Skip to main content
BG
BASTIONGLASS

Privacy Policy

Last updated: March 18, 2026

1. Information We Collect

Account Information: When you sign up, we collect your name, email address, shop name, and password. If you sign in with Google, we receive your name, email, and profile picture from Google.

Business Data: Data you enter into the platform, including customer records, vehicle information, quotes, jobs, invoices, and communications. This data belongs to you.

Usage Data: We collect anonymized usage analytics, error logs, and performance metrics to improve the platform.

Payment Information: Payment processing is handled by Stripe. We do not store credit card numbers or sensitive payment details on our servers.

2. How We Use Your Information

  • To provide and maintain the GlassQuote Pro platform
  • To process transactions and send related notifications
  • To send appointment reminders and service communications on your behalf
  • To provide customer support
  • To detect and prevent fraud or security issues
  • To improve the platform based on anonymized usage patterns

3. Data Isolation

Each business account operates within an isolated tenant environment. Your data is strictly separated from other businesses using the platform. No other business can access your customer records, quotes, or financial data.

4. Data Sharing

We do not sell your data. We share information only with:

  • Service Providers: Stripe (payments), Resend (email), Twilio (SMS) — only as necessary to deliver services you've configured
  • Legal Requirements: When required by law, court order, or governmental authority
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, with advance notice

5. Data Security

We implement industry-standard security measures including:

  • AES-256-GCM encryption for sensitive credentials
  • Scrypt password hashing with unique salts
  • TLS/HTTPS encryption for all data in transit
  • Rate limiting on authentication endpoints
  • Role-based access control within business accounts

6. Data Retention

We retain your data for as long as your account is active. Upon account cancellation, data is retained for 30 days to allow for export and is then permanently deleted. Anonymized analytics data may be retained indefinitely.

7. Your Rights

You have the right to:

  • Access: Request a copy of your data
  • Correction: Update inaccurate information
  • Deletion: Request deletion of your account and data
  • Export: Export your data in a standard format
  • Restrict Processing: Limit how we use your data

To exercise these rights, contact us at privacy@bastionglass.com.

8. Cookies

We use essential cookies for authentication and session management. We do not use third-party advertising or tracking cookies. Analytics are collected server-side without cookie-based tracking.

9. Children's Privacy

BastionGlass is a business platform and is not directed at individuals under 18 years of age. We do not knowingly collect data from children.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify active subscribers of material changes via email at least 30 days before they take effect.

11. Contact

For questions about this Privacy Policy, contact us at privacy@bastionglass.com.

Back to home