Privacy Policy

Last updated: March 17, 2026

1. Information we collect

Account data: Email address (used for authentication via one-time codes).

Business data: Company name, phone, logo, license info, labor rates, material costs, and other settings you configure.

Job data: Room measurements, estimates, proposals, client names, emails, phone numbers, addresses, and photos you upload.

Payment data: Payment transactions are processed by Stripe. We store transaction amounts and references but never credit card numbers.

Usage data: Anonymous analytics (page views, feature usage) to improve the Service.

2. How we use your information

• To provide and maintain the Service
• To generate estimates, proposals, and material lists
• To process subscription payments
• To send proposal links and payment receipts to your clients on your behalf
• To provide AI Color Preview visualizations
• To improve the Service based on usage patterns

3. Data storage & security

Data is stored securely via Supabase (PostgreSQL with Row Level Security). All data is encrypted in transit (TLS) and at rest. Photos are stored in Supabase Storage with private access controls.

4. Third-party services

• Supabase — database, authentication, file storage
• Stripe — payment processing
• Google Gemini — AI color preview rendering
• Resend — transactional email
• Vercel — web hosting

Each service has its own privacy policy. We do not sell your data to any third party.

5. Your client's data

When you create proposals, you enter client information (name, email, phone, address). This data is stored under your account and is used only to generate and deliver proposals. Your clients may receive emails with proposal links on your behalf. We do not market to your clients.

6. Photos & AI processing

Photos uploaded for AI Color Preview are sent to Google Gemini for processing. Photos are not stored permanently by Google and are used solely to generate the color visualization. Room photos attached to jobs are stored in your private Supabase Storage bucket.

7. Data retention

Your data is retained as long as your account is active. If you delete your account, all associated data (jobs, proposals, photos, client info) is permanently deleted within 30 days.

8. Your rights

• Access all data we store about you
• Export your data at any time
• Request deletion of your account and all associated data
• Opt out of analytics tracking

9. Cookies

We use essential cookies for authentication (Supabase session). We do not use advertising or tracking cookies.

10. Children's privacy

The Service is not intended for use by individuals under 18 years of age. We do not knowingly collect data from minors.

11. Changes

We may update this Privacy Policy from time to time. We will notify you of material changes via email or an in-app notice.

12. Contact

Questions about your privacy? Email privacy@coatboss.com.