Technicians work on cars, not people. Every screen, printout and message they see is shaped by one rule: the vehicle, not the person.
The rule
When the user making an API request is in the Technician role, Pistonlog strips customer name, email, phone, address and notes (plus the business equivalents) from the response payload before it leaves the server. This is in src/lib/auth/pii.ts in the foundry — keyed on roleName === "Technician", not on which device or app the request came from.
Same strip applies everywhere a technician interacts with jobcard data: the web kanban, the jobcard detail page, the my-work feed, the mobile app, anywhere /api/jobcards* is called.
Where the rule applies
Technician printouts
Printed work orders and job sheets show registration, make/model, mileage, and the list of jobs / parts / labour — nothing about the owner. No customer name, no contact details.
The web app (jobcard / kanban / my-work)
A technician viewing the workflow board, opening a jobcard, or looking at My Work sees the vehicle and the work — but not the customer name or contact details on jobcard surfaces. The PII strip applies regardless of platform; technicians aren't a special case on mobile.
The mobile app
Same strip. Technicians on mobile see the same redacted view they'd see on web.
The standalone customer list is the exception
A technician with the default seeded role does hold the customers.view permission, which means they can open the standalone Customer list / Customer record pages (/customers) where the PII strip currently doesn't apply. That's a deliberate carve-out so reception and floor staff using the same web app aren't fighting over different views — but it does mean a curious technician can navigate to a customer record directly. If that's a concern, remove customers.view from your Technician role.
Why we do this
It keeps the customer relationship in the front office where it belongs, and keeps job sheets focused on the work. It also makes the printout safe to leave on a vehicle, on a desk, or in a public area of the workshop without exposing customer contact details. Owner roles bypass the strip entirely.