PoolWarranty.io

Trust

Security & data handling

Plain English about what we do with your data and how we keep it safe.

Tenant isolation

Every dealer’s data is isolated at the database level using Postgres Row Level Security. A dealer in Florida cannot read a dealer in Arizona’s claims, homeowners, or equipment records — full stop. We test this with an automated suite that creates two synthetic dealers and asserts neither can read the other’s data. The test runs before every release.

Encryption

All traffic is encrypted in transit (TLS 1.2+). Data at rest is encrypted by our database provider (Supabase, hosted on AWS in us-east-1).

We don’t sell your data

We never sell, rent, or share dealer or homeowner contact information with third parties. The only way warranty data leaves the system is when you (the dealer) submit a claim to a manufacturer — same as if you’d emailed them yourself.

Manufacturer partnerships

When a manufacturer sponsors the platform, they get aggregate, anonymized denial-reason data — never individual dealer or homeowner records. Example of what they see: “Across 200 claims for the XR-300 pump, 18% were denied for missing chemistry logs.” What they never see: “ABC Pools in Tampa filed a claim for John Smith’s pump.”

Audit logs

Every claim status change is recorded with a timestamp and who made it. You can see the full timeline on every claim. We retain these logs for the life of your account.

AI processing

When you use nameplate OCR or homeowner message drafting, the relevant image or text is sent to Anthropic’s Claude API to process. We don’t train models on your data and Anthropic doesn’t either. AI calls are gated by a feature flag, so a dealer can opt out and still file claims by hand.

What we still need to do

We’re honest about where we are: SOC 2 Type II is on the roadmap but not yet certified. If you’re a manufacturer or a larger dealership that needs SOC 2 today, let’s talk — we can prioritize the timeline.

Have a security question?

Email security@poolwarranty.io and you’ll get a response from a human (probably Brian) within 1 business day.