FlitIQ
Sign inGet started

Privacy Policy

Last updated: May 20, 2026

SmartLink Basics, LLC (d/b/a FlitIQ) (“we,” “us,” or “our”) respects your privacy. This Privacy Policy explains how we collect, use, share, and protect information when you use the FlitIQ application and website (“Service”). By using the Service you agree to the collection and use of information in accordance with this policy.

1. Scope & What This Policy Covers

This Privacy Policy covers information about you, our user. It does not describe the motor-carrier data you view within the Service. Motor-carrier records (legal name, DBA, DOT number, MC number, address, contact info, safety scores, insurance filings, inspection records, etc.) are public information published by the U.S. Federal Motor Carrier Safety Administration (FMCSA) and are not personal data of FlitIQ users. We display this public data without modification and have no editorial control over its contents. See our Terms of Service, Section 5 for the data-sources disclosure.

2. Information We Collect

Information you provide

  • Account information: email address, password (hashed), display name, and optionally a company name and DOT number.
  • CRM data: carrier notes, pipeline stages, saved carriers, follow-up dates, activity log entries, and other content you create within the Service.
  • Team data: if you are part of an organization, team-member invitations, role assignments, and basic profile data for other members of your organization.
  • Payment information: processed entirely by Apple (iOS) or Stripe (web). We receive a customer reference identifier and subscription status; we never store, see, or have access to your credit card number, CVV, or full billing details.
  • Anthropic API key (optional): Pro and Team users may supply their own Anthropic API key for AI Carrier Insights. Keys are encrypted at rest before being stored in our database and are decrypted only at the moment of an AI request to forward to Anthropic. We do not view, log, or use your key for any purpose other than fulfilling AI requests you initiate.

Information collected automatically

  • Usage data: search queries, features used, and general interaction patterns to enforce free-tier limits and to improve the Service.
  • Device information: device type, operating system, browser type, and app version.
  • Log data: IP address, request timestamps, and general access patterns. Server logs are retained for up to ninety (90) days for security, debugging, and abuse-prevention purposes, then deleted.

3. How We Use Your Information

We use your information to:

  • Provide, maintain, and improve the Service.
  • Process subscriptions and payments through Apple or Stripe.
  • Enforce free-tier usage limits (daily search count, saved-carrier cap, etc.).
  • Send transactional emails (account confirmation, password resets, billing receipts).
  • Respond to support requests.
  • Analyze usage patterns to improve features and performance.
  • Detect, investigate, and prevent fraud, abuse, and security incidents.
  • Comply with legal obligations.

We do not sell your personal information. We do not share your information for cross-context behavioral advertising. We do not use your data to train any general-purpose machine-learning model.

4. AI Insights & Third-Party LLM Use

When you invoke an AI Carrier Insight on a saved carrier, FlitIQ forwards (a) the public FMCSA data we have already retrieved for that carrier, plus (b) your saved notes and pipeline state for that carrier, to Anthropic’s Claude API using your API key. Anthropic’s terms and privacy policy govern how Anthropic processes that request and you should review them at anthropic.com/legal/privacy. We do not retain a separate copy of the prompt; we store only the generated insight on your saved-carrier record.

5. Data Sharing

We may share information with:

  • Service providers (processors acting on our behalf): Supabase (database and authentication), Apple and Stripe (payment processing), Cloudflare (hosting, CDN, and DDoS protection), and Anthropic (only when you initiate an AI request, using your key). These providers are contractually bound to process data only as instructed by us and only to provide the relevant service.
  • Legal requirements: when required by law, court order, subpoena, or governmental authority, or when we believe in good faith that disclosure is necessary to protect rights, property, or safety.
  • Business transfers: in connection with a merger, acquisition, financing, or sale of assets, subject to the receiving party honoring this Privacy Policy.

6. Data Security

We implement industry-standard security measures including encryption in transit (TLS 1.2+), encryption at rest, row-level security on our database, and encrypted storage of bring-your-own-key API credentials. However, no method of transmission or storage is 100% secure, and we cannot guarantee the absolute security of your information.

7. Data Retention

We retain your account data for as long as your account is active. If you delete your account, we will delete or anonymize your personal data within thirty (30) days, except where retention is required by law (e.g., tax records, dispute records, sanctions screening). Server logs are retained for up to ninety (90) days as described above. Anonymized aggregate usage data may be retained indefinitely for analytics.

8. Your Rights

Depending on your jurisdiction, you may have one or more of the following rights regarding the personal data we hold about you:

  • The right to access the personal data we hold about you.
  • The right to request correction of inaccurate or incomplete data.
  • The right to request deletion of your data (“right to be forgotten”).
  • The right to export your data in a portable, machine-readable format.
  • The right to restrict or object to certain processing.
  • The right to opt out of non-essential communications.
  • The right to lodge a complaint with a supervisory authority.

To exercise these rights, contact us at privacy@flitiq.com. We will respond to verifiable requests within forty-five (45) days, or sooner where required by law.

9. California Residents (CCPA / CPRA)

If you are a California resident, the California Consumer Privacy Act (as amended by the CPRA) gives you specific rights. The categories of personal information we collect are described in Section 2 above. We collect this data to provide the Service, process payments, prevent abuse, and comply with law. We do not sell or share personal information for cross-context behavioral advertising as those terms are defined under the CCPA. You have the right to know, delete, correct, and opt-out, as described in Section 8. We do not knowingly collect personal information from California residents under sixteen (16). To exercise California-specific rights, contact us at privacy@flitiq.com.

10. European Economic Area & United Kingdom (GDPR / UK GDPR)

If you are in the EEA or UK, our legal basis for processing your personal data is (a) performance of a contract (to provide the Service you signed up for), (b) our legitimate interests (security, fraud prevention, product improvement), (c) compliance with legal obligations, and (d) your consent where applicable. You have the rights listed in Section 8 plus the right to lodge a complaint with your local data-protection supervisory authority. Data may be transferred to the United States as described in Section 12; we rely on appropriate safeguards such as Standard Contractual Clauses where required.

11. Cookies & Tracking

We use essential cookies and local storage for authentication and session management. We do not use third-party tracking cookies, advertising cookies, or analytics that share data with advertising networks. We do not respond to browser “Do Not Track” signals because there is no industry-standard interpretation, but our baseline behavior is consistent with a Do Not Track preference.

12. International Transfers

Your data is processed in the United States. If you are accessing the Service from outside the United States, by using the Service you consent to the transfer of your data to the United States, where data-protection laws may differ from your jurisdiction. Where required by law, we implement appropriate safeguards (such as the EU Standard Contractual Clauses) for international transfers.

13. Children’s Privacy

The Service is not directed to individuals under 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact us and we will delete it promptly.

14. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page with a new “Last updated” date and, where material to your rights, by email or in-product notice. Your continued use of the Service after changes constitutes acceptance.

15. Contact

Questions or concerns about this Privacy Policy? Contact us at privacy@flitiq.com.