FLOZ INC.

Quotr Privacy Policy (v1.0)

Effective Date: Oct 1, 2025

Company: FLOZ INC., a Delaware corporation with offices at 495 27th Ave Unit 8, San Francisco, CA 94121, USA
Doing Business As: “Quotr”
Website: https://quotr.ai
Contact: info@quotr.io

1. Overview

This Privacy Policy explains how FLOZ INC. (doing business as “Quotr”) (“Quotr,” “we,” “us,” or “our”) collects, uses, stores, shares, and protects personal information in connection with your use of the Quotr Platform and related services (collectively, the “Services”). By accessing or using the Services, you agree to this Privacy Policy. If you do not agree, please discontinue use of the Services.

2. Information We Collect

We collect the following categories of information to operate and improve our Services:

(a) Account Information

  • Business name, address, and contact details
  • User name, job title, and work email address
  • Account credentials and authentication data

(b) Project and Uploaded Data

  • Construction drawings, specifications, and related documents you upload
  • Associated project metadata (e.g., project type, cost assumptions, material lists)

(Note: Quotr treats all uploaded content as Customer Data under the Terms of Service.)

(c) Payment Information

  • Billing name, company, address, and payment method details (processed securely through a third-party payment processor, e.g., Stripe).
  • Quotr does not store full credit card information.

(d) Usage and Technical Information

  • Log data (IP address, browser type, operating system, device identifiers)
  • Date and time of access, feature usage, and in-app events
  • Cookies and similar technologies for session management and analytics

(e) Communication Data

  • Messages sent through our contact forms, support channels, or emails
  • Feedback and responses to surveys or beta programs

3. How We Use Information

We use collected information for the following purposes:

  1. Service Delivery — to provide, maintain, and improve the Platform and customer support.
  2. Account Management — to create, verify, and manage user accounts and authentication.
  3. Payments — to process transactions, renewals, and invoices.
  4. Analytics — to monitor performance, detect anomalies, and optimize system efficiency.
  5. AI Model Operation — to generate estimates and outputs based on Customer Data.
  6. Communication — to send service notices, product updates, and security alerts.
  7. Legal Compliance — to comply with applicable laws, regulations, or valid legal requests.
  8. Marketing — to inform you about product features, promotions, or events related to Quotr. You can opt out anytime via the unsubscribe link in our emails.

4. How We Share Information

We do not sell or rent your personal data. We may share information only as described below:

(a) Service Providers (Sub-processors)

We use trusted third-party vendors to host, process, and support our Services, including:

Purpose Sub-processor Location
Cloud hosting Amazon Web Services (AWS) United States
Payment processing Stripe, Inc. United States
CRM and marketing automation HubSpot, Inc. United States
Error tracking and analytics Sentry, Google Analytics United States / EU

(b) Corporate Transactions

If Quotr merges, acquires, or sells assets, your information may be transferred as part of that transaction, subject to continued protection consistent with this Policy.

(c) Legal Requirements

We may disclose information to government or law enforcement authorities when required by law or to protect Quotr’s legal rights, safety, or property.

5. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Maintain session states and account authentication
  • Collect usage analytics and performance metrics
  • Remember preferences between sessions

You can manage cookie preferences in your browser settings. Rejecting certain cookies may limit functionality of the Platform.

6. Data Retention

  • Account Data: retained as long as your account is active or as required by law.
  • Customer Data (uploaded files): retained for the duration of the subscription and 30 days after termination, after which it may be deleted or anonymized.
  • Logs and analytics: retained up to 12 months for system security and improvement.
  • Backups: maintained securely for disaster recovery for up to 90 days.

7. Data Security

We implement industry-standard administrative, technical, and physical safeguards, including:

  • Encryption in transit (TLS 1.2+) and at rest (AES-256)
  • Multi-factor authentication for administrative access
  • Continuous monitoring and intrusion detection
  • Role-based access controls

Despite our efforts, no system is completely secure. You are responsible for maintaining the confidentiality of your credentials.

8. International Data Transfers

Quotr operates primarily in the United States. If you access the Platform from outside the U.S., your information may be transferred and processed in the United States or other jurisdictions where our sub-processors operate. We ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) for EU/EEA data transfers.

9. Your Rights and Choices

Depending on your location and applicable laws (e.g., GDPR, CCPA), you may have the following rights:

  • Access: Request a copy of personal data we hold about you.
  • Correction: Request correction of inaccurate or incomplete data
  • Deletion: Request deletion of your personal information (subject to legal retention requirements).
  • Portability: Request export of your data in a structured, machine-readable format.
  • Objection: Object to certain data processing activities, such as direct marketing.
  • Withdraw Consent: Withdraw consent at any time where applicable.

You can exercise these rights by emailing info@quotr.io. We will verify your identity before processing your request and respond within 30 days.

10. CCPA (California Consumer Privacy Act) Notice

For California residents, Quotr acts as a “Service Provider” under the CCPA and CPRA.

We do not “sell” or “share” personal information as defined by the CCPA. We may collect the following categories of information (as defined by the CCPA): Identifiers, commercial information, internet activity, geolocation data, and professional information. We use such data solely for business purposes such as service delivery, billing, and product improvement. California users may contact info@quotr.io to request data access or deletion.

11. GDPR (EU/EEA and UK) Notice

If you are located in the European Union or United Kingdom, Quotr is the data controller for account and marketing data, and a data processor for Customer Data.

Legal bases for processing include:

  • Contract performance (Art. 6(1)(b) GDPR)
  • Legitimate interests (e.g., analytics, platform improvement)
  • Compliance with legal obligations
  • Consent (for optional communications)

EU/UK data subjects may contact Quotr’s Data Protection Officer (DPO) via info@quotr.io.

If unresolved, you may lodge a complaint with your local data protection authority.

12. Children’s Privacy

The Services are intended for business users only and are not directed at individuals under 18 years of age. We do not knowingly collect personal information from minors.

13. Third-Party Links

Our Platform may include links to third-party websites or integrations. We are not responsible for their privacy practices. Please review those websites’ policies before sharing information.

14. Changes to this Policy

We may update this Privacy Policy periodically. If material changes occur, we will notify you by email or in-app notice at least 30 days prior to the new effective date. Continued use of the Platform after that date constitutes your acceptance of the updated Policy.

15. Contact Us

For privacy inquiries or data rights requests:

FLOZ INC. (Quotr)
495 27th Ave Unit 8
San Francisco, CA 94121, USA
info@quotr.io

See also our Terms of Service.