Privacy Policy
Last updated: January 15, 2025
1. Information We Collect
Information You Provide
When you create an account or use our services, we collect information you voluntarily provide:
- Account Information: Name, email address, company name, phone number, and billing address
- Payment Information: Credit card details (processed securely through Stripe; we do not store full card numbers)
- Property Searches: Property addresses you search and reports you generate
- Communications: Content of emails, support tickets, and feedback you send us
- Profile Data: Optional information like job title, company size, and preferences
Automatically Collected Information
When you use our services, we automatically collect certain technical information:
- Device Information: Browser type, operating system, device identifiers
- Usage Data: Pages visited, features used, time spent on pages, click patterns
- Location Data: IP address and general geographic location (city/state level)
- Log Data: Server logs including timestamps, errors, and API requests
- Cookies: Session cookies, preference cookies, and analytics cookies (see Cookie Policy below)
Information from Third Parties
We receive property data from our integration partners:
- Government agencies (FEMA, USGS, EPA, Census, HUD, USDA)
- Real estate data providers (Regrid, RentCast, Mapbox)
- Payment processor (Stripe) for transaction completion data
Census Data Compliance (Title 13 U.S.C.)
We use U.S. Census Bureau data in strict compliance with federal law (Title 13 U.S. Code):
- Aggregate Data Only: We access only county-level aggregate statistics from the Census API, never individual respondent data
- No Re-identification: Census data is not used to identify individuals or combined with personal identifiers
- Data Separation: Property owner names come exclusively from public county tax assessor records, not from Census data
- Attribution: Census statistics represent county-wide demographics that apply uniformly to all properties in the county
This approach ensures full compliance with Census Bureau regulations while providing valuable market context for property analysis.
2. How We Use Your Information
We use your information for the following purposes:
Service Delivery
- Create and manage your account
- Process property searches and generate reports
- Provide customer support and respond to inquiries
- Process payments and maintain billing records
- Send service-related notifications and updates
Improvement and Analytics
- Analyze usage patterns to improve our services
- Develop new features based on user behavior
- Monitor system performance and security
- Conduct research and analytics on property data trends
Communication
- Send account notifications and security alerts
- Provide product updates and new feature announcements
- Send marketing communications (with your consent; you may opt out anytime)
- Respond to your questions and support requests
Legal and Security
- Comply with legal obligations and law enforcement requests
- Protect against fraud, abuse, and security threats
- Enforce our Terms of Service
- Defend our legal rights in disputes
3. Information Sharing and Disclosure
We do not sell your personal information. We only share your information in the following circumstances:
Service Providers
We share data with trusted third-party service providers who help us operate our business:
- Stripe: Payment processing (PCI-DSS compliant)
- Supabase: Database hosting and authentication
- Cloud Infrastructure: Hosting and data storage providers
- Email Services: Transactional email delivery
- Analytics Tools: Usage analytics and monitoring
All service providers are contractually obligated to maintain confidentiality and use data only for specified purposes.
Business Transfers
If ReadyPermit is involved in a merger, acquisition, or asset sale, your information may be transferred. We will provide notice before your information becomes subject to different privacy practices.
Legal Requirements
We may disclose information when required by law, including:
- Responding to subpoenas, court orders, or legal process
- Complying with government investigations or regulatory requests
- Protecting our rights, property, or safety
- Preventing fraud or security threats
Aggregated Data
We may share aggregated, de-identified information that cannot be used to identify you individually, such as statistics about property searches or industry trends.
4. Data Security
We implement industry-standard security measures to protect your information:
- Encryption: All data transmitted using 256-bit TLS/SSL encryption
- Secure Storage: Data stored in encrypted databases with access controls
- Authentication: Strong password requirements and secure session management
- Access Controls: Limited employee access on a need-to-know basis
- Monitoring: Continuous security monitoring and threat detection
- Regular Audits: Security assessments and vulnerability testing
- Compliance: SOC 2 Type II certified infrastructure
While we use reasonable security measures, no system is completely secure. We cannot guarantee absolute security of information transmitted over the internet.
5. Data Retention
We retain your information for as long as necessary to provide our services and comply with legal obligations:
- Account Data: Retained while your account is active and for 30 days after deletion
- Property Reports: Stored indefinitely while account is active; deleted 30 days after account closure
- Payment Records: Retained for 7 years for tax and accounting purposes
- Support Communications: Retained for 3 years
- Server Logs: Retained for 90 days
You may request earlier deletion of your data subject to legal retention requirements. Contact us at landon@readypermit.ai or carson@readypermit.ai to exercise your deletion rights.
6. Your Privacy Rights
Depending on your location, you may have the following rights regarding your personal information:
Access and Portability
- Request a copy of your personal data in a structured, machine-readable format
- Export your property reports and search history
Correction
- Update inaccurate or incomplete information in your account settings
- Request correction of information we hold about you
Deletion
- Request deletion of your account and personal data
- Note: Some data may be retained for legal compliance
Opt-Out
- Unsubscribe from marketing emails via the link in each message
- Disable non-essential cookies through your browser settings
- Opt out of data analytics (may limit functionality)
Object and Restrict
- Object to processing of your data for certain purposes
- Request restriction of processing in specific circumstances
To exercise these rights, email landon@readypermit.ai or carson@readypermit.ai. We will respond within 30 days. You may also have the right to lodge a complaint with your local data protection authority.
7. Cookies and Tracking Technologies
We use cookies and similar technologies to improve your experience:
Types of Cookies
- Essential Cookies: Required for login, security, and core functionality
- Performance Cookies: Analytics to understand usage patterns
- Functionality Cookies: Remember your preferences and settings
- Marketing Cookies: Track effectiveness of campaigns (with consent)
Managing Cookies
You can control cookies through your browser settings. Note that disabling essential cookies may limit functionality. Most browsers allow you to block third-party cookies while allowing first-party cookies.
8. International Data Transfers
ReadyPermit is based in the United States. Your information may be transferred to and processed in the United States or other countries where our service providers operate. These countries may have different data protection laws than your jurisdiction.
For transfers from the European Economic Area (EEA), we use Standard Contractual Clauses approved by the European Commission to ensure adequate protection of your data. By using our services, you consent to the transfer of your information to the United States and other jurisdictions.
9. Children's Privacy
ReadyPermit is not intended for use by individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately at landon@readypermit.ai or carson@readypermit.ai and we will delete it.
10. California Privacy Rights (CCPA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act:
- Right to Know: Request information about data we've collected, used, and shared
- Right to Delete: Request deletion of your personal information
- Right to Opt-Out: We do not sell personal information
- Right to Non-Discrimination: We will not discriminate for exercising your rights
To exercise these rights, email landon@readypermit.ai or carson@readypermit.ai. We may verify your identity before processing requests.
11. European Privacy Rights (GDPR)
If you are in the European Economic Area, you have rights under the General Data Protection Regulation:
- Legal Basis: We process data based on consent, contract, legitimate interests, or legal obligations
- Data Controller: ReadyPermit AI is the data controller for your information
- DPO Contact: Email landon@readypermit.ai or carson@readypermit.ai for privacy concerns
- Right to Lodge Complaint: You may file a complaint with your supervisory authority
12. Data Breach Notification
In the unlikely event of a data breach that affects your personal information, we will notify you and applicable regulatory authorities within 72 hours of discovery, as required by law. Notifications will include the nature of the breach, potential impact, and steps we are taking to address it.
13. Changes to This Privacy Policy
We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will notify you of material changes by email or through a prominent notice on our website at least 30 days before the changes take effect. Your continued use of our services after changes constitutes acceptance of the updated policy.
14. Contact Us
For questions, concerns, or requests regarding this Privacy Policy or our privacy practices: