How QuickInspect.me protects your data, ensures compliance, and safeguards AI-powered features.
quickinspect.meEncryption, access controls, backups, and infrastructure security
GDPR and CCPA compliance, data controller roles
ISO certifications, processing examples, retention policies
AI data handling, model isolation, prompt safety
quickinspect.meHow we keep your data safe with industry-standard security measures
quickinspect.meAccess limited to employees with a legitimate business purpose
All employee data access requires 2FA sign-in
Automatic daily backups for both files and datasets, with client-side backup options
Every dataset can be restored even after deletion
Authentication services are ISO 27001 certified
Data processed in European data centers (EU-West) Frankfurt, Germany
quickinspect.meAll data in transit is encrypted using TLS 1.2+ / HTTPS. No unencrypted connections are permitted to any service endpoint.
All stored data (Firestore, Cloud Storage) is encrypted at rest using AES-256 encryption managed by Google Cloud.
Built on Google Cloud Platform, benefiting from Google's world-class physical security, DDoS protection, and network monitoring.
Firestore security rules enforce per-tenant data isolation. Users can only access data belonging to their organization.
quickinspect.meFour user roles (Free, Standard, KeyUser, Admin) with escalating permissions for data access and management.
Two-factor authentication with recovery codes. Biometric login (Face ID, fingerprint) supported on mobile devices.
All data modifications are logged with timestamps and user identifiers for full traceability and compliance audits.
quickinspect.meGDPR and CCPA compliance, data ownership, and your rights
quickinspect.meQuickInspect.me uses Google Cloud as a "data processor" under GDPR. The regulation replaced the 1995 EU Data Protection Directive on May 25th, 2018.
We operate as a "service provider" under CCPA/CPRA, the California privacy laws that took effect January 1, 2020 and January 1, 2023 respectively.
Customers act as the "data controller" (GDPR) or "business" (CCPA/CPRA) for any personal data. Data is under the customer's control at all times.
Customers are responsible for fulfilling individuals' rights with respect to their personal data, including access, deletion, and portability requests.
quickinspect.meCore services are governed by Google Cloud Platform Terms of Service
Google acts as data processor with contractual obligations under GDPR
Google Analytics is a separate service subject to its own terms
All data stored in EU-West (Frankfurt, Germany) unless otherwise required
Customers retain full ownership and control over their data at all times
Customers can export all their data at any time in standard formats
quickinspect.meISO certifications, service-level compliance, and data processing examples
quickinspect.meWe process customer data strictly on behalf of and under the instructions of our customers. We do not use customer data for our own purposes.
The services provided by Google Cloud Platform are certified under major privacy and security standards including ISO 27001, SOC 1/2/3.
Retention periods are customizable per customer. Data is removed from live and backup systems within 180 days after deletion request.
Customers can request complete deletion of their data at any time. Soft deletes allow recovery within a grace period before permanent removal.
quickinspect.me| Service | ISO 27001 | ISO 27017 | ISO 27018 | SOC 1 | SOC 2 | SOC 3 |
|---|---|---|---|---|---|---|
| Database (Firestore) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Server Functions | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Cloud Storage | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Authentication | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Push Messages | ✓ | — | — | ✓ | ✓ | ✓ |
| Analytics / Crashlytics | ✓ | — | — | ✓ | ✓ | ✓ |
| Dynamic Links | ✓ | — | — | ✓ | ✓ | ✓ |
| Web Hosting | ✓ | — | — | ✓ | ✓ | ✓ |
| Server Configuration | ✓ | — | — | ✓ | ✓ | ✓ |
quickinspect.me| User Data | How Data Is Used |
|---|---|
| User-generated input (reports, images) |
Securely processed via HTTPS and stored in our database / cloud storage on Google Cloud. Data retention time is customizable per customer. |
| IP addresses | Used to execute event-handling and HTTP functions. Retained only temporarily to provide the service. |
| Passwords, emails, phone numbers |
Used for authentication and account management. User-agent strings and IPs provide added security during sign-up. Auth IPs kept for a few weeks; other auth data removed within 180 days of user deletion. |
| Installation IDs | Used to determine which devices receive push messages. Retained until user requests deletion, then removed within 180 days. |
| Crash traces & Installation UUIDs |
Used to associate crashes with projects and measure impact. Minidump data discarded after processing. Crash data retained for 90 days before removal. |
| Device specs (iOS) | Dynamic Links uses device specs and IP addresses on iOS to open newly-installed apps in context. Stored only temporarily. |
quickinspect.meHow AI features are secured and how your data is protected during AI processing
quickinspect.meAll AI processing runs on Google's Vertex AI within our GCP project. Data stays within Google's infrastructure and is subject to GCP's security standards.
Customer data sent to AI is never shared with third parties. It is not used by Google to train or improve foundation models.
All AI API calls are encrypted via TLS. Data is transmitted directly from our Cloud Functions to Vertex AI within the GCP network — never over the public internet.
AI inputs and outputs are processed in real-time and not persistently stored by the AI service. Only results saved by the user are retained in the database.
quickinspect.meGoogle's Vertex AI does not use customer data to train, retrain, or improve any AI/ML models
AI requests are scoped to each customer's organization. One customer's data is never visible to another's AI context
Only the specific text or data needed for the AI task is sent. Full database contents are never transmitted to the AI model
Vertex AI requests are processed within EU regions, consistent with our data residency commitments
AI features are opt-in. Users choose when to invoke AI assistance and can review all AI-generated content before applying
All AI interactions are logged for transparency, including which user triggered the request and when
quickinspect.meVertex AI applies Google's safety filters to prevent generation of harmful, biased, or inappropriate content in inspection reports.
AI-generated content is always presented as a suggestion. Users must explicitly review and approve before any changes are applied.
AI models operate within tightly scoped system prompts specific to inspection/survey domains, preventing off-topic or unsafe outputs.
Draft, rewrite, and improve inspection report sections with context-aware AI
Translate reports and findings into 30+ languages while preserving technical terminology
Get intelligent recommendations for findings based on inspection context
Conversational AI to help with report content, terminology, and best practices
quickinspect.meVertex AI is covered by Google Cloud's Data Processing Addendum, which includes GDPR-compliant data processing commitments and standard contractual clauses.
Vertex AI inherits Google Cloud's ISO 27001, ISO 27017, and ISO 27018 certifications, ensuring information security management best practices.
Independent audits confirm that Vertex AI meets the Trust Services Criteria for security, availability, processing integrity, and confidentiality.
All AI services adhere to Google's published AI Principles, including commitments to safety, fairness, accountability, and privacy by design.
quickinspect.meFull compliance with EU and California privacy regulations
Vertex AI does not use your data to improve models
Fine-grained permissions with two-factor authentication
Comprehensive data recovery and retention controls
quickinspect.me
QuickInspect
Questions about security or data protection?
Contact us at any time.
quickinspect.me