How we keep the marketplace clean.

Phone-verified consumers (Telnyx Verify)

Every consumer request runs through Telnyx Verify before the lead enters the marketplace. If the phone number doesn't validate, the lead never gets routed.

Cloudflare Turnstile on buyer signup

Anti-bot screening on the buyer signup path. Real cleaners get through transparently; automated signups get challenged or blocked.

Cap of 3 buyers per lead

Hard structural cap. Once three buyers accept a lead, it disappears from everyone else's board. No exception, no override.

PII revealed only after purchase

Consumer name, phone, and email are hidden behind the score chip until a buyer purchases the lead. The unlock is logged with timestamp and buyer identifier for audit.

5-day refund window

If a lead ages past its window without a verified consumer reply, you have 5 days from purchase to dispute. Real disputes are reviewed manually and refunded to your balance.

Encrypted at rest and in transit

All consumer PII is encrypted at rest in our Supabase database (Postgres RLS-gated tables, encrypted by default). All web traffic is TLS 1.2+. Internal admin access is shared-secret password-gated and audit-logged.

• Postgres TDE on all consumer PII columns
• TLS 1.2+ for every public endpoint
• Row-Level Security policies on every table touching PII
• Admin actions logged to internal audit table

DSR / data-subject requests honored

Consumer can request data export or deletion via /privacy/data-request. Requests are processed within 30 days per CCPA and GDPR-equivalent standards.

Stripe for payments — never card data on our servers

All buyer payments are tokenized through Stripe Checkout. We never receive, store, or proxy card numbers. PCI compliance is inherited from Stripe.