Privacy Policy

Last updated: February 2026

1. Information We Collect

Account Information: Email address, name, and organization details provided during registration.

Project Data: Project details, addresses, uploaded documents, and generated outputs you create within the Service.

Usage Data: Actions taken within the app (logged in the audit trail for security), page views, and feature usage.

2. How We Use Your Data

• To provide and improve the Service
• To generate permit packets, scores, and recommendations
• To maintain audit trails for security and compliance
• To communicate service updates

3. Data Isolation

All organization data is protected by row-level security policies in our database. Your data is only accessible to members of your organization based on their assigned role.

4. External AI Processing

External AI processing is disabled by default for all organizations. If enabled by an organization admin, only minimal extracted text (never raw uploads) is sent to the configured AI provider. All AI calls are logged in the audit trail.

5. File Storage

Uploaded files are stored in Supabase Storage with signed URLs (no public access). Files are accessed only via authenticated, org-scoped requests. Organizations can configure retention policies (30–365 days).

6. Data Retention

Project data is retained for the duration of your subscription unless deleted by you or your organization admin. Upload retention follows your org-level settings. Audit logs are retained for compliance purposes.

7. IP Address Handling

IP addresses in audit logs are stored as one-way hashes — we cannot reverse them to actual IP addresses. This provides security traceability without storing personally identifiable network information.

8. Your Rights

You may request export or deletion of your data by contacting privacy@abundanceatlas.com. Organization admins can delete projects and uploaded files directly within the application.

9. Contact

For privacy questions, contact privacy@abundanceatlas.com.