Privacy Policy
Last updated: 2026-04-17
1. About This Policy
Property Appraiser Pro ("Company," "we," "us," or "our") operates a business-to-business software platform (propertyappraiserpro.com) for licensed real estate appraisers. This Privacy Policy explains how we collect, use, disclose, and protect information in connection with our platform, website, and related services (the "Service").
This Policy applies to: (a) licensed appraisers and their firms who create accounts and use the Service ("Customers" or "Users"); (b) individuals whose information appears within appraisal workfiles created, uploaded, or processed through the Service ("Data Subjects"), including borrowers, property owners, and property contacts; and (c) visitors to our website.
For enterprise Customers who require a Data Processing Agreement (DPA), please contact privacy@propertyappraiserpro.com.
2. Information We Collect
2.1 Information You Provide Directly
We collect the following categories of information when you create an account, use the Service, or communicate with us:
- Identifiers: account holder name, email address, phone number (optional).
- Professional / employment information: appraiser license number, license state, firm name, USPAP certification status.
- Financial information (handled by Stripe): tokenized credit/debit card, billing address, transaction history. We store only the last four digits, card brand, and expiration date for display purposes; we never receive or store full card numbers.
- Commercial information: subscription plan, feature usage, invoice records.
- Workfile content — identifiers: borrower name, property owner name, property address, legal description.
- Workfile content — financial: appraised value, comparable sales data, income/expense data for income approach.
- Workfile content — sensitive: property photographs, interior inspection notes, sketches.
- Inferences: AI-generated narrative sections derived from workfile inputs.
Under the New York SHIELD Act (GBL §899-aa), "private information" includes name combined with financial account numbers, Social Security numbers, driver's license numbers, username/email plus password, biometric data, and medical/health insurance information. Workfiles may contain borrower financial information submitted for mortgage underwriting purposes, which constitutes "private information" under the Act.
2.2 Information Collected Automatically
- Device and network identifiers: IP address, browser type, operating system, general geolocation (city/state level, inferred from IP).
- Usage data: pages visited, features accessed, session duration, click events.
- Authentication logs: login timestamps, failed authentication attempts, session tokens (via Supabase Auth).
- Error data: stack traces and error codes (scrubbed of personally identifiable information before transmission to our error tracker).
- Cookies: essential session cookies only — see Section 11.
2.3 Information from Third Parties
- Stripe: payment processing confirmation, subscription status, fraud signals.
- Supabase Auth: authentication tokens; OAuth provider identifiers (Google, GitHub) if single sign-on is used.
We do not purchase data from data brokers. We do not receive personal information about Data Subjects (borrowers, property owners) from any source other than our Customers.
3. How We Use Information
- Service delivery: create and manage your account, provide Platform features, process appraisal workfiles, generate AI-assisted narratives, store and retrieve workfile data, and deliver customer support.
- Payment processing: process subscription payments, issue invoices, handle refunds, and maintain billing records.
- Security and fraud prevention: detect unauthorized access, monitor for security incidents, investigate suspected fraud, enforce our Terms of Service, and fulfill our obligations under the New York SHIELD Act.
- Service improvement: analyze aggregate, de-identified usage patterns to improve Platform functionality. We do not use individual workfile content — including borrower data, property data, or appraisal narratives — for product improvement or internal analytics.
- Legal compliance: comply with applicable law, respond to lawful requests from government authorities, and exercise or defend legal claims.
- Communications: send transactional communications (account creation, password reset, subscription confirmation, auto-renewal reminders) and, with your consent, product updates. You may opt out of non-transactional communications via the unsubscribe link in any email.
We do not use personal information for any purpose materially different from those disclosed above without providing prior notice and, where required by law, obtaining consent.
4. How We Share Information — Subprocessors
We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising.This policy statement satisfies the disclosure requirements of the California Consumer Privacy Act / California Privacy Rights Act (CCPA/CPRA), the Virginia Consumer Data Protection Act, the Colorado Privacy Act, and substantially similar state laws.
We share information only with the following subprocessors, each acting as a service provider or contractor under applicable law:
| Subprocessor | Purpose | Data Shared | Location |
|---|---|---|---|
| Stripe, Inc. | Payment processing, billing, fraud detection | Name, email, billing address, tokenized card data, transaction amounts | United States |
| Supabase, Inc. | Database hosting, authentication, file storage | All account data, all workfile data including borrower/property PII | United States (AWS us-east-1) |
| Vercel, Inc. | Application hosting, CDN, edge compute | IP addresses, HTTP request logs; no persistent PII | United States / global CDN |
| Anthropic, PBC | AI narrative generation via Claude API | Workfile content submitted for AI processing | United States |
| Resend, Inc. | Transactional email delivery | Recipient email, email content (transactional only) | United States |
| Sentry, Inc. | Error monitoring | Error logs, stack traces (PII-scrubbed) | United States |
| PostHog, Inc. | Product analytics (when enabled) | Anonymized session data, feature usage | United States |
We may also disclose personal information to law enforcement or government agencies in response to lawful requests, court orders, or legal process, or when we believe in good faith that disclosure is necessary to protect the safety of any person or to protect our legal rights.
In the event of a merger, acquisition, or sale of all or substantially all of our assets, personal information may be transferred as part of that transaction, subject to this Policy.
5. Your Privacy Rights
Depending on your state of residence, you may have the following rights with respect to your personal information. These rights are currently recognized by state privacy laws in California (CCPA/CPRA), Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA), Texas (TDPSA), Montana (MTCDPA), Delaware (DPDPA), Indiana (INCDPA), Kentucky (KYCDPA), Tennessee (TIPA), Rhode Island (RIDPA), and other states with comprehensive privacy laws.
- Right to know / access: confirmation of whether we process your personal information and a copy of it.
- Right to delete: deletion of your personal information, subject to exceptions for data we are required to retain by law (e.g., tax records, workfile retention under USPAP).
- Right to correct: correction of inaccurate personal information.
- Right to data portability: a copy of information you provided to us in a structured, commonly used, machine-readable format.
- Right to opt out of sale or sharing: we do not currently sell or share personal information, so this right is not exercised against us. If our practices change, we will update this Policy and provide a mechanism.
- Right to limit use of sensitive personal information (California): California residents may limit our use of sensitive personal information to what is necessary to perform the Service. We already use sensitive PI (such as financial data within appraisal workfiles) only for service delivery.
- Right to non-discrimination: we will not deny service, charge different prices, or provide different quality because you exercised a privacy right.
- Right to appeal (VA, CO, CT, TX, MT, DE, IN, KY, TN, and others): if we deny a rights request, you may appeal, and if upheld on appeal you may submit a complaint to your state Attorney General.
5.1 How to Submit a Rights Request
Send requests to privacy@propertyappraiserpro.com with the subject line "Privacy Rights Request — [TYPE OF REQUEST]."
Response timeline. We acknowledge receipt within 10 business days and respond substantively within 45 days. If we need an extension, we will notify you within the initial 45-day window and may extend by an additional 45 days (total: 90 days) with written explanation.
Verification. Because the Service is B2B, we verify Customer identity by confirming account credentials. For Data Subjects who are not account holders (e.g., borrowers whose information appears in a workfile), verification requires the full name, property address, and approximate date of the appraisal. We will not process requests we cannot reasonably verify.
Authorized agents (California). California residents may designate an authorized agent by submitting written authorization signed by the resident. We will verify directly with the resident before processing.
Appeals. If we deny your request, you may appeal within 30 days of the denial by replying to the denial notice with "APPEAL" in the subject line. We will respond to appeals within 45 days.
6. Global Privacy Control (GPC)
We recognize and honor the Global Privacy Control (GPC) browser signal as a valid opt-out of the sale or sharing of personal information for cross-context behavioral advertising. Because we do not engage in such sales or sharing, the GPC signal has no additional operational effect on your data today. If our practices ever change, we will update this section and our infrastructure accordingly.
7. Data Retention
| Data Category | Retention Period | Legal Basis |
|---|---|---|
| Account data (name, email, credentials) | Duration of account + 5 years | NY SHIELD Act; USPAP alignment |
| Workfile content (borrower, property, appraisal data) | Duration of account + 5 years minimum | USPAP Standard 5 (5-year minimum workfile retention) |
| Billing records (invoices, transactions) | 7 years from transaction date | IRS recordkeeping requirements |
| Payment card data | Not stored — Stripe retains per PCI DSS | PCI DSS v4.0 |
| Authentication / security logs | 2 years | Security best practice; SHIELD Act |
| Support communications | 3 years from resolution | Contractual dispute period |
| Error logs | 90 days (auto-purged) | Operational necessity |
| Marketing email records | Until unsubscribe + 1 year | CAN-SPAM Act; CCPA |
When data is no longer required for the stated purposes or legally mandated retention periods, we securely delete or de-identify it. Because USPAP requires appraisers to retain workfiles for five years minimum, our default retention of workfile content matches this period so that your USPAP compliance is preserved.
8. Security Measures
We maintain a Written Information Security Program (WISP) consistent with the NY SHIELD Act's reasonable safeguards standard (GBL §899-bb).
- Administrative safeguards: security coordinator designation, employee security awareness practices, vendor security assessment before onboarding, incident response plan with escalation procedures, regular review and testing of security measures.
- Technical safeguards: TLS 1.2+ for data in transit; AES-256 at rest (Supabase default); role-based access controls limiting data access to personnel with a need to know; Row-Level Security (RLS) policies at the database layer preventing cross-account access; multi-factor authentication required for administrative access; automated detection of unauthorized access attempts; regular security patches.
- Physical safeguards: data is stored in cloud infrastructure (Supabase on AWS us-east-1, Vercel for application hosting). Physical security — access controls, perimeter security, environmental protections — is governed by the underlying providers' SOC 2 Type II certified facilities. We do not maintain on-premises servers.
- Vendor management: each subprocessor listed in Section 4 is contractually required to maintain security standards at least as protective as those described herein.
Specific operational details — including particular vulnerability mitigations, penetration testing schedules, and incident playbooks — are intentionally not disclosed in this Policy to avoid providing a roadmap for bad actors. This approach is consistent with SHIELD Act guidance. See our Security page for a more detailed public-facing security overview.
9. Data Breach Notification
In the event of a breach affecting "private information" as defined under the New York SHIELD Act:
- We will notify affected New York residents within 30 days of discovering the breach, or in the shortest time possible consistent with the legitimate needs of law enforcement, as required by GBL §899-aa.
- If the breach affects 500 or more New York residents, we will notify the New York Attorney General (ag.ny.gov) within 10 days of notifying residents.
- We will notify residents of other states in accordance with the breach notification law of their state of residence. All 50 states have breach notification laws.
- Notification will include: contact information for us; list of types of information that were or reasonably believed to have been accessed or acquired; toll-free numbers and addresses of credit reporting agencies (if financial information was involved); toll-free number, address, and website for the FTC; and guidance on steps to protect against identity theft.
10. Children's Privacy
The Service is designed exclusively for licensed real estate appraisers and their authorized staff. It is not directed at, and we do not knowingly collect personal information from, children under the age of 13. If we learn we have inadvertently collected information from a child under 13, we will promptly delete that information. Contact us at privacy@propertyappraiserpro.com if you believe this has occurred. This section is provided to comply with the Children's Online Privacy Protection Act (COPPA), 15 U.S.C. §6501 et seq.
11. Artificial Intelligence and Machine Learning
The Service uses Anthropic's Claude API to generate AI-assisted narrative sections within appraisal workfiles. When you initiate AI narrative generation, workfile content — which may include property descriptions, inspection notes, comparable data, and related appraisal inputs — is transmitted to Anthropic's servers for processing.
Anthropic does not train its models on your data.By default, Anthropic does not use inputs or outputs from its commercial API to train its models, per Anthropic's commercial terms and privacy policy (anthropic.com/privacy).
We do not train any proprietary model on your data.We do not train any machine learning model on Customer workfile content, borrower data, AI prompts, AI outputs, or any other personal information submitted through the Service.
We do not use workfile data for product analytics.Individual workfile content is not analyzed for product improvement. Only aggregated, de-identified usage metrics (e.g., which platform features are used most frequently) are collected.
AI output accuracy. AI-generated content may contain inaccuracies, omissions, or language that does not reflect the appraiser's professional judgment. All AI content must be reviewed, verified, and approved by the licensed appraiser before inclusion in any appraisal report. Appraisers remain solely responsible for the accuracy, completeness, and USPAP compliance of all appraisal reports.
Ownership. You retain ownership of all workfile data, inputs, and AI-generated outputs. We claim no intellectual property rights over your content.
Automated decision-making. The Service does not make any final decision about borrowers, creditworthiness, property eligibility, or any other consequential determination regarding a consumer. The licensed appraiser retains full decisional authority at all times. We do not engage in profiling that produces legal or similarly significant effects concerning individuals.
12. Cookies and Tracking Technologies
We use the following cookies and similar technologies:
| Cookie Type | Purpose | Retention | Disable? |
|---|---|---|---|
| Essential / session | Login sessions, authentication state | Session / 30 days | No — required for Service |
| Security | CSRF protection, fraud detection | Session | No — required for Service |
| Preference | Theme, display preferences | 1 year | Yes |
| Analytics (PostHog, when enabled) | Feature engagement | 90 days | Yes — via GPC or cookie settings |
| Error tracking (Sentry) | Session error context (PII-scrubbed) | 90 days | No — scrubbed of PII |
We do not use advertising, retargeting, or third-party behavioral tracking cookies. We do not respond to browser Do Not Track signals, as no uniform standard governs their interpretation. We do honor Global Privacy Control (see Section 6).
13. International Users
The Service is operated from the United States and is intended for U.S.-based users only. All personal information is stored and processed in the United States (AWS us-east-1 via Supabase). If you access the Service from outside the United States, you do so at your own initiative and are responsible for compliance with your local law. The Service is not directed at residents of the European Economic Area (EEA), United Kingdom, or any jurisdiction where the General Data Protection Regulation (GDPR) or an equivalent framework applies.
14. Changes to This Policy
We may update this Policy from time to time. We distinguish between material and non-material changes.
Material changes (changes to the categories of data collected, purposes of use, third-party sharing, or your rights) are communicated by: (a) updating this page with a new "Last Updated" date, (b) sending an email to all account holders at least 30 days before the change takes effect, and (c) displaying a prominent notice on the Service for 30 days. Continued use after the effective date constitutes acceptance.
Non-material changes (clarifications, formatting corrections, contact updates) are reflected by updating the "Last Updated" date only, without advance notice.
15. Contact Us
Privacy requests: privacy@propertyappraiserpro.com
General support: support@propertyappraiserpro.com
Security reports: security@propertyappraiserpro.com