Privacy Notice
Davis-Bacon Precheck is designed to minimize payroll and document data. The preview flow records usage signals such as event names, issue counts, document length, whether payroll rows were supplied, and scrambled session/report references. It does not intentionally store raw analytics copies of wage determination text, contract excerpts, payroll CSV, worker names, worker identifiers, raw session identifiers, raw report identifiers, or SSNs.
Requests containing likely full Social Security numbers are blocked before report storage. Stored reports omit raw payroll files, worker names, worker identifiers, raw payroll rows, raw contract excerpts, and the full original wage determination text once the rates have been read from it.
Public endpoint rate limits use salted hashes of client identifiers. They are intended for abuse control and are not stored as raw client IP addresses.
The app stores minimized submitted precheck inputs and generated reports so the report can be retrieved after checkout. Stored reports have an expiry, report access tokens expire, scheduled purge removes expired records, and each precheck response includes a deletion token for user-initiated removal.
Production readiness is designed to block public launch until encryption policy, D1 backup retention, log retention, and a customer-facing support/deletion request path are confirmed.
Do not upload full Social Security numbers. WH-347 workflows should use an individual identifying number rather than a full SSN.
When the AI report explanation is enabled, the only data sent to the AI provider is the report's findings, the wage determination cover-page details, and classification candidates. Payroll rows, worker names, worker identifiers, uploaded documents, contact details, and tokens are never sent.
If third-party OCR, AI, storage, or payment providers are enabled later, they should be configured under business terms with no-training data controls where applicable.