Security & Data Handling Policy

Effective date: June 1, 2025

1. Overview

We take reasonable measures to protect information stored in CleanQuote AI. This policy summarizes our approach.

2. Encryption in Transit

Traffic between your browser and the Service is protected using industry-standard TLS/HTTPS encryption.

3. Password Protection

Account passwords are hashed using the bcrypt algorithm and are never stored in plain text. Password-reset links are single-use and expire after one hour. Changing your password invalidates existing sessions.

4. Access Controls

Access to the Service requires authentication. Your account data (customers, quotes, invoices, and settings) is scoped to your account and is not accessible to other users.

5. Payment Data

Card payments are handled by Stripe, a PCI-DSS Level 1 certified provider. We do not store full card numbers.

6. Data Minimization & Retention

We collect only the information needed to operate the Service and retain it while your account is active or as needed to provide the Service. You may request deletion of your account and data.

7. Incident Response

If we become aware of a data breach affecting your information, we will take steps to address it and will notify affected users as required by applicable law.

8. Your Responsibilities

Use a strong, unique password, keep your credentials confidential, and notify us promptly of any suspected unauthorized access.

9. Contact

Report a security concern to support@quoteitclean.com.

© 2026 CleanQuote AI