Privacy Policy

A. Information you provide: Email address (via Clerk authentication), name, company name (via Clerk organization), portfolio addresses, AI report prompts and parameters, payment information (handled exclusively by Stripe — we never see or store card numbers), and support communications.

B. Information collected automatically: Usage data (pages visited, features used, searches performed, reports generated) via Google Analytics (GA4) and custom event tracking; device and browser information; IP address (for security and approximate location); email engagement data (opens, clicks) via our email provider; cookie and pixel data; and referral source.

C. Content engagement data (requires analytics consent): Article impressions (which articles are shown and their feed position), article clicks, dwell time (how long you spend viewing an article), scroll depth within articles, external link clicks, cross-module navigation from articles, article saves/bookmarks, article dismissals, and explicit feedback (e.g., marking an article as not relevant, with the reason you provide). This data is collected only when you have accepted analytics cookies via our cookie banner. If you decline cookies, no engagement data is collected and the newsroom feed uses rules-based scoring only.

D. Information derived or generated: Pseudonymous analytics ID (UUID linked to your account but not containing directly identifying information); quality scores, risk signals, and intelligence signals generated by our algorithms applied to government data; AI-generated reports and analysis via Anthropic's Claude API; content preference profiles derived from engagement patterns (e.g., preferred article categories, topics, and sources); and aggregated usage patterns.

Service operation: Authentication, account management, security, fraud prevention, debugging, and customer support.

Product improvement: Aggregated, anonymized usage data to improve features, user experience, and platform performance.

Communications: Transactional emails (alerts, reports, account notifications, billing), product updates and announcements, and email engagement tracking (opens, clicks) to improve communication quality. You may unsubscribe from non-transactional emails at any time.

Aggregated market insights: Anonymized, aggregated behavioral data (e.g., trending neighborhoods, most-viewed property types). No personally identifiable information in outputs.

Analytics: Google Analytics (GA4) for understanding usage patterns, feature adoption, site performance, and user experience. Activated only with your consent via our cookie banner.

Content personalization and quality measurement: When you have accepted analytics cookies, we use engagement data (article clicks, dwell time, scroll depth, saves, dismissals, and feedback) to build a preference profile associated with your account. This profile is used to personalize the newsroom feed, prioritizing content that matches your interests and reducing articles you have indicated are not relevant. We also log which articles are shown and their feed position to measure content scoring quality and improve our algorithms. This data is used solely within the Cityligence experience and is not shared with third parties for their own purposes.

Personalized recommendations (future): Property recommendations based on your usage patterns within the platform.

Advertising and retargeting: Third-party advertising pixels to show Cityligence advertisements on other platforms. No personally identifiable information is directly shared — ad platforms perform matching via cookies and device identifiers. Activated only with your consent via our cookie banner; opt-out available via our CCPA mechanism.

Legal compliance: Responding to legal process, enforcing our Terms of Service, and protecting rights and safety.

We share information with the following service providers (subprocessors): Clerk (authentication), Stripe (payment processing), Supabase (database hosting, encrypted at rest and in transit), Anthropic (AI report generation), Resend (transactional email), Brave Search (newsroom web mentions), Mapbox (map rendering), Google Analytics (pseudonymous usage analytics), Vercel (application hosting), and Cloudflare via Vercel (CDN, DDoS protection, bot management). Ad platforms for retargeting are planned but not yet active.

Legal obligations: We may disclose information in response to a subpoena, court order, legal process, or government request.

Safety: We may disclose information when we believe it is necessary to prevent fraud, protect safety, or enforce our Terms.

Business transfers: In the event of a merger, acquisition, incorporation, reorganization, or asset sale, your information may be transferred to the successor entity. We will notify you of any such transfer.

With your consent: We may share information with third parties when you have given explicit consent.

We do not sell personal information. We do not sell, rent, or trade your personally identifiable information to third parties for their own marketing purposes.

We do not share personal information for cross-context behavioral advertising except through the retargeting mechanisms described above, which you may opt out of (see "Your Rights & Choices" below).

We use cookies, pixels, and similar technologies as described in our Cookie Policy.

Essential cookies (authentication, security) are required for the Service to function.

Analytics and advertising cookies are activated only with your consent via our cookie banner.

Account data (email, name, company): Duration of account + 30 days after deletion request.

Usage and analytics data: 26 months (GA4 configured retention for user/event-level data; aggregated reports retained indefinitely).

AI reports and analysis: Duration of account.

Portfolio data (addresses, alerts): Duration of account + 30 days.

Payment and billing records: 7 years after last transaction (tax and legal compliance).

Server and application logs: 90 days.

Email engagement data: 12 months.

Content engagement events (impressions, clicks, dwell, scroll, saves, dismissals, feedback): 12 months.

Aggregated content preference profiles: Duration of account (retained as long as the account is active).

Cookie consent records: 3 years (compliance audit trail).

After the retention period, data is deleted or irreversibly anonymized. You may request early deletion of your personal data (see Your Rights & Choices below).

We implement reasonable administrative, technical, and physical security measures to protect your information, including: encryption in transit (TLS/HTTPS) and at rest (Supabase database encryption); Row Level Security (RLS) on all database tables for tenant data isolation; parameterized database queries (protection against SQL injection); authentication via Clerk with secure session management; payment data handled exclusively by PCI DSS Level 1 compliant processor (Stripe); environment variables for all secrets and API keys (no hardcoded credentials); and regular dependency updates and security reviews.

No system is 100% secure. We cannot guarantee absolute security, but we are committed to protecting your data using industry-standard practices.

In the event of a data breach affecting your personal information, we will notify affected users in accordance with applicable law, including the New York SHIELD Act (General Business Law 899-aa) which requires notification in the most expedient time possible and without unreasonable delay, and California Civil Code 1798.82 for affected California residents.

Notification will include: the nature of the breach, the types of information affected, steps we are taking in response, and steps you can take to protect yourself. We will also notify relevant regulatory authorities as required by law.

Access your data: Email privacy@cityligence.com. Response within 30 days.

Delete your account and data: Email privacy@cityligence.com. Processed within 30 days; some data retained per our retention schedule.

Correct inaccurate data: Update in your account settings or email privacy@cityligence.com. Processed within 30 days.

Opt out of analytics cookies: Use the cookie banner to decline non-essential cookies, or adjust your browser settings.

Opt out of retargeting/advertising: Use the "Do Not Sell or Share My Personal Information" link in the site footer.

Opt out of marketing emails: Click the unsubscribe link in any non-transactional email. Processed within 10 business days.

Data portability: Email privacy@cityligence.com to request an export of your data. Response within 30 days.

For California residents exercising CCPA/CPRA rights, the timeline in the California Privacy Rights section below applies (45 days, extendable by 45 days with notice).

Non-account-holders (e.g., site visitors whose IP address or cookie data was collected) may also submit privacy requests to privacy@cityligence.com. We will verify non-authenticated requests per CCPA verification requirements.

We will not discriminate against you for exercising any of these rights.

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA).

Categories of personal information collected (per CCPA categories): Identifiers (name, email, account ID, IP address, analytics ID); commercial information (subscription plan, payment history, feature usage); internet/electronic activity (browsing history within the Service, search queries, feature interactions, content engagement data including article impressions, clicks, dwell time, scroll depth, saves, dismissals, and feedback); geolocation data (approximate location derived from IP address); professional information (company name, role if provided); and inferences (usage patterns, feature preferences, content preference profiles derived from engagement data).

Business purposes for collection: Service operation, product improvement, communications, analytics, and advertising as detailed in Section 2.

We do NOT sell personal information. We "share" personal information (as defined by CPRA) for cross-context behavioral advertising through retargeting pixels. You may opt out of this sharing at any time via the "Do Not Sell or Share My Personal Information" link in our site footer.

Your CCPA/CPRA rights: Right to know what personal information we collect, use, and share; right to delete personal information (subject to exceptions); right to correct inaccurate personal information; right to opt out of the sale or sharing of personal information; right to limit the use of sensitive personal information (we do not collect sensitive PI as defined by CPRA); and right to non-discrimination for exercising your rights.

How to submit a request: Email privacy@cityligence.com or use the opt-out link. We will respond to verifiable requests within 45 days (extendable by 45 days with notice).

Authorized agents: You may designate an authorized agent to make requests on your behalf, subject to verification.

We honor Global Privacy Control (GPC) and similar browser-based opt-out preference signals.

When we detect a GPC signal, we treat it as a valid opt-out request for the sale or sharing of personal information, as required by CCPA/CPRA and applicable state laws (including Colorado and Connecticut).

If you are logged in when we detect a GPC signal, we will record your opt-out preference in your account so it persists across sessions.

We will not require you to take additional action to confirm a GPC-based opt-out.

Honoring GPC suppresses retargeting/advertising pixels. Analytics cookies remain subject to your cookie banner preference.

The Service is not directed to individuals under the age of 18, consistent with our Terms of Service.

We do not knowingly collect personal information from individuals under 18.

If we learn that we have collected information from an individual under 18, we will delete it promptly. Contact privacy@cityligence.com if you believe a minor has provided us with personal information.

We may update this Privacy Policy from time to time. Material changes will be communicated via email or in-app notification at least 30 days before taking effect.

The "Last updated" date at the top of this page reflects the most recent revision. Continued use of the Service after changes take effect constitutes acceptance.

For privacy questions, data requests, or concerns: Email privacy@cityligence.com.

For CCPA requests: Email privacy@cityligence.com with the subject line "CCPA Request."