billing data provided by our business customers (“you” or “your”), and as a data processor for end-consumer data that you store within the Service on behalf of your own customers.

By accessing or using the Service, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree, please discontinue use of the Service immediately. We encourage you to read this policy in full and contact us with any questions.

2Information We Collect

We collect information necessary to provide, maintain, and improve our Service. The categories of information we collect depend on how you interact with Exoserva.

2.1 Account & Registration Data

Full name, email address, and phone number(s)
Company name, business address, and industry classification
Password (hashed using Argon2 — we never store plaintext passwords)
Profile avatar and display preferences
OAuth credentials when you sign in via Google or other identity providers
Billing contact information, subscription tier, and payment method details (see Section 2.6)
Role and permissions within your organization

2.2 Customer & Business Data

As a B2B platform, you may store the following categories of data about your customers and operations:

Customer records: names, addresses, phone numbers, email addresses
Communication preferences including SMS and email consent timestamps
Property records: addresses, property types, service history, equipment inventories
Work orders, jobs, and service records including technician assignments and status
Invoices, estimates, and payment records
Scheduling and calendar data, including appointment preferences
Vendor and subcontractor records
Technician profiles, skills, certifications, and availability

2.3 Voice & Communication Data

If you enable our Voice AI or telephony features, we collect:

Call recordings and AI-generated transcriptions
Call metadata: duration, timestamps, caller/recipient numbers, call direction
AI quality scores and sentiment analysis results
SMS message logs (content, timestamps, delivery status)
Email communication logs sent through the platform

Important: All callers are notified at the start of each call that the conversation may be recorded, in compliance with applicable two-party consent laws.

2.4 Usage & Technical Data

IP address, browser type and version, operating system, and device information
Pages visited, features used, navigation paths, and time spent on each page
AI interaction logs (queries submitted, features invoked, responses received)
Error reports collected via Sentry (no personally identifiable information; session replay data is masked)
Performance metrics and diagnostic data

2.5 Cookies & Tracking Technologies

We use session identifiers, authentication tokens, consent preferences, and reCAPTCHA Enterprise for bot protection. For detailed information, see .

2.6 Payment Data

Stripe customer identifier linked to your account
Last four digits of your payment card (we never store full card numbers, CVV, or full account numbers)
Transaction history, amounts, and billing dates
All payment processing is handled by Stripe, a PCI-DSS Level 1 certified provider

2.7 Third-Party Integration Data

When you connect third-party services, we may receive and store data from those platforms:

HouseCall Pro: customer records, jobs, invoices, scheduling data
Thumbtack: leads, project requests, messaging data
Google Business Profile: reviews, business information, photos
QuickBooks: financial records, customer/vendor data, invoices
Google Calendar: events, availability, scheduling data
DocuSign: document signing status and metadata
Discourse: community forum profile and discussion data

3How We Collect Information

3.1 Directly from You

When you register an account, fill out forms, configure settings, submit support requests, communicate with us via email or chat, or otherwise voluntarily provide information through the Service.

3.2 Automatically

When you access the Service, we automatically collect technical and usage data through cookies, server logs, Sentry error monitoring, reCAPTCHA Enterprise, and — if enabled — voice recording systems. This data is collected to maintain security, diagnose issues, and improve the Service.

3.3 From Third Parties

When you connect integrations (such as HouseCall Pro, Thumbtack, QuickBooks, or Google services), data is imported from those platforms according to the permissions you grant. We also receive information from OAuth identity providers when you use social login, and from Stripe for payment verification.

4Legal Bases for Processing (GDPR)

For individuals in the European Economic Area (EEA), United Kingdom, and Switzerland, we process personal data under the following legal bases pursuant to GDPR Article 6:

4.1 Performance of a Contract

Processing necessary to deliver the Service you have subscribed to, including account management, service delivery, billing, invoicing, data storage, and technical support.

4.2 Consent

Where you have given explicit consent, including: analytics and marketing cookies, marketing email communications, voice call recording, and optional AI-powered features. You may withdraw consent at any time through your Account Settings or by contacting us, without affecting the lawfulness of processing prior to withdrawal.

4.3 Legitimate Interest

Processing necessary for our legitimate interests, where those interests are not overridden by your rights, including: platform security and fraud prevention, product improvement based on anonymized usage analytics, defending legal claims, and quality assurance of AI features using anonymized aggregate data.

4.4 Legal Obligation

Processing required to comply with legal obligations, including: retention of financial records for tax purposes (minimum 7 years per IRS requirements), responding to lawful requests from law enforcement or regulatory authorities, and maintaining audit logs for compliance purposes.

5How We Use Your Information

We use the information we collect for the following purposes, each mapped to a legal basis:

Service Delivery (Contract): Provide, operate, maintain, and improve the Exoserva platform, including all features you have subscribed to
Communication (Contract/Consent): Send transactional emails (account confirmations, invoices, security alerts), and — with your consent — marketing communications about product updates and features
AI-Powered Features (Contract/Consent): Power scheduling optimization, sales assistance, data analysis, voice AI agents, predictive insights, and photo analysis capabilities
Payment Processing (Contract): Process subscriptions, generate invoices, handle refunds, and manage billing through Stripe
Security & Fraud Prevention (Legitimate Interest): Detect and prevent unauthorized access, abuse, fraud, and security threats through reCAPTCHA, rate limiting, and anomaly detection
Service Improvement (Legitimate Interest): Analyze anonymized usage patterns, diagnose errors, conduct A/B testing, and improve platform performance and usability
Legal Compliance (Legal Obligation): Respond to legal requests, enforce our Terms of Service, maintain required records, and fulfill regulatory obligations

7Data Security

We implement comprehensive technical and organizational measures to protect your data against unauthorized access, alteration, disclosure, or destruction.

7.1 Technical Safeguards

AES-256 encryption for data at rest; TLS 1.3 for all data in transit
Multi-tenant data isolation: every database query includes tenant-scoped access controls (tenant_id), ensuring your data is never mixed with other accounts
JWT-based authentication with OAuth 2.0 support and optional two-factor authentication (2FA)
Passwords hashed using Argon2, the current industry-recommended algorithm
Google reCAPTCHA Enterprise for bot and abuse protection at login and registration
Rate limiting and IP-based anomaly detection

7.2 Organizational Safeguards

Role-based access control (RBAC) limiting employee access to data on a need-to-know basis
Regular security audits and code reviews
Automated threat detection and monitoring systems
Data processing agreements (DPAs) with all sub-processors
Employee security awareness training

7.3 Breach Notification

In the event of a personal data breach that poses a risk to your rights and freedoms, we will: (a) notify the relevant supervisory authority within 72 hours as required by GDPR Article 33; (b) notify affected individuals without undue delay when the breach is likely to result in a high risk; and (c) provide details of the breach, its likely consequences, and the remedial measures taken or proposed.

7.4 Your Responsibility

You are responsible for maintaining the confidentiality of your account credentials, configuring appropriate access controls within your organization, and promptly notifying us of any unauthorized use of your account.

8Data Retention

We retain your data only as long as necessary for the purposes described in this policy, or as required by law. Specific retention periods are as follows:

Data Category	Retention Period
Session data	24 hours
Usage & error logs	30 days
AI interaction logs	30 days
Voice recordings & transcripts	Duration of account + 90 days
Business records (jobs, customers, invoices)	Duration of account + 365 days
Financial / tax records	7 years (IRS requirement)
Audit logs	7 years (SOC 2 compliance)

Post-Termination Process

Days 1–30: You may export all your data via Account Settings
Days 31–90: Active data is deleted from production systems
Days 91–180: Backup copies are purged
Data required by law (financial records, audit logs) is retained for the legally mandated period

When determining retention periods, we consider the amount, nature, and sensitivity of the data; the potential risk of harm from unauthorized use or disclosure; the purposes for processing; and applicable legal, regulatory, or contractual requirements.

9Your Rights

9.1 Rights for All Users

Regardless of your location, you have the following rights with respect to your personal data:

Access: Request a copy of the personal data we hold about you
Correction: Request that we update or correct inaccurate or incomplete data
Deletion: Request that we delete your personal data, subject to legal retention requirements
Portability: Receive your data in a structured, commonly used, machine-readable format
Opt-out: Unsubscribe from marketing communications at any time via email links or Account Settings

9.2 Additional Rights for EEA/UK Residents (GDPR)

If you are located in the European Economic Area or the United Kingdom, you additionally have the right to:

Restriction: Request restriction of processing under certain circumstances
Object: Object to processing based on legitimate interests
Withdraw Consent: Withdraw previously given consent at any time
Automated Decision Review: Request human review of decisions made solely by automated means (see )
Lodge Complaint: File a complaint with your local data protection supervisory authority

9.3 How to Exercise Your Rights

You may exercise your rights by emailing support@exoserva.com or through Account Settings > Privacy within the platform. We will respond to verified requests within 30 days. In complex cases, we may extend this period by an additional 60 days with notice to you. We may require identity verification before fulfilling requests. We will not discriminate against you for exercising your privacy rights.

10Cookies & Tracking Technologies

10.1 Types of Cookies

Strictly Necessary: Authentication tokens, CSRF protection, session management, and consent preferences. These cannot be disabled as they are essential for the Service to function.
Analytics: Usage metrics and error reporting via Sentry. These help us understand how the Service is used and identify issues.
Marketing: Minimal use for email campaign tracking. We do not use third-party advertising cookies.

10.2 Technologies Used

localStorage: Consent preferences, authentication tokens, and UI preferences
reCAPTCHA Enterprise: Google’s bot protection service, subject to Google’s Privacy Policy
Sentry Session Replay: Captures masked interaction recordings for error diagnosis (all personally identifiable text and input fields are masked)

10.3 Managing Cookies

You can manage your cookie preferences through our cookie banner displayed on first visit, via the cookie settings link in the page footer, or through your browser settings. Note that disabling strictly necessary cookies may prevent the Service from functioning properly.

We do not use third-party ad trackers and do not participate in advertising exchanges.

11AI & Automated Decision-Making

Exoserva incorporates artificial intelligence features to enhance your business operations. Transparency about how AI processes your data is a core principle.

11.1 AI Features

Our platform may use AI for the following purposes:

Scheduling optimization and appointment recommendations
AI sales agent for lead qualification and customer communication
Business data analysis and reporting insights
Voice AI agents for inbound/outbound call handling
Predictive maintenance recommendations for equipment and assets
Photo analysis for job documentation and quality assessment
Call quality scoring and performance analytics

11.2 How AI Uses Your Data

AI features use your business data to provide context-aware recommendations and insights
AI interaction logs are retained for 30 days for quality assurance, then automatically deleted
We do NOT use your proprietary business data to train foundation AI models that serve other customers
Anonymized, aggregated data may be used to improve overall AI quality and accuracy across the platform

11.3 Human Oversight

AI features are designed to assist, not replace, human decision-making. All AI-generated recommendations require human review before action. You may opt out of specific AI features at any time through Account Settings without affecting your access to the core Service.

11.4 GDPR Article 22 Compliance

We do not make decisions based solely on automated processing that produce legal effects concerning you or similarly significantly affect you. AI-generated predictions, scores, and recommendations are advisory in nature. You have the right to request human review of any AI-assisted decision, obtain an explanation of the logic involved, and contest the outcome.

12International Data Transfers

Your data is primarily processed in the United States, where our infrastructure is hosted on Amazon Web Services. If you are located outside the United States, your data will be transferred to and processed in the US.

For transfers from the EEA, UK, or Switzerland, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission, supplemented by additional safeguards as recommended by the European Data Protection Board (EDPB). All sub-processors are bound by data processing agreements that include appropriate transfer mechanisms.

A copy of the applicable transfer mechanisms is available upon request by contacting support@exoserva.com.

13Children’s Privacy

Exoserva is a B2B platform designed for business use and is not directed at individuals under 18 years of age. We do not knowingly collect personal information from children under 13 (as defined by COPPA) or under 16 (as defined by GDPR). If we discover that we have inadvertently collected data from a child, we will promptly delete it. If you believe a child has provided us with personal information, please contact us at support@exoserva.com.

14California Privacy Rights (CCPA/CPRA)

If you are a California resident, the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) provides you with additional rights regarding your personal information.

14.1 Categories of Personal Information Collected

As defined under Cal. Civ. Code § 1798.80(e), we may collect the following categories:

Identifiers: Name, email address, phone number, IP address, account ID
Commercial Information: Subscription records, purchase history, service usage
Internet/Electronic Activity: Browsing history, search history, interaction data
Geolocation Data: Approximate location derived from IP address
Professional Information: Company name, job title, business role
Audio/Visual Data: Voice recordings and call transcriptions (when Voice AI is enabled)
Inferences: AI-generated insights derived from the above categories

14.2 Your California Rights

Right to Know: Request disclosure of the categories and specific pieces of personal information we have collected
Right to Delete: Request deletion of your personal information, subject to legal exceptions
Right to Correct: Request correction of inaccurate personal information
Right to Opt-Out of Sale/Sharing: Opt out of the sale or sharing of personal information (we do not sell or share your data — see 14.4)
Right to Limit Sensitive PI: Limit the use and disclosure of sensitive personal information
Right to Non-Discrimination: We will not discriminate against you for exercising any of these rights

14.3 Verifiable Requests

To exercise your rights, email support@exoserva.com or use Account Settings > Privacy. We will verify your identity using the email address associated with your account. You may also designate an authorized agent to make a request on your behalf, subject to identity verification of both you and the agent.

14.4 “Do Not Sell or Share My Personal Information”

Knock Knock Contractor LLC does not sell your personal information. We do not share your personal information for cross-context behavioral advertising. As such, there is no need to opt out, but we respect and honor any “Do Not Sell or Share” signal you may transmit (including the Global Privacy Control).

14.5 Financial Incentives

We do not offer financial incentives, price differences, or service-level differences in exchange for the retention or sale of your personal information.

14.6 Shine the Light (Cal. Civ. Code § 1798.83)

We do not disclose personal information to third parties for their direct marketing purposes. If this practice changes, we will update this policy and provide you with the ability to opt out.

15US State Privacy Rights

In addition to California, residents of the following states have specific privacy rights under their respective state laws:

Virginia — Virginia Consumer Data Protection Act (VCDPA)
Colorado — Colorado Privacy Act (CPA)
Connecticut — Connecticut Data Privacy Act (CTDPA)
Utah — Utah Consumer Privacy Act (UCPA)
Texas — Texas Data Privacy and Security Act (TDPSA)
Oregon — Oregon Consumer Privacy Act (OCPA)

These laws generally provide rights to access, delete, correct, and opt out of certain data processing activities. To exercise your rights under any of these laws, contact us at support@exoserva.com. If we deny your request, you have the right to appeal our decision, and we will provide instructions for doing so in our response.

16Third-Party Links

The Service may contain links to third-party websites, applications, or services that are not operated by us. We have no control over, and assume no responsibility for, the content, privacy policies, or practices of any third-party sites or services. We encourage you to review the privacy policies of every site you visit. Following a link to any third-party website is at your own risk.

17Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors.

Material Changes: We will provide at least 30 days’ advance notice via email to the address associated with your account and/or a prominent notification within the Service
Non-Material Changes: Updated “Last updated” date at the top of this page

Your continued use of the Service after the effective date of any changes constitutes your acceptance of the updated policy. If you disagree with any changes, you should discontinue use of the Service and may export your data and close your account through Account Settings.

18Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact our Data Protection Officer:

Email: support@exoserva.com(response within 30 days)
Company: Knock Knock Contractor LLC

EEA Residents: You also have the right to lodge a complaint with your local supervisory authority. A list of EEA data protection authorities is available at edpb.europa.eu.

California Residents: You may contact the California Attorney General for privacy-related concerns at oag.ca.gov/privacy.

Back to signup