Legal

Privacy Policy

Effective Date: May 20, 2026  |  Governing Law: Illinois

1. Introduction

Carrier Compliance Group LLC (doing business as “Carrier Compliance HQ,” “we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website at www.carriercompliancehq.com or use our services.

We serve motor carriers and owner-operators across the United States. This Policy is designed to comply with applicable federal law and the comprehensive state privacy laws of all U.S. states that have enacted such legislation, including but not limited to those listed in Section 9 below.

By using our Services, you consent to the practices described in this Privacy Policy.

2. Information We Collect

2.1 Information You Provide Directly

We collect personal information that you voluntarily provide when you register, place an order, or use our services, including:

Sensitive Information Notice: SSN and EIN

We collect Social Security Numbers (SSN) and Employer Identification Numbers (EIN) solely for the purpose of completing required government filings on your behalf (e.g., FMCSA MC Authority applications, USDOT registrations). This information is transmitted securely, is not shared with third parties except as required for government filings, and is retained only as long as necessary to fulfill your service request and our legal obligations.

2.2 Information Collected Automatically

When you visit our website, we may automatically collect:

2.3 Information from Third Parties

We may receive information about you from third parties such as payment processors, analytics providers, and publicly available sources (e.g., FMCSA public records).

3. How We Use Your Information

We use your personal information to:

4. SMS / Text Message Communications

SMS Consent

By providing your mobile phone number and checking the consent box on our intake forms, you expressly consent to receive text messages (SMS) from Carrier Compliance HQ regarding your filings, account status, and service updates. Message and data rates may apply. Message frequency varies.

To opt out, reply STOP to any text message. To request help, reply HELP. You may also opt out by contacting us at support@carriercompliancehq.com.

We do not share your mobile number with third parties for their marketing purposes.

5. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

Government Agencies

We share information with the FMCSA, USDOT, and other applicable agencies as required to complete your requested filings.

Service Providers

We share information with trusted third-party service providers who assist us in operating our business, including payment processors, cloud hosting providers, and communications platforms. These providers are contractually obligated to protect your information.

Legal Requirements

We may disclose your information if required by law, subpoena, court order, or governmental authority, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

Business Transfers

In the event of a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction.

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes described in this Privacy Policy, comply with legal obligations, resolve disputes, and enforce our agreements:

7. Data Security

We implement commercially reasonable administrative, technical, and physical security measures including:

No method of electronic storage or transmission is completely secure. If you believe your information has been compromised, contact us immediately at support@carriercompliancehq.com.

8. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience, analyze traffic, and improve our services. You can control cookies through your browser settings; disabling certain cookies may affect functionality.

9. Your Privacy Rights — State-Specific

Depending on your state of residence, you may have specific privacy rights under applicable state law. This section describes your rights by jurisdiction. To exercise any of these rights, please contact us at support@carriercompliancehq.com with your state of residence and the right(s) you wish to exercise. We will respond within the timeframe required by your state’s law.

9.1 California — CCPA / CPRA (Cal. Civ. Code § 1798.100 et seq.)

If you are a California resident, the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) grants you the following rights:

Response time: 45 calendar days (extendable by an additional 45 days with notice). California residents may also authorize an agent to submit requests on their behalf.

9.2 Virginia — VCDPA (Va. Code § 59.1-575 et seq.)

Virginia residents have the following rights under the Virginia Consumer Data Protection Act:

Response time: 45 days (extendable by 45 days). If we deny your request, you may appeal by emailing support@carriercompliancehq.com with the subject line ‘VCDPA Appeal.’ If your appeal is denied, you may contact the Virginia Attorney General.

9.3 Colorado — CPA (C.R.S. § 6-1-1301 et seq.)

Colorado residents have the following rights under the Colorado Privacy Act:

Response time: 45 days (extendable by 45 days). Appeals may be submitted by emailing support@carriercompliancehq.com with subject ‘CPA Appeal.’ Unresolved appeals may be directed to the Colorado Attorney General.

9.4 Connecticut — CTDPA (Conn. Gen. Stat. § 42-515 et seq.)

Connecticut residents have the following rights under the Connecticut Data Privacy Act:

Response time: 45 days (extendable by 45 days). Appeal rights available; unresolved appeals may be directed to the Connecticut Attorney General.

9.5 Utah — UCPA (Utah Code § 13-61-101 et seq.)

Utah residents have the following rights under the Utah Consumer Privacy Act:

Response time: 45 days (extendable by 45 days).

9.6 Texas — TDPSA (Tex. Bus. & Com. Code § 541.001 et seq.)

Texas residents have the following rights under the Texas Data Privacy and Security Act:

Response time: 45 days (extendable by 45 days). Appeal rights available; unresolved appeals may be directed to the Texas Attorney General.

9.7 Oregon — OCPA (ORS § 646A.570 et seq.)

Oregon residents have the following rights under the Oregon Consumer Privacy Act:

Response time: 45 days (extendable by 45 days).

9.8 Montana — MCDPA (Mont. Code Ann. § 30-14-3301 et seq.)

Montana residents have the following rights under the Montana Consumer Data Privacy Act:

Response time: 45 days (extendable by 45 days).

9.9 Delaware — DPDPA (Del. Code tit. 6, § 12D-101 et seq.)

Delaware residents have the following rights under the Delaware Personal Data Privacy Act:

Response time: 45 days (extendable by 45 days).

9.10 Iowa — ICDPA (Iowa Code § 715D.1 et seq.)

Iowa residents have the following rights under the Iowa Consumer Data Protection Act:

Response time: 90 days (extendable by 45 days).

9.11 New Hampshire — NHPPA (RSA Chapter 507-H)

New Hampshire residents have the following rights under the New Hampshire Privacy Act:

Response time: 45 days (extendable by 45 days).

9.12 New Jersey — NJDPA (N.J.S.A. 56:8-166.1 et seq.)

New Jersey residents have the following rights under the New Jersey Data Privacy Act:

Response time: 45 days (extendable by 45 days). Appeal rights available.

9.13 Tennessee — TIPA (Tenn. Code Ann. § 47-18-3201 et seq.)

Tennessee residents have the following rights under the Tennessee Information Protection Act:

Response time: 45 days (extendable by 45 days).

9.14 Minnesota — MHIPA (Minn. Stat. § 325O.01 et seq.)

Minnesota residents have the following rights under the Minnesota Consumer Data Privacy Act:

Response time: 45 days (extendable by 45 days).

9.15 Maryland — MODPA (Md. Code, Com. Law § 14-4601 et seq.)

Maryland residents have the following rights under the Maryland Online Data Privacy Act:

Response time: 45 days (extendable by 45 days).

9.16 Nebraska — NDPA (Neb. Rev. Stat. § 87-1001 et seq.)

Nebraska residents have the following rights under the Nebraska Data Privacy Act:

Response time: 45 days (extendable by 45 days).

9.17 Indiana — IDCPA (Ind. Code § 24-15-1-1 et seq.)

Indiana residents have the following rights under the Indiana Consumer Data Protection Act:

Response time: 45 days (extendable by 45 days).

9.18 Kentucky — KCDPA (KRS § 367.970 et seq.)

Kentucky residents have the following rights under the Kentucky Consumer Data Protection Act:

Response time: 45 days (extendable by 45 days).

9.19 Rhode Island — RICDPA (R.I. Gen. Laws § 6-48.1-1 et seq.)

Rhode Island residents have the following rights under the Rhode Island Data Transparency and Privacy Protection Act:

Response time: 45 days (extendable by 45 days).

9.20 Nevada — NRS Chapter 603A / SB 220

Nevada residents have the right to opt out of the sale of their personal information under Nevada Revised Statutes Chapter 603A and Senate Bill 220. We do not sell personal information. Nevada residents may submit a verified opt-out request by emailing support@carriercompliancehq.com with the subject line ‘Nevada Opt-Out Request.’

9.21 Illinois — BIPA / IDCPA

Illinois residents are protected by the Illinois Biometric Information Privacy Act (BIPA, 740 ILCS 14/) and applicable provisions of the Illinois Personal Information Protection Act (815 ILCS 530/).

Important: Carrier Compliance HQ does NOT collect, capture, purchase, receive through trade, or otherwise obtain biometric identifiers or biometric information (as defined under BIPA, including fingerprints, retina scans, voiceprints, or face geometry scans). If this changes, we will update this Policy and implement full BIPA-compliant procedures including written consent and a publicly available retention/destruction policy.

For breaches of Illinois personal information (including SSN and government IDs), we will notify affected Illinois residents in accordance with 815 ILCS 530/10.

9.22 Submitting a Privacy Rights Request

To exercise any rights described in this Section 9:

1. Email us at support@carriercompliancehq.com with subject line: ‘Privacy Rights Request — [Your State]’
2. Provide your full name, email address used with our services, your state of residence, and the specific right(s) you wish to exercise.
3. We may need to verify your identity before processing your request.
4. We will respond within the timeframe required by your state’s applicable law.

We will not discriminate against you for exercising any privacy rights.

10. Children’s Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we learn that we have collected personal information from a child under 18, we will promptly delete it.

11. Third-Party Websites

Our website may contain links to third-party websites, including government agency websites. This Privacy Policy does not apply to those websites. We encourage you to review the privacy policies of any third-party sites you visit.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time as new state privacy laws take effect or our practices change. We will notify you of material changes by posting the updated policy on our website with a new effective date. The current policy will always be available at www.carriercompliancehq.com/privacy.

13. Governing Law

This Privacy Policy is governed by the laws of the State of Illinois. State-specific rights described in Section 9 are governed by the applicable laws of each respective state. Disputes arising under this policy are subject to the dispute resolution provisions in our Terms of Service.

14. Contact — Privacy Inquiries

For questions, concerns, or to exercise your privacy rights:

Carrier Compliance Group LLC
Attention: Privacy
Email: support@carriercompliancehq.com
Website: www.carriercompliancehq.com