QuickConsent ("we", "us") acts as a specialized data processor for the transportation industry. We handle sensitive driver information with the primary goal of ensuring **FMCSA 49 CFR Part 382** compliance for Motor Carriers.
2. Data We Collect
For Fleets
• Manager Name & Email
• DOT Number
• Billing: Processed securely via Lemon Squeezy (Merchant of Record). We do not store full credit card numbers.
For Drivers
• Full Name & CDL Number
• Digital Signature Image
• Verification Identity Image
3. The "Driver-First" Privacy Guarantee
We understand that professional drivers are frequently targeted by unsolicited marketing.
NO-SPAM POLICY: QuickConsent will never sell, rent, or lease Driver phone numbers or CDL data to third-party recruiters, insurance brokers, or telemarketers. Driver data is used exclusively for the generation of the requested FMCSA Consent Form.
4. Legal Integrity & Audit Logs
To satisfy DOT Safety Audits, we must maintain a "Chain of Custody" for every signature.
IP Non-Repudiation: We record the IP address and device fingerprint of the signer to prevent "fraudulent signature" claims.
Logical Isolation: Using Row-Level Security (RLS), your fleet data is never visible to other users on the platform.
5. 3-Year Data Retention & Backups
QuickConsent acts as a Generation Utility and Storage Assistant to help you maintain compliance.
3-Year Retention: We store generated PDFs and audit logs on our secure servers for 3 years (36 months) to align with FMCSA record-keeping mandates.
User Responsibility: While we offer this storage, the Motor Carrier is ultimately responsible for maintaining their own local Driver Qualification File (DQF). We highly recommend downloading local backups.
No Liability for Data Loss: We are not legally or financially liable for any data loss, server downtime, or inability to access stored PDFs.
6. Infrastructure Security
All data is encrypted in transit via SSL/TLS 1.3 and protected at rest via AES-256 military-grade encryption. Our infrastructure is hosted on SOC2 compliant data centers (AWS/Supabase).
7. Compliance Contact
For Data Subject Access Requests (DSAR) or driver data removal (subject to 49 CFR record retention laws), please contact: