ClearlyBid

ClearlyBid

Privacy Policy

Last updated: 2026-05-25

Summary

ClearlyBid (“we,” “us”) is a software-as-a-service product that helps residential contractors create proposals, manage their pricing library, and send documents to their customers. This page explains what data we collect, why, how we protect it, and what choices you have about it.

We do not sell personal data. We only share it with the third-party services we need to run ClearlyBid (listed below), and only as required to deliver features you use.

Information we collect

From contractors (account holders)

  • Account data: name, email address, password hash, and tenant (business) details you provide during sign-up and onboarding (business name, license number and state, business address, logo).
  • Workspace data: proposals, pricing library items, customer records, tasks, comments, milestones, and other content you create inside the product.
  • Integration credentials: when you connect QuickBooks Online, Stripe, or other services, we store the OAuth tokens needed to call those services on your behalf. Tokens are encrypted at rest (AES-256-GCM) and never exposed to your browser.
  • Operational logs: timestamps, IP addresses, and request paths for security and abuse prevention. Retained 30 days unless tied to a specific incident.

From customers (the end clients you proposal to)

  • Contact info you enter: the customer's name, email, phone, and job-site address that you, the contractor, type into a proposal. We never collect this directly from end customers.
  • Approval signature: if a customer signs a proposal through their unique link, we capture their typed name, the date, and the IP that submitted it as the audit record of approval.
  • Link access logs: when a customer opens their proposal link, we record the timestamp so you can see whether they've viewed it.

How we use information

  • Provide the service. Show your proposals, pricing library, task list, and customer view; deliver transactional emails (sign-in, proposal sent, comment notification, etc.).
  • Operate connected integrations. When you push a proposal to QuickBooks Online, we read your QBO Products/Services and Customers to map the invoice lines, and create a Customer (or Project) and Invoice on your behalf. We do this only when you initiate the action.
  • Security & abuse prevention. Detect anomalous sign-ins, rate- limit the API, and respond to potential incidents.
  • Product improvement. Aggregate, anonymized usage metrics (e.g., how often a feature is used) inform what we build next. We do not run third-party ad trackers or sell behavioral data.

How we share information

We share data with the subprocessors below, only as needed for them to perform their role. We do not sell or rent your data, and we do not share customer-side data with anyone outside the contractor's own tenant.

  • Supabase — primary database, file storage, authentication. US-hosted.
  • Vercel — application hosting and edge delivery. US-hosted.
  • Resend — transactional email delivery. US-hosted.
  • Intuit (QuickBooks Online) — only when you connect QBO; only the data needed to read your Products/Services and create invoices.
  • Stripe — only when payment features are enabled on your account.

We also disclose information if required by law, lawful subpoena, or to protect the rights, safety, or property of ClearlyBid, our users, or others.

How we protect data

  • HTTPS / TLS in transit.
  • Row-level security enforced at the database; every query is scoped to the caller's tenant.
  • OAuth tokens (QuickBooks, etc.) encrypted at rest with AES-256-GCM.
  • API keys stored as SHA-256 hashes — we cannot recover a lost key.
  • Production deploys go through CI; secrets live in the hosting provider's secret manager, never in source.

Your choices

  • Access & export. You can view and edit your workspace data at any time from inside the product. For a machine-readable export, contact us.
  • Delete. You can delete proposals and library items from inside the product. To delete your entire account, contact us at the address below — we'll remove your workspace within 30 days, except for records we must retain for tax, audit, or legal reasons.
  • Disconnect integrations. Disconnect QuickBooks, Stripe, etc. from Settings → Integrations. On disconnect, we revoke the OAuth tokens with the provider and delete the stored credentials.
  • Email opt-out. Transactional emails (sign-in, proposal sent, task notifications) are part of the service and cannot be unsubscribed individually; turn them off by closing the account.

Cookies

ClearlyBid uses cookies only for authentication (your sign-in session) and to remember which tenant you have active when you belong to multiple. We do not use advertising or cross-site tracking cookies.

Children

ClearlyBid is a B2B product intended for use by businesses and their adult end customers. We do not knowingly collect personal information from anyone under 13. If you believe a child has provided us information, contact us and we will delete it.

International users

ClearlyBid is operated from the United States. By using the service from outside the US, you consent to your information being transferred to and processed in the US.

Changes to this policy

We may update this policy from time to time. Material changes will be announced via in-product notice or email. The “Last updated” date at the top of this page reflects the most recent revision.

Contact

Questions about this policy or your data: support@clearlybid.com.