Privacy Policy

Last updated: March 18, 2026

TradeGuard (“we,” “us,” or “our”) operates the TradeGuard platform, a certificate of insurance tracking service for general contractors and construction businesses. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service. Please read it carefully. If you disagree with the terms of this Privacy Policy, please discontinue use of the service.

Note: This Privacy Policy is provided for informational purposes. We recommend consulting with a qualified attorney to ensure your business's compliance with applicable privacy laws.

1. Information We Collect

Account and Organization Information

When you register for TradeGuard, we collect:

  • Your full name and email address
  • Your company (organization) name
  • A hashed password (we never store your password in plain text)
  • Your billing and payment information (processed and stored by Stripe — we do not store full card numbers)

Subcontractor and COI Data

In the course of using the service, you may enter and store:

  • Subcontractor names, email addresses, phone numbers, and physical addresses
  • Contractor license numbers and trade classifications
  • Certificates of Insurance (COIs), including insurer name, policy numbers, coverage types, coverage limits, and expiration dates
  • Uploaded PDF and image files of COI documents
  • Notes and other annotations you add to subcontractor or COI records

This data belongs to you. You are responsible for ensuring you have the right to upload and store information about third parties (your subcontractors).

Usage Data

We automatically collect certain technical information when you access the service, including:

  • IP addresses and browser/device type
  • Pages visited and features used within the application
  • Timestamps of actions (logins, uploads, etc.)
  • Error logs for debugging purposes

2. How We Use Your Information

We use the information we collect to:

  • Provide and operate the service — including storing your data, processing COI uploads, and displaying your compliance dashboard
  • Send expiry alerts — email notifications at 90, 60, and 30 days before a COI expires, and when a COI has already expired
  • Process billing — manage your subscription through Stripe, including invoicing and plan changes
  • Send account communications — welcome emails, trial expiration notices, important service announcements
  • Improve the service — analyze usage patterns to fix bugs and develop new features
  • Comply with legal obligations — respond to lawful requests from public authorities

We do not sell your data. We do not use your data to train AI models.

3. AI-Powered Document Processing

When you upload a COI document and use the AI auto-fill feature, the contents of that document are sent to Anthropic's Claude API for text extraction. Anthropic processes this data according to their own privacy policy. We only send document content to Anthropic when you explicitly trigger the AI extraction feature. Uploaded files are not automatically shared with Anthropic.

We recommend reviewing Anthropic's Privacy Policy for details on how they handle data submitted to their API.

4. Third-Party Service Providers

We share data with trusted third-party service providers only as necessary to operate the service. These providers are contractually obligated to protect your data and may not use it for other purposes.

  • Stripe — payment processing. Stripe stores your payment method and billing details. We receive only a customer ID and subscription status. Stripe Privacy Policy →
  • Anthropic — AI document extraction (only when you use the AI auto-fill feature). Anthropic Privacy Policy →
  • Email provider (SMTP) — used to deliver alert emails and account notifications. Email content includes COI expiry details and links back to your dashboard.

We do not share your data with advertisers, data brokers, or any other third parties not listed here.

5. Data Retention

We retain your data for as long as your account is active or as needed to provide the service. Specifically:

  • Active accounts: All data is retained and accessible while your subscription is active.
  • Paused/expired accounts: We retain your data for 30 days after your subscription lapses, giving you time to reactivate. After 30 days, data may be permanently deleted.
  • Deleted accounts: Upon written request, we will permanently delete your organization data, subcontractor records, COI files, and personal information within 30 days.
  • Billing records: We retain transaction records as required by applicable tax and accounting laws (typically 7 years).

6. Data Security

We implement the following security measures to protect your data:

  • All data is transmitted over HTTPS/TLS encryption
  • Passwords are hashed using bcrypt with a minimum cost factor of 10 — we cannot recover your password
  • Uploaded COI files are stored in private, organization-scoped directories not accessible to other users
  • Database access is restricted to application services only
  • Sessions use signed, short-lived JWT tokens

No method of internet transmission or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your data, we cannot guarantee absolute security. In the event of a data breach affecting your personal information, we will notify you as required by applicable law.

7. Your Rights

Depending on your location, you may have the following rights regarding your data:

  • Access — request a copy of the personal data we hold about you
  • Correction — request correction of inaccurate or incomplete data
  • Deletion — request deletion of your account and associated data
  • Portability — request your data in a machine-readable format
  • Objection — object to certain types of processing

To exercise any of these rights, email us at support@trade-guard.pro. We will respond within 30 days. You may also delete your account directly from your account settings at any time.

California Residents (CCPA)

If you are a California resident, you have the right to know what personal information we collect, to request deletion of that information, and to opt out of the sale of your personal information. We do not sell personal information. To submit a request, email support@trade-guard.pro.

European Residents (GDPR)

If you are located in the European Economic Area, our legal basis for processing your personal data is the performance of our contract with you (providing the service) and our legitimate interests (improving the service, preventing fraud). You have the right to lodge a complaint with your local data protection authority.

8. Cookies

TradeGuard uses session cookies to keep you logged in. These are essential cookies required for the service to function — the service cannot be used without them. We do not use advertising cookies, third-party tracking pixels, or analytics cookies.

9. Children's Privacy

TradeGuard is a business service intended for use by adults in the construction and contracting industry. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such information, please contact us immediately.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email (sent to the address on your account) and by posting the updated policy at this URL with a revised “Last updated” date. Your continued use of the service after any changes constitutes acceptance of the new policy.

11. Contact Us

If you have questions about this Privacy Policy or how we handle your data, please contact us: