WATER DAMAGE EMERGENCY? CALL 619-320-2700 | TEXT US
619-320-2700
Industry-leading security posture

Your Data Is Safer With Us Than With Any Restoration Company in San Diego

We treat customer data like banks treat money. Cryptographically verified identity. Never sold to third parties. Open to public security audit. Our infrastructure exceeds what every insurance carrier asks vendors to meet.

Our Public Security Scorecard

Most restoration websites have an F. Ours is open to verification by any researcher, journalist, or insurance carrier.

A+
Mozilla Observatory
HTTP security headers
A+
SSL Labs
TLS configuration
100
securityheaders.com
Security header score
RFC 9116
security.txt
Vulnerability disclosure

Scores reflect target configuration. Verify them yourself: Observatory, SSL Labs, securityheaders.com.

Cal Coast vs. Average Restoration Vendor

What's different about how we handle your information.

Cal Coast Water Damage

  • HTTPS forced on every connection (HSTS preload)
  • Comprehensive Content Security Policy
  • Cryptographically verifiable identity (did:web)
  • Published vulnerability disclosure policy
  • Bug bounty program for security researchers
  • Direct insurance billing (no third-party data brokers)
  • CCPA-compliant. We don't sell your information.
  • Customer data export available on request
  • AI chatbot proxies through our own server (your data doesn't go to random AI providers)
  • C2PA-compliant photo authenticity (anti-deepfake)
  • Open security.txt for responsible disclosure
  • Anonymized customer journey data published under CC-BY-4.0

Typical Restoration Website

  • Mixed HTTP/HTTPS (data can be intercepted on public WiFi)
  • No Content Security Policy (vulnerable to XSS)
  • No verifiable identity (anyone can impersonate them)
  • No disclosure policy (security issues never reported)
  • No researcher engagement (vulnerabilities unfixed for years)
  • May sell customer leads to third-party brokers
  • No CCPA compliance documentation
  • No customer data export pathway
  • Chat widgets share data with vendors without disclosure
  • Stock photos with no authenticity proof
  • No security disclosure path
  • No public data - claims are unverifiable marketing

Verify Cal Coast Cryptographically

Worried someone is impersonating Cal Coast? You can confirm any communication from us using our published DID document. Paste this into any did:web resolver:

did:web:calcoastwaterdamage.com resolveAt: https://calcoastwaterdamage.com/.well-known/did.json

This means: when someone claims to be Cal Coast, you can verify it cryptographically against our published identity. Insurance adjusters: this is how you confirm any signed claim documentation actually originated from us.

The Five Promises

This is how we operate. If we break any of these, you can publish it.

1. We don't sell your data.

Not to lead-generation companies. Not to insurance brokers. Not to advertising networks. Your information stays between us, your insurance carrier (with your authorization), and the subcontractors required to do the job.

2. Your data is exportable on request.

Email us with subject "CCPA Request" and we send you everything we have about you within 45 days. Standard under California law. We make it easy.

3. Vulnerability disclosure is welcomed.

Security researchers who find issues in our infrastructure are thanked, not threatened. We follow a published safe-harbor policy. Read our disclosure terms at our security policy.

4. Photo evidence is provably authentic.

Cal Coast job photos carry C2PA Content Credentials. Insurance adjusters can verify they weren't doctored. By 2027 this becomes industry standard. We're early.

5. Our knowledge base is open.

Our published knowledge base is licensed CC-BY-4.0. We publish anonymized customer outcomes. We publish industry benchmarks. Sunlight is the best disinfectant.

6. Real-time data, not marketing claims.

Our availability feed, pricing, and trust score are machine-readable. Insurance carriers, journalists, and AI agents can verify our claims without taking our word for it.

For Insurance Carriers

If you're an adjuster or carrier vendor coordinator evaluating Cal Coast, our security posture exceeds typical vendor requirements:

Need a vendor security questionnaire response? Email josiah@gowithcalcoast.com with subject "Vendor Security Questionnaire" - we have answers pre-published.

Trust matters in restoration.

Especially when you're letting someone into your home during a crisis. Choose the vendor that treats your data like it matters.

Call Cal Coast: 619-320-2700