Last updated: 2026-06-22 · Draft — pending legal review. QuoteHive complies with the Personal Information Protection and Electronic Documents Act (PIPEDA).
Account data (name, email, phone, city/province, company and trade for contractors); job postings and attached files; bids and messages submitted through the Platform; verification documents (insurance/license); payment records from our processor (amounts, dates, card brand and last four digits — never full card numbers); and standard technical logs (IP address, browser type) for security.
To operate the marketplace: publishing your job posts, delivering bids, verifying contractors, processing credit purchases, sending transactional emails (new bids, hire notices, verification results, job alerts matched to your trade and region), and preventing fraud. We do not sell personal information.
This is core to how the service works: when a Client posts a job, the job details (not their contact information) are visible to contractors. When a Client accepts a bid, the Client's and Contractor's names, phone numbers and email addresses are shared with each other so they can arrange the work. By posting a job or bidding, you consent to this exchange.
We use trusted processors to run the Platform: payment processing (Stripe), hosting, and email delivery. Each receives only the data needed for its function. Data may be processed outside Canada by these providers and is protected by contractual safeguards.
We keep account and transaction records while your account is active and as required for legal, tax and audit purposes (typically 7 years for financial records). Verification documents are retained while your account is active. You may request deletion of your account via the contact form; we will remove data not subject to a legal retention requirement.
You may request access to, correction of, or deletion of your personal information, and withdraw consent (which may limit your use of the service). Submit requests via the contact form or by emailing support@quotehive.ca. You may complain to the Office of the Privacy Commissioner of Canada if unsatisfied with our response.
We use a single first-party session cookie to keep you logged in. We do not run third-party advertising trackers.
Passwords are stored hashed (bcrypt), connections are encrypted in transit (HTTPS), payment card processing is handled by Stripe (PCI-DSS Level 1), and staff access to personal information is role-restricted and masked for non-privileged staff.
Material changes to this policy will be posted here with a new date and, where appropriate, emailed to account holders.