Data in transit
QuoteAnvil uses encrypted HTTPS/TLS connections for browser, dashboard, API, and customer-facing workflows.
Contractors trust QuoteAnvil with customer details, job photos, pricing, signatures, schedules, and business records. Security is part of the product foundation, not an afterthought.
Encrypted HTTPS connections, trusted infrastructure providers, private storage controls, and organization-scoped access checks protect estimates, invoices, job photos, and customer records.
Subscription billing and customer payment workflows rely on established payment processors. QuoteAnvil does not need to store raw card numbers to run billing or payment features.
Authentication, session controls, team-member removal, signed file links, and route/API authorization checks help contractors control who can see business records.
Security practices
QuoteAnvil handles high-trust workflows: customer records, pricing, signatures, payment status, photos, and project documentation. These are the controls we communicate clearly today.
QuoteAnvil uses encrypted HTTPS/TLS connections for browser, dashboard, API, and customer-facing workflows.
Company records are scoped to an organization before they can be accessed through product APIs and dashboard routes.
Hosting, database, authentication, file storage, email, and payment workflows rely on established third-party platforms with their own security programs.
Security reports can be sent to support@quoteanvil.com with reproduction steps. Reporters should not access, modify, delete, or share data that does not belong to them.
QuoteAnvil does not currently claim SOC 2, ISO 27001, HIPAA, PCI DSS certification, or a formal bug-bounty program. Those are roadmap trust milestones. This page describes current product and operating practices honestly so buyers can evaluate QuoteAnvil without inflated security claims.