Privacy Policy

Effective: May 25, 2026 · Version 2026-05-25

PaintQuote AI (“PaintQuote,” “we,” “us”) is a B2B SaaS platform for licensed US painting contractors. This Policy describes what we collect, how we use it, and the choices you have. It is not directed to children under 13; we do not knowingly collect personal information from minors. PaintQuote AI is operated by Rico Schurter, an individual based in Switzerland, not currently incorporated as a separate legal entity, with operating address at Via alle Vigne 6, 6598 Tenero, Switzerland. Throughout this Policy, “PaintQuote,” “we,” “us,” and “our” refer to Rico Schurter operating under that trade name.

1. Categories of Personal Information We Collect

We collect the following CCPA/CPRA statutory categories:

  • Identifiers. Name, email, phone, address, IP address (masked at last octet for audit + rate limiting), device user-agent. Source: you + automatic on each request. Retention: while your account is active + up to 1 year in security logs.
  • Customer records (§1798.80). License number, company name, bank account + routing (encrypted at rest with AES-256-GCM), tax ID. Source: you. Retention: while your account is active.
  • Commercial information. Estimates, invoices, payment history, client directory. Source: you + Stripe for payment events. Retention: 7 years after final transaction for signed estimates / invoices (IRS + E-SIGN Act).
  • Internet / device activity. Pages visited, timestamps, referrer headers, error logs. Source: automatic. Retention: 365 days.
  • Sensory information (audio). Voice recordings captured by the recorder feature. This is Sensitive Personal Information under CCPA/CPRA §7027. Source: you. Retention: up to 90 days for unsigned estimates; up to 3 years for audio attached to accepted/signed estimates (as scope-of-work evidence); always deleted within 30 days of account deletion.
  • Communications content (SPI). Transcripts derived from your recordings. Deleted alongside their audio per above.
  • Geolocation (coarse). City-level derived from IP for fraud detection. We do not collect precise (GPS) location.
  • Professional / employment info. Contractor license + state. Source: you. Retention: account lifetime.

2. How We Use Your Data (Purposes)

  • Generate painting estimates from your voice recordings (CCPA §7027(m) business purpose; does not trigger “Limit SPI” right)
  • Send estimates, change orders, and invoices to the clients you direct us to
  • Process subscription payments via Stripe
  • Personalize extraction using your pricing history and material preferences
  • Detect fraud and abuse (rate limiting, signed-in device audit)
  • Comply with E-SIGN Act §7001(d) record retention obligations

We do not use your data to train cross-customer AI models. Your pricing preferences stay scoped to your account.

3. Sensitive Personal Information (CCPA/CPRA §7027)

Voice recordings and their transcripts are SPI. We process them only for the business purposes listed in §7027(m) (providing the service you requested, security, debugging). We do not use SPI for advertising, cross-context behavioral profiling, or inferring characteristics. Because our use falls within §7027(m), we are not required to (and do not) offer a “Limit the Use of My Sensitive Personal Information” link.

4. Voice Recordings, BIPA & Two-Party Consent

  • No biometric identifier is extracted. We use OpenAI Whisper for speech-to-text only. No voiceprint, no speaker-ID, no diarization. This falls outside 740 ILCS 14 (BIPA), TX BCC §503.001, WA RCW 19.375, and CO SB 21-190’s biometric-identifier scope.
  • Contractor responsibility (wiretap). In CA, CT, FL, IL, MA, MD, ME, MI, MT, NH, NV, OR, PA, VT, WA and other all-party-consent states, you must inform every person whose voice may be captured and get their agreement before starting a recording. The recorder UI requires you to attest this. Failure to do so is a criminal offense for which you alone are responsible; see Section 12 of our Terms.
  • Painter attestations. Before each recording, the painter must attest in the app: (a) that they consent to the recording being processed for transcription; (b) that all adults present have been told of the recording and have agreed; (c) that no minor under 13 is present or will be captured. These attestations are logged as immutable consent_events rows.
  • OpenAI Whisper processing. Audio is sent to OpenAI's Whisper API for speech-to-text transcription. OpenAI's standard API policy applies: inputs may be retained for up to 30 days for abuse monitoring, are not used to train or improve OpenAI's models, and are automatically deleted after that window. We have completed OpenAI's standard API onboarding including their Data Processing Addendum. We are evaluating the OpenAI Zero Data Retention enterprise option and will update this Policy when/if it becomes active on our account. A copy of OpenAI's current DPA is available upon request.
  • Anthropic processing. Transcripts are sent to Anthropic's Claude API for structured extraction. We operate under Anthropic's standard commercial API terms, under which API inputs are retained for up to 30 days solely for trust & safety monitoring (abuse detection) and are not used to train Anthropic's models. Anthropic's Usage Policies and Data Processing Addendum are linked at paintquote.ai/dpa.
  • Your clients' voices. When a painter records at a job site, bystanders (homeowners, family, tradespeople) become data subjects under this Policy. If you are such a third party, see Section 12.
  • Retention. See Section 1 “Sensory information” for exact durations.

5. Service Providers (Subprocessors)

  • Supabase (US): database, auth, storage
  • OpenAI (US): Whisper audio transcription — standard API tier (30-day abuse monitoring retention, no training use)
  • Anthropic (US): Claude for structured data extraction — 30-day retention for abuse detection (not used for training)
  • Stripe (US): payment processing (PCI-DSS Level 1)
  • Resend (US): email delivery
  • Vercel (US): hosting + CDN

All subprocessors are contractually bound to process data only per our instructions (CCPA Service Provider / GDPR Art. 28 Processor). Data is primarily processed in the United States by our subprocessors (Supabase, OpenAI, Anthropic, Stripe, Resend, Vercel). PaintQuote AI itself operates from Switzerland. If you are a resident of the European Economic Area, United Kingdom, or Switzerland, you acknowledge that your personal information may be transferred to the United States for processing by these subprocessors. Such transfers rely on appropriate transfer mechanisms (Standard Contractual Clauses, adequacy decisions, or equivalent).

Data Processing Agreements. Where each subprocessor provides a standard DPA (Data Processing Agreement) or equivalent contractual protection for API customers, PaintQuote AI has accepted the applicable terms during account onboarding. Copies of each provider's public DPA are linked at paintquote.ai/dpa. For EU/UK/Swiss data subjects, transfers to US subprocessors rely on Standard Contractual Clauses (SCCs) approved by the European Commission (decision 2021/914) and the UK International Data Transfer Addendum, as incorporated by reference in each subprocessor's public DPA.

6. Your Clients' Data — PaintQuote as Service Provider

When you upload a client's name, email, phone, or address, you are the CCPA “Business” / GDPR “Controller” of that data and PaintQuote is your CCPA “Service Provider” / GDPR “Processor.” We process that data only to deliver the service you asked for (sending estimates, invoices, etc.). If one of your clients exercises a privacy right with us directly, we will forward the request to you and assist you in responding.

7. Email Communications

  • Transactional messaging. Estimates, invoices, change orders, overdue-payment reminders and sign confirmations are transactional under §7702(5) of CAN-SPAM and do not require recipient opt-in beyond the painter-client relationship.
  • Marketing messaging. Win-back emails, referral emails, and newsletter (if any) are commercial. Painters may opt out via the unsubscribe link in every commercial email (one-click POST per RFC 8058) or email preferences in Settings.
  • No SMS. The platform does not send SMS / text messages. Estimates and invoices reach clients by email and by share link (which the painter may copy or open in their own WhatsApp). If we add SMS in the future, this Policy will be updated and active painters will be notified at least 30 days before any SMS is sent.

Email suppression scope.Email suppressions are scoped per sender where technically feasible. If you unsubscribe from one painter's estimates you will still receive estimates from other painters you have a separate relationship with, unless you use the “Unsubscribe all” option in the footer which applies a global suppression across all senders on the platform.

8. Your Rights

Depending on your state of residence, you may have some or all of the following rights. We respond within the deadline your state law requires (typically 30–45 days; extendable by 45 when permitted).

  • Right to Know / Access. Use “Download all my data” in Settings → Privacy & Data; returns a JSON export covering every table containing your personal information, including our security_audit_log events.
  • Right to Correct. Edit your profile, clients, line items, and estimates in-app. Email privacy@paintquote.ai if you need help.
  • Right to Delete / Erasure. “Delete account” in Settings → Danger Zone. Note: signed-estimate records (name, total, signature image, IP) may be retained as required by the E-SIGN Act for 7 years unless you waive that retention (see Section 9).
  • Right to Data Portability. The JSON export is machine-readable.
  • Right to Opt Out of Sale / Share / Targeted Ads. We do not sell or share personal information as those terms are defined under CCPA/CPRA, VCDPA, CPA, CTDPA, or Utah UCPA.
  • Right to Opt Out of Profiling for solely-automated consequential decisions. We do not make such decisions.
  • Right to Limit Use of SPI. Not offered because our SPI use falls within §7027(m) business purposes (see Section 3).
  • Right to Non-Discrimination. Exercising any right will not degrade the service you receive.
  • Right to Appeal (VA, CO, CT, TX). If we deny a request, you may appeal by emailing privacy@paintquote.ai with the subject line “Privacy Appeal” within 60 days; we respond within 45 days.

How we verify you. For logged-in requests we rely on the active authenticated session. For deletion we require password re-authentication. We do not disclose personal information to unverified requesters.

California “Shine the Light” (Civ. Code §1798.83). We do not disclose personal information to third parties for their direct marketing purposes.

9. Data Retention

  • Signed estimates + invoices + signature data: 7 years (E-SIGN Act §7001(d), IRS record-keeping). Deletion requests will preserve an anonymized proof-of-signature record under a legal hold unless you explicitly waive.
  • Unsigned audio recordings: Up to 90 days, then auto-purged.
  • Audio attached to signed/accepted estimates: Up to 3 years as scope-of-work evidence, then auto-purged.
  • Transcripts: Retained while the estimate exists; deleted within 30 days of account deletion.
  • Security audit log (IP, UA, auth events): 365 days.
  • Stripe webhook idempotency log: 60 days (anti-replay, no PII).
  • Soft-deleted records: Hard-deleted 30 days after soft-delete unless legal hold.
  • Account data on deletion: Hard-deleted within 30 days except legally-required retention above.

EU/UK/Swiss residents.GDPR Article 17(3)(b) and (e) explicitly permits retention for compliance with a legal obligation and for the establishment, exercise, or defense of legal claims. PaintQuote AI retains signed estimates and invoices for these purposes (E-SIGN Act §7001(d) 7-year retention for US transactions, tax record-keeping). If you are an EU/UK/Swiss resident and submit an Art. 17 erasure request, we will erase all retained data that is NOT subject to a retention obligation and will pseudonymize (not delete) records subject to retention — keeping the data needed to satisfy the legal basis while removing your directly identifying information from any field where retention of the identifier is not legally required.

10. Data Security

TLS 1.2+ in transit. AES-256-GCM at rest for sensitive fields (bank account / routing). Row-Level Security on every tenant-scoped table. Private storage buckets with per-painter folder isolation. Webhook signature verification for Stripe. Rate limiting on public and authenticated endpoints. No credit card data ever touches our servers.

11. Painter Payment Processing — Stripe Connect Direct Charges

Effective April 27, 2026, PaintQuote AI uses Stripe Connect with Direct Chargesto process payments between painting contractors (“painters”) and their customers. Under this model:

  • Painters are the merchant of record. Funds settle directly to the painter's connected Stripe account, never to PaintQuote AI's account.
  • Stripe is the regulated payment processor — licensed Money Services Business in the US, payment institution under PSD2 in EU.
  • PaintQuote AI is software, not a payment institution. We are an introducer between painters and Stripe. We do not hold or transmit customer funds.
  • Platform fee: PaintQuote AI may charge a platform fee on customer-to-painter transactions. Any applicable fee is shown in your billing settings before you enable payment collection. As of the effective date of this Policy, the platform fee is 0%.
  • Data shared with Stripe: invoice or estimate amount, customer email if provided, invoice number, internal IDs. Stripe collects card and bank data directly from customers; PaintQuote never sees customer card data.
  • Disputes and chargebacks are handled by the painter via Stripe Dashboard. PaintQuote forwards alert emails when disputes are created.
  • FINMA / FADP / PSD2 disclosure: PaintQuote AI does not act as a payment institution under any of these regulations. Payment processing is handled directly by Stripe under its own licenses.

12. Data Breach Notification

We will notify affected users via email without undue delay after confirming a breach affecting their personal information, and within any timeframe required by applicable state or federal law for the specific category of data. We aim to notify within 72 hours of confirming such a breach where feasible. We will also notify state attorneys general as required by Cal. Civ. Code §1798.82, NY Gen. Bus. Law §899-aa, Fla. Stat. §501.171, and analogous state breach notification laws in all 50 states, and by the FTC Safeguards Rule where applicable.

13. If You Are a Painter's Client (Homeowner)

If a painter uses PaintQuote AI to prepare an estimate or invoice for you, your contact info and potentially your voice recording is on our platform. To exercise a privacy right over that data, email privacy@paintquote.aiwith the painter's company name and job-site address; we will route your request to the painter (the controller of your data), who is responsible for responding within the timeframe their applicable law requires. We will assist the painter and confirm to you when the request has been actioned.

14. Cookies & Tracking

Essential cookies— strictly necessary for the Service to function. Consent not required under GDPR Art. 5(3) exception.

  • Session cookies (auth): keep you logged in; httpOnly, Secure, SameSite=Lax.
  • Preference cookies: your cookie-banner choice and core UI preferences.

Third-party cookies requiring consent. Loaded ONLY when you click a relevant action OR when you accept via the cookie banner:

  • Stripe (payment processing): loaded when you initiate payment or reach the billing page.
  • Plausible Analytics (privacy-first analytics): loaded if you accept via the cookie banner. Plausible is cookie-less and does not track individuals across sites, but we still require consent out of caution under CNIL's stricter interpretation.

Manage consent anytime by clicking “Cookie preferences” in the footer or by clearing site data.

15. Changes to this Policy

We will notify you by email 30 days before material changes take effect. The current version and effective date are shown at the top of this page.

16. Contact

Privacy-specific requests (access, deletion, appeals) — privacy@paintquote.ai
General support, legal, DMCA — support@paintquote.ai
Mail — Rico Schurter (PaintQuote AI), Via alle Vigne 6, 6598 Tenero, Switzerland