Roofing CRM Security and Data Ownership: Who Actually Owns Your Leads

Most roofing owners assume they own all the data in their CRM. Then a rep leaves with a phone full of customer contacts. Then a vendor raises prices 3x and the owner cannot get a clean export. Data ownership in a roofing CRM is not just a legal question, it is an operational one. Answer it before the crisis.

Three Layers of Ownership

Roofing CRM data has three distinct ownership layers that often get confused:

1. Legal ownership: who has the right to use the data, enforceable in court
2. Technical ownership: who can actually access, export, or delete the data
3. Practical ownership: who has it on their phone, in their email, or in their head

Legal ownership is almost always "the company" if your contracts are standard. Technical ownership depends on your CRM vendor's policies. Practical ownership is where leakage happens. Focus on all three.

Legal Ownership

Every rep, subcontractor, and vendor contract needs language covering:

• Customer records, territories, and leads are company property
• No personal use of data after termination
• Non-solicitation of company customers for 12 to 24 months
• Non-compete within a defined geographic radius (if enforceable in your state)
• Data return on termination (phones wiped, backups deleted)

Texas and Florida enforce non-competes in roofing contexts reasonably well. California mostly does not. Check with a local employment attorney before relying on the language.

Technical Ownership

Your CRM vendor controls the database. If they close, get acquired, or decide to triple prices, you have a problem unless you have regular exports. Test the export monthly:

• Customer records in CSV
• Knock logs in CSV
• Territory geometry in GeoJSON
• Notes and photos in a zip archive
• Integration configurations (which fields sync where)

Any vendor that does not offer full export is a vendor you are held hostage to. Walk away at signing, not at renewal.

Row-Level Security (RLS)

In a multi-user CRM, RLS defines who can see what. Proper RLS means:

• Reps see only their own customers, their own territories, their own knocks
• Managers see all reps on their team
• Owners see everything
• Subcontractors see only jobs assigned to them

Without RLS, every rep can see every lead. This is how leaks happen. Departing reps screenshot the full customer list on their way out. RoofKnockers enforces RLS at the database level, so even if a rep tried to hack around the UI, they could not see customers outside their territory.

Practical Ownership

Here is where most owners lose their data. Reps put customer contacts in their personal phones. Managers email spreadsheets to their Gmail. Subcontractors save job photos to their personal Dropbox. None of this is in the CRM. None of this can be recovered if the person leaves.

Prevention:

• Require company phones (or pay a phone stipend that comes with MDM software)
• Ban personal email for business data (use company email only)
• Use a CRM mobile app that does not let reps export contacts to phone contacts
• Run a quarterly data audit: pull exports, cross-check against actual activity

The Rep Offboarding Checklist

Within 24 hours of a rep's last day:

1. Revoke CRM access (web and mobile)
2. Revoke company email access
3. Revoke phone system access
4. Change any shared passwords the rep had
5. Retrieve company phone (if issued)
6. Wipe company phone
7. Export all knock logs and customer records for the rep's territory
8. Reassign territory and customer book to new rep
9. Send "introduction to your new rep" email or SMS to all active customers

Skipping step 9 costs you 30 to 40% of the open pipeline. Homeowners whose rep disappears will assume the job is dead and call a competitor.

Security Compliance

Roofing companies rarely face strict compliance requirements, but a few apply:

• PCI-DSS if you store credit card data (most CRMs use payment processors that handle this)
• State privacy laws (California CCPA, Colorado CPA, Virginia CDPA) if you have customers in those states
• TCPA for SMS and robo-calling (express consent required)
• CAN-SPAM for email marketing (opt-out required)

Your CRM should handle opt-out management automatically. When a homeowner replies STOP to an SMS, that number should be blocked across all reps on the team instantly.

Vendor Security Questions

Before signing with any roofing CRM, ask:

1. Is data encrypted at rest and in transit?
2. Who can access the production database?
3. How often are backups taken?
4. What is the disaster recovery plan?
5. Can we get our data out in a standard format at any time?
6. Do you have a SOC 2 report?

Serious vendors answer all of these in a single call. Vendors who dodge the questions are the ones that will fail you in a crisis.

Insurance for Data Loss

A cyber liability policy costs $1,500 to $4,000 per year for a mid-size roofing company. It covers data breach response, legal fees, and customer notification. For a company that stores 5,000+ customer records, this is cheap insurance.

See also: roofing CRM buyers guide.

FAQ

What if a rep copies customer contacts to their personal phone?

This violates your employment agreement if the contract is properly written. Send a cease and desist. If they still use the data, that is lawsuit territory.

Do we need written permission from customers to share their data with subs?

Yes, in most states. Your contingency agreement should include a data sharing clause that covers subcontractors.

How long should we retain customer data after a job closes?

7 years minimum for warranty and tax purposes. 10 years is safer. After that, archive and purge identifying details.