Privacy Policy

QRC Dispatch (“QRC,” “we,” “us,” or “our”) is a transportation management system (TMS) operated by QRC Dispatch Inc., a California corporation, for freight brokerages. This Privacy Policy explains what information we collect, how we use and share it, and the choices available to you when you use our web application and related services (the “Service”) at qrcdispatch.com. This Policy applies to our business customers (freight brokerages and their authorized users). The Service is intended for business use only and is not directed to consumers or to children under 18.

a. Account and contact information. Names, business email addresses, telephone numbers, business names, and mailing or physical addresses that you or your organization provide when creating and managing an account.

b. Brokerage operational data. Information you enter or upload while using the Service, including load and shipment details, rate confirmations, bills of lading, carrier and customer records, contacts, invoices, and documents you attach to loads or carriers (such as proof-of-delivery files and certificates of insurance).

c. Uploaded documents processed for data extraction. When you use our document-parsing feature, the document you upload (for example, a rate confirmation PDF) is transmitted to our AI processing provider to automatically extract fields such as party names and addresses, rate amounts, pickup and delivery details, dates, weight, commodity, equipment, and reference numbers. See Section 4.

d. QuickBooks Online data (only if you connect QuickBooks). If you choose to connect your QuickBooks Online account, we access and process accounting data through Intuit’s API as described in Section 5.

e. Carrier verification data.When you select a carrier, we send the carrier’s MC and/or DOT number to the Federal Motor Carrier Safety Administration (FMCSA) to retrieve publicly available safety and authority information.

f. Technical and usage data. Server and application logs, IP addresses, device and browser metadata, and error diagnostics generated when you use the Service. We use an error-monitoring provider to capture application errors (see Section 4).

We use the information we collect to: provide, operate, and maintain the Service; generate rate confirmations, bills of lading, invoices, and related documents; sync accounting data with QuickBooks Online when you connect it; automatically extract data from documents you upload; verify motor carriers against FMCSA records; secure the Service, prevent fraud and abuse, and diagnose and fix errors; communicate with you about your account, including transactional emails; and comply with legal obligations. We do not use your financial data for advertising or marketing, and we do not sell your personal information.

We share information with the following third-party service providers (sub-processors) only as needed to provide the Service. Each processes data on our behalf and is bound by its own terms and security obligations:

• Intuit (QuickBooks Online)— accounting integration, when you connect QuickBooks (see Section 5). Your use of QuickBooks is also governed by Intuit’s own terms and privacy policy.
• Anthropic, PBC— AI document parsing. Documents you submit to the parsing feature are processed by Anthropic’s commercial API to extract data fields. Anthropic does not use these inputs or outputs to train its models, and under its commercial API terms such data is retained only briefly (currently deleted within seven days) before deletion, except where retention is required to comply with law or to investigate misuse.
• Supabase (hosted on Amazon Web Services) — our primary database, authentication, and file storage.
• Vercel — application hosting and content delivery.
• Resend — delivery of transactional emails (such as document deliveries, invitations, and account notices).
• Sentry — application error monitoring. Our configuration disables personal-data collection by default and redacts sensitive fields (such as credentials and tokens) from captured error events.
• FMCSA SAFER — federal carrier verification using publicly available data; we send only carrier MC/DOT identifiers.
• Postal-code lookup — when you enter a U.S. ZIP code, we may query a public postal-code lookup service that receives only the ZIP code and no other personal information.

We may also disclose information when required by law, to enforce our agreements, or to protect the rights, safety, and security of QRC, our users, or others. If QRC is involved in a merger, acquisition, or sale of assets, information may be transferred as part of that transaction, subject to this Policy.

If you connect your QuickBooks Online company to the Service, the following applies:

What we access.Using Intuit’s API and the accounting scope you authorize, we read limited reference data needed to sync (such as your company information and matching chart-of-accounts, item, payment-term, customer, and vendor records) and we create accounting records on your behalf — including invoices, bills, bill payments, customers, vendors, a freight service item, and payment terms. We do not access payroll data, and we do not request payment-processing scopes.

Why we access it. Solely to provide the accounting-sync features you use within the Service — for example, pushing an invoice or a carrier bill into your QuickBooks.

How we protect it.The access and refresh tokens that authorize this connection are encrypted at rest using AES-256-GCM encryption and are accessible only to the systems that perform the sync. Each brokerage’s QuickBooks connection is isolated to that brokerage’s account.

How to disconnect.You may disconnect QuickBooks at any time from Settings → Integrations. When you disconnect, we delete the stored QuickBooks access and refresh credentials from our systems, after which we can no longer access your QuickBooks data. Accounting records already created in your QuickBooks remain in your QuickBooks, and we retain the internal reference identifiers that link those past syncs for your historical records. You may also remove QRC’s access from within your Intuit account.

Our use of QuickBooks data is limited to providing the Service to you and complies with Intuit’s API terms and security policies. We do not use QuickBooks data for advertising, marketing, or any purpose unrelated to providing the Service.

We use industry-standard measures to protect your information, including encryption of data in transit using TLS, encryption of sensitive credentials at rest, tenant isolation enforced at the database level so that each brokerage’s data is segregated from others, and role-based access controls within the Service. Administrative access to our production database requires multi-factor authentication and is logged. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

We retain your account and operational data for as long as your account is active and as needed to provide the Service. When a brokerage account is deleted, its data is first marked for deletion and then permanently removed from our active systems after a 30-day window. QuickBooks credentials are removed when you disconnect QuickBooks or when your account is deleted. Documents submitted to our AI parsing provider are subject to that provider’s short retention period described in Section 4. We may retain limited information longer where required to comply with legal obligations, resolve disputes, or enforce our agreements.

You may access, update, or correct your account information within the Service, disconnect QuickBooks at any time, request a copy of the data you have provided to the Service, and request deletion of your account and associated data. Depending on your location, you may have additional rights under applicable law, such as the California Consumer Privacy Act. To exercise any of these rights, contact us at admin@qrcdispatch.com. Because we process most data on behalf of our business customers, requests from a customer’s end users may be directed to the customer organization.

We use only cookies that are strictly necessary for authentication and the operation of the Service. We do not use third-party advertising or analytics tracking cookies.

The Service is operated in the United States, and information we collect is processed and stored primarily in the United States.

The Service is intended for business use and is not directed to children under 18. We do not knowingly collect personal information from children.

We may update this Privacy Policy from time to time. When we do, we will revise the “Last updated” date above and, where appropriate, provide additional notice. Your continued use of the Service after changes take effect constitutes acceptance of the updated Policy.

QRC Dispatch Inc. — Email: admin@qrcdispatch.com