Privacy Policy

Last Updated: April 7, 2026

CLIENTCHECK PRIVACY POLICY Last Updated: April 7, 2026 Client Intelligence LLC, a Florida limited liability company doing business as ClientCheck ("ClientCheck," "we," "us," or "our"), is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our web application, mobile applications (iOS and Android), APIs, and related services (collectively, the "Service"). By using the Service, you consent to the data practices described in this policy. If you do not agree, please do not use the Service. 1. INFORMATION WE COLLECT 1.1 Information You Provide Directly a) Account Information: Full name, email address, phone number, and password when you create an account. b) Business Information: Business name, Employer Identification Number (EIN), trade category, secondary trades, contractor license number and state, business address, phone, website, and years in business. c) Verification Documents: Business license documentation and EIN documentation uploaded during the verification process. These are stored privately and reviewed by platform administrators. d) Review Content: Structured ratings (payment reliability, communication, respectfulness, scope adherence), project details (type, value range, duration, contract type), payment information (invoice paid status, days to payment, payment method, disputes), and limited free-text comments (280 characters). e) CRM and Client Data: Client names, email addresses, phone numbers, company names, and addresses that you enter into the CRM system. f) Financial Data: Invoice details, expense records (receipts, mileage, categories), estimates, budget information, and change orders that you create within the Service. g) Documents and Files: Job site photos, construction drawings, equipment records, daily field logs, safety reports, lien waivers, warranties, RFI documents, and digital signatures that you upload or create. h) Communications: Messages sent through in-app conversations, forum posts, and community content. 1.2 Information Collected Automatically a) Device and Usage Data: Device type, operating system, browser type, app version, pages visited, features used, time spent, and interaction patterns. b) IP Address: Collected with each review submission and digital signature for fraud prevention and security purposes. c) User Agent: Browser and device identification string collected with reviews and digital signatures. d) Search History: Search queries, filters applied, and number of results returned, associated with your account. e) Session Data: Authentication tokens stored securely on your device via encrypted storage (expo-secure-store on mobile, secure cookies on web). 1.3 Location Data a) GPS Coordinates: Collected when you use location-based features (geofencing, location-verified clock-in/out, job site mapping). We collect latitude, longitude, accuracy, and distance from job site. b) Location Events: Clock-in, clock-out, geofence entry/exit, and manual check-in events with timestamps. c) Location Preferences: Your settings for location tracking, geofence notifications, and default geofence radius. d) Location data is collected ONLY with your explicit device permission. You may revoke location permissions at any time through your device settings. On iOS we request "When in use" access for clock-in verification, map distance checks, and job-site geofence validation while you actively use the app. 1.4 Information from Third-Party Integrations a) Google Calendar: When you connect Google Calendar, we access your calendar events to sync job scheduling data. We store OAuth tokens securely. b) QuickBooks Online: When you connect QuickBooks, we exchange client, invoice, and payment data for accounting synchronization. We store OAuth tokens securely. c) Stripe: We receive payment event data (web/Android subscription status, payment confirmations, Connect account status) from Stripe. We do NOT store your full credit card numbers. d) Apple App Store: For iOS subscriptions we receive transaction identifiers, product identifiers, purchase/renewal status, and timestamps from Apple via StoreKit/App Store Server APIs. 1.5 Public Records Data We import publicly available data from government databases including building permits, code violations, federal and state court records, property records, mechanics liens, and tax records from municipalities across the United States. This data is matched to client profiles using name and location similarity algorithms. No user personal data is shared with these data sources. 2. HOW WE USE YOUR INFORMATION a) To provide, operate, and maintain the Service, including account creation, business verification, and feature access. b) To display reviews, aggregate scores, and client profiles to other verified contractors. c) To facilitate payments between contractors and clients via Stripe Connect. d) To synchronize data with connected third-party services (Google Calendar, QuickBooks). e) To send transactional communications: account notifications, invoice emails, team invites, job reminders, review requests, bid invitations, and settlement notices. f) To detect, investigate, and prevent fraud, abuse, and security incidents, including IP logging on reviews and digital signatures. g) To enforce our Terms of Service, moderate content, and process consumer responses. h) To improve the Service through aggregated usage analysis. i) To provide AI-powered features (business intelligence chat assistant) by processing your queries and relevant business context. j) To match public records data to client profiles for informational display. k) To process geolocation data for job site verification and crew management features. 3. HOW WE SHARE YOUR INFORMATION 3.1 With Other Users a) Your business name, trade category, verification status, and portfolio images are visible to other users on the contractor directory. b) Reviews you submit are visible to other verified contractors, subject to subscription tier limitations (Free tier sees masked names; Professional and Enterprise see full names). c) Forum posts and community content are visible to other users. 3.2 With Service Providers We share information with the following third-party service providers who process data on our behalf: | Provider | Purpose | Data Shared | |----------|---------|-------------| | Supabase | Cloud infrastructure, database, authentication, file storage | All Service data (hosted on Supabase infrastructure) | | Stripe | Payment processing, web/Android subscription billing, contractor payouts | Name, email, payment details, transaction data | | Apple App Store | iOS subscription billing and renewal status | Transaction identifiers, product identifiers, subscription status, timestamps | | Resend | Transactional email delivery | Recipient email, notification content | | Twilio | SMS notifications | Phone number, message content | | OpenAI | AI chat assistant | User queries and business context for AI responses | | Vercel | Web application hosting | Standard web request data | | Expo (EAS) | Mobile app builds and OTA updates | Device info for update delivery | 3.3 With Reviewed Consumers When a review is submitted, the reviewed consumer may receive a notification including the existence of the review and an opportunity to respond. Reviewer identity is not disclosed to reviewed consumers. 3.4 Legal and Safety Disclosures We may disclose your information: (a) when required by law, subpoena, or legal process; (b) to protect the rights, safety, or property of ClientCheck, our users, or the public; (c) to enforce our Terms of Service; (d) in connection with a merger, acquisition, or sale of assets. 3.5 We Do Not Sell Your Personal Information We do not sell, rent, or trade your personal information to third parties for their marketing purposes. 4. DATA SECURITY a) All data is encrypted in transit using TLS/SSL. b) Database access is protected by Row-Level Security (RLS) policies ensuring multi-tenant data isolation -- users can only access data belonging to their business. c) Verification documents and evidence files are stored in private storage buckets accessible only to the uploading user and platform administrators. d) EIN numbers are used solely for verification and are never publicly displayed. e) Authentication credentials are managed through Supabase Auth with secure password hashing. f) We conduct regular security reviews and maintain access controls for all system components. g) While we implement industry-standard security measures, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security. 5. DATA RETENTION a) Account data is retained as long as your account is active. b) When you request account deletion (Settings > Delete Account), your account access is disabled while your request is processed and your data is removed in accordance with this policy, subject to legal retention exceptions. c) Reviews you submitted may be retained in anonymized or aggregated form even after account deletion, as they form part of the collective experience record. d) We may retain certain data after account deletion as required for legal compliance, dispute resolution, fraud prevention, or enforcement of our Terms. e) Verification documents may be retained for a reasonable period after account deletion for compliance purposes. f) Team invitations expire automatically after 7 days. Consumer response requests expire after 30 days. g) IP addresses and user agent data associated with reviews are retained for the life of the review for fraud prevention purposes. 6. YOUR RIGHTS AND CHOICES 6.1 All Users a) Access: View your profile, reviews, and account data at any time through the Service. b) Correction: Update your profile, business information, and preferences through Settings. c) Deletion: Request account deletion through Settings > Delete Account. d) Data Portability: Contact us at support@client-c.com to request a copy of your data in a portable format. e) Notification Preferences: Control how you receive notifications (in-app, email, SMS) for each notification type through Settings. f) Location Controls: Manage location tracking, geofence notifications, and related preferences through in-app settings and device permissions. g) Integration Management: Connect or disconnect third-party integrations at any time through Settings. 6.2 California Residents (CCPA/CPRA) If you are a California resident, you have additional rights under the California Consumer Privacy Act: a) Right to Know: You may request the categories and specific pieces of personal information we have collected about you. b) Right to Delete: You may request deletion of your personal information, subject to certain exceptions. c) Right to Opt-Out of Sale: We do not sell personal information. No opt-out is necessary. d) Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights. To exercise these rights, contact us at support@client-c.com or submit a request through Settings. We will verify your identity before processing requests. 6.3 Consumer Rights (Reviewed Individuals) Individuals who are the subject of reviews on the platform have the right to: a) Be notified when a review is submitted about them. b) Respond to reviews with structured feedback. c) Report reviews that violate our Terms of Service. d) Request information about what data is associated with their profile by contacting support@client-c.com. 7. COOKIES AND TRACKING TECHNOLOGIES a) The mobile application does not use browser cookies. Session management uses secure device storage (expo-secure-store). b) The web application uses essential session cookies for authentication. We do not use third-party advertising cookies. c) We may collect device identifiers for analytics and security purposes. d) We use third-party service providers for analytics and error monitoring (for example, PostHog and Sentry). These tools are used for product analytics, reliability, and security diagnostics, not behavioral advertising. e) Where required by law or platform policy, analytics processing is controlled by in-app consent settings. 8. AI-POWERED FEATURES a) The Service includes AI-powered features (including AI chat and Smart Estimate assistance) powered by OpenAI. b) When you use AI-powered features, your prompts and relevant business context are sent to OpenAI for processing. c) AI processing is disabled unless you explicitly enable Third-Party AI Processing in Settings > Privacy & Data. d) We do not use your data to train third-party AI models. OpenAI processes data under our data processing agreement. e) AI responses are generated content and should not be relied upon as professional, legal, or financial advice. 9. PUBLIC RECORDS DATA a) The Service displays publicly available records (building permits, code violations, court records, property records, liens, tax data) sourced from government databases across the United States. b) This data is imported through automated pipelines and matched to client profiles using name and location similarity. c) Public records may contain inaccuracies due to source data quality or matching algorithms. We do not independently verify public records data. d) Public records data is provided for informational purposes only and is NOT a consumer report under the FCRA. e) If you believe public records data displayed on the Service is inaccurate, contact us at support@client-c.com. 10. CHILDREN'S PRIVACY The Service is not intended for users under 18 years of age. We do not knowingly collect personal information from minors. If you believe a minor has provided us personal information, contact us at support@client-c.com and we will take steps to delete such information. 11. INTERNATIONAL USERS The Service is currently designed for and operated within the United States. All data is processed and stored in the United States. If you access the Service from outside the United States, you consent to the transfer and processing of your data in the United States, which may have different data protection laws than your jurisdiction. 12. CHANGES TO THIS PRIVACY POLICY a) We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. b) Material changes will be communicated via email or in-app notification at least 14 days before taking effect. c) Your continued use of the Service after the effective date of an updated policy constitutes acceptance. d) We encourage you to review this policy periodically. 13. CONTACT US For privacy inquiries, data access requests, or security concerns: Email: support@client-c.com Address: Client Intelligence LLC (dba ClientCheck), Florida, United States If you have an unresolved privacy concern that we have not addressed satisfactorily, you may contact your local data protection authority.