TRUST & COMPLIANCE

Built for trust. Designed for compliance.

Every Quitlo conversation starts with consent and ends with action. Here's how we protect your customers.

Consent framework

Every conversation starts with consent.

Opt-in only

“Skip & Cancel” always visible, always functional. Cancellation proceeds immediately if they skip.

AI disclosed

“You’ll be speaking with an AI assistant” — shown before conversation starts.

Recording disclosed

“This conversation is recorded and analyzed” — clear, upfront.

Company branding

Your logo, your name. Customers see YOUR brand, not Quitlo.

Stop anytime

Customer says “stop” → conversation ends immediately.

Data handling

Minimal access. Maximum protection.

What we access

Stripe subscription events (read-only OAuth)
Conversation audio + transcript
Encryption: at rest + in transit
Storage: your choice of region (US/EU)

What we don't access

Payment details
Customer passwords
Browsing data
GDPR

GDPR Compliance

Lawful basis

Legitimate interest + explicit consent

Data subject rights

Access, rectification, erasure, portability

DPA

Available on request

CCPA

CCPA Compliance

Rights

Right to know, delete, opt-out

Data selling

No selling of personal information

Review

Annual compliance review

Retention controls

Your data, your rules.

Auto-delete after 30, 60, or 90 days — your choice
Manual deletion anytime from dashboard
Export your data before deletion
Our commitment

No dark patterns.

If someone clicks Skip, cancellation proceeds immediately. We never hold cancellation hostage. We never guilt-trip. We never make it harder to leave. The conversation is a gift of feedback, not a retention trap.

Questions about compliance?

We're happy to walk through our security practices and sign a DPA.

Contact Us →Request DPA →

compliance@quitlo.com · Response within 24 hours