← Back to ClearPath
Privacy Policy
Last updated: April 9, 2026 · Version 2026-04
ClearPath ("we," "us," "our") is committed to protecting the privacy of our customers and the customers of our customers. This Privacy Policy describes how we collect, use, store, and protect information across all ClearPath products: ClearPath OS, ClearPath Voice, and ClearPath Experience.
1. Who This Policy Covers
- Subscribers ("Clients"): Auto repair shop owners, managers, and staff who subscribe to ClearPath products.
- End consumers ("Customers"): The repair shop's customers whose data may be processed through ClearPath via shop management system integrations or phone interactions.
If you are a repair shop customer and have questions about how your data is used, please contact the shop directly. ClearPath processes this data on behalf of the shop (as a data processor), not for our own purposes.
2. Information We Collect
2a. Information you provide directly
| Data | When | Purpose |
|---|
| Name, email, phone | Account creation | Account management, communications |
| Shop name, address, state | Onboarding | Regional benchmarks, tier classification |
| Employee names, roles, pay rates | Setup | Payroll estimation, team metrics, floor calculation |
| Overhead expenses | Setup | Floor (nut) calculation, financial health |
| Payment information | Checkout | Processed by Stripe — we never see or store card numbers |
2b. Information from integrated systems
| Source | Data | Purpose |
|---|
| Tekmetric / Shop-Ware | Repair orders, jobs, customer names, phones, emails, vehicle info, labor hours, parts costs | KPI calculation, diagnostics, coaching, recovery pipeline |
| Google Business Profile | Customer reviews, ratings | Customer Pulse — sentiment tracking |
Important: ClearPath accesses shop management system data via authorized API connections that the shop owner explicitly configures. We never access data without the shop owner's permission and credentials.
2c. Information collected by ClearPath Voice
| Data | How | Purpose |
|---|
| Call recordings | AI receptionist records inbound calls (with disclosure) | Call analysis, advisor coaching, quality assurance |
| Call transcripts | Generated from recordings via AI | Searchable call history, sentiment analysis |
| Caller phone number | Caller ID | Caller classification, missed call recovery |
| Caller name, vehicle, purpose | Collected by AI during conversation | Post-it messages for shop staff, recovery follow-up |
| SMS messages | Missed call recovery texts | Recovery pipeline, booking attribution |
2d. Automatically collected information
- Browser type, IP address, device information when accessing the web application
- Usage patterns within the application (pages viewed, features used)
- Error logs and performance data for service improvement
3. How We Use Your Information
- Provide the Service: Calculate KPIs, generate coaching, run diagnostics, detect money leaks, manage recovery pipeline, analyze calls, send automated follow-ups.
- Improve the Service: Identify bugs, improve performance, develop new features. We use aggregate, anonymized usage patterns — never individual shop data.
- Communications: Send service-related emails (billing, updates, outage notifications). We do not send marketing emails without explicit opt-in.
- Support: Respond to your support requests and troubleshoot issues.
4. What We Will NEVER Do With Your Data
- Never sell your data. Not to advertisers, data brokers, competitors, or anyone else. Period.
- Never train AI models on your data. Your shop management system data is used for real-time reasoning only. It is never used to train, fine-tune, or improve machine learning models. This is also required by our API license agreements with Tekmetric and other providers.
- Never share individual shop data with other shops. Your data is yours. No cross-shop data sharing, even anonymized, without your explicit written consent.
- Never use your data to compete with you. ClearPath is a tool for your business, not a way to exploit your business data.
- Never access your data without authorization. We only access data through API connections you explicitly configure.
5. Data Storage & Security
- Infrastructure: All data is stored in Supabase (built on PostgreSQL), hosted on secure cloud infrastructure with SOC 2 compliance.
- Tenant isolation: Every shop's data is logically isolated using row-level security (RLS) policies. One shop cannot access another shop's data under any circumstances.
- Encryption: Data is encrypted in transit (TLS 1.2+) and at rest (AES-256).
- API credentials: Third-party API credentials (Tekmetric, Twilio, etc.) are encrypted before storage and never exposed in logs or client-side code.
- Access controls: Role-based access within each shop (owner, manager, advisor, tech) determines what data each user can see. Internal ClearPath staff access is limited to authorized personnel and only when necessary for support or troubleshooting purposes explicitly authorized by the Client.
- Call recordings: Stored securely with access limited to authorized users within the subscribing shop. Recordings are retained for the duration of the subscription plus 90 days, after which they are permanently deleted unless the Client requests earlier deletion.
6. Data Retention
| Data Type | Retention |
|---|
| Account information | Duration of subscription + 90 days |
| Shop operational data (ROs, jobs, KPIs) | Duration of subscription + 90 days |
| Call recordings | Duration of subscription + 90 days |
| Call transcripts | Duration of subscription + 90 days |
| SMS / automation logs | Duration of subscription + 90 days |
| Payment records | As required by law (typically 7 years) — stored by Stripe, not ClearPath |
Upon cancellation, you may request a full data export within 90 days. After the 90-day post-cancellation period, all data is permanently and irrecoverably deleted from our systems, unless retention is required by applicable law.
7. Third-Party Services
ClearPath uses the following third-party services to provide the Service:
| Service | Purpose | Data Shared |
|---|
| Supabase | Database & backend | All application data (encrypted at rest) |
| Stripe | Payment processing | Billing info (ClearPath never sees card numbers) |
| Anthropic (Claude) | AI coaching & analysis | Aggregated KPIs for reasoning sessions — no raw customer data, no training |
| Retell AI | AI phone receptionist | Call audio for real-time AI conversation |
| Twilio | SMS & phone infrastructure | Phone numbers, message content for delivery |
| Tekmetric / Shop-Ware | Shop management data | Read-only API access configured by shop owner |
Each third-party service has its own privacy policy. We select partners that maintain high standards of data protection and security.
8. Call Recording Consent & Compliance
ClearPath Voice records inbound phone calls handled by the AI receptionist. We comply with federal and state wiretapping and recording laws as follows:
- The AI receptionist provides a clear verbal disclosure at the beginning of each call that the call may be recorded.
- In one-party consent states, the shop's consent is sufficient for recording.
- In all-party (two-party) consent states, the AI receptionist's disclosure serves as notification. Callers who continue the call after disclosure are deemed to have consented.
- Call recordings are accessible only to authorized users within the subscribing shop and ClearPath support personnel (when explicitly authorized by the Client for troubleshooting).
- Callers who do not wish to be recorded should contact the shop directly via an alternative method.
9. SMS / Text Message Communications
9a. Consent & Opt-In
By providing a phone number during the vehicle intake process at a participating auto repair shop, customers consent to receive service-related text messages from that shop via the ClearPath platform. Consent is obtained at the time of service when the customer provides their phone number and is informed that they will receive text messages including appointment reminders, service updates, follow-ups, review requests, and declined service reminders. Consent is not required as a condition of purchasing goods or services.
9b. Types of Messages
Customers may receive the following types of text messages from participating shops:
- Appointment reminders
- Service completion and vehicle ready notifications
- Post-repair follow-ups
- Declined service reminders
- Review requests
- Missed call recovery messages
- Lost customer re-engagement
9c. Message Frequency & Rates
- Message frequency varies based on service activity. Typically 1-4 messages per service visit.
- Message and data rates may apply. Check with your carrier for details.
9d. Opt-Out
- Recipients may opt out of SMS communications at any time by replying STOP to any message.
- After opting out, you will receive a one-time confirmation message and no further texts will be sent.
- To resume messages, reply START at any time.
- For help, reply HELP or contact the shop directly.
9e. Sender Information
- Messages are sent from the shop's designated phone number and identify the shop by name.
- ClearPath maintains opt-out lists on behalf of each shop and will not send further messages to numbers that have opted out.
- We comply with TCPA (Telephone Consumer Protection Act), CTIA guidelines, and all applicable federal and state regulations for business-initiated communications.
- Phone numbers and messaging data are not shared with third parties for marketing purposes.
10. Your Rights
As a ClearPath subscriber, you have the right to:
- Access: Request a copy of all data we hold about your shop.
- Export: Request a full data export in standard formats (CSV, JSON).
- Correction: Request correction of inaccurate data.
- Deletion: Request deletion of your data. We will delete all data within 30 days of a verified request, except as required by law.
- Portability: Your data is stored in standard database formats and can be exported at any time.
For end consumers (the shop's customers): If you wish to exercise privacy rights regarding data a shop holds about you through ClearPath, please contact the shop directly. The shop is the data controller; ClearPath is the data processor acting on the shop's behalf.
11. Children's Privacy
ClearPath is a business-to-business service designed for auto repair shop operations. We do not knowingly collect information from children under 13. If we learn that we have collected data from a child under 13, we will delete it promptly.
12. California Privacy Rights (CCPA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act:
- Right to know what personal information we collect and how it is used.
- Right to delete personal information we hold about you.
- Right to opt out of the sale of personal information. We do not sell personal information.
- Right to non-discrimination for exercising your privacy rights.
13. Changes to This Policy
We may update this Privacy Policy as our products evolve. Material changes will be communicated via email at least 30 days before taking effect. The "Last updated" date at the top of this page indicates the most recent revision.
14. Data Breach Notification
In the unlikely event of a data breach affecting your information, we will:
- Notify affected subscribers within 72 hours of becoming aware of the breach.
- Provide details on the nature of the breach, data affected, and steps we are taking to resolve it.
- Comply with all applicable state and federal breach notification laws.
- Cooperate fully with any investigation and provide ongoing updates.
15. Contact
For privacy-related questions or to exercise your rights, contact us at:
ClearPath — Privacy
Email: privacy@clearpathos.com