Privacy Policy

• Account data - information you give us when you sign up and use the dashboard (email, password hash, billing details, support tickets). This is governed by the practices below.
• Property & contact data - public-record property data and skip-trace contact information that we license from third-party providers and surface inside the product. We are a redistributor of this data, not the originator.

• Identity: email address, full name (optional), profile role.
• Authentication: hashed password, OAuth tokens for Google sign-in.
• Billing: Stripe customer ID, last four digits of card, card brand, billing country. We never store full card numbers - Stripe handles that and is PCI DSS Level 1 certified.
• Usage: exports run, credits used, filter searches, search history, IP address, browser user-agent.
• Communications: support emails and in-app messages you send us.

• Provide the service, run your exports, settle credits, and bill you.
• Detect abuse - automated scraping, credential sharing, chargeback fraud.
• Email you about your account: receipts, build completion, expiry warnings, security alerts.
• Send product updates and pricing changes. You can opt out of non-essential email at any time.
• Comply with legal obligations (tax, subpoenas, lawful requests from authorities).

We do not sell your personal information.

• Supabase - auth, database, file storage.
• Stripe - payment processing (PCI DSS Level 1).
• Vercel - web hosting.
• Hetzner - backend compute (FastAPI + DuckDB).
• Resend - transactional email.
• OpenFreeMap / Geoapify / MapTiler / Mapbox / TomTom / LocationIQ / Stadia Maps - map tiles and address autocomplete. Only the geocoding query string is sent, never your account data.

Each subprocessor is bound by data-processing terms and only handles the data necessary to perform their function.

The property records and skip-trace phone matches you see in PropContact are sourced from public records (county assessors, recorders, tax rolls, MLS feeds) and licensed third-party data providers. We perform record matching, deduplication, and quality scoring before surfacing them.

If you are an individual whose contact information appears in PropContact and you wish to be removed, email privacy@propcontact.net with proof of identity. We honor verified opt-out requests across our dataset within 30 days.

We use cookies for authentication and to remember your preferences (theme, last-used filter). We do not use third-party advertising cookies. Aggregated analytics may be collected via Vercel Analytics - these do not include personally identifying information.

• Access - request a copy of the account data we hold about you.
• Correction - fix inaccuracies in your account.
• Deletion - close your account and have account data deleted (we retain billing records for 7 years for tax purposes).
• Portability - receive your data in a machine-readable format.
• Opt-out of sale - we don't sell personal data; this is automatically honored.

Exercise any right by emailing privacy@propcontact.net.

• Account data: kept while your account is active and for up to 90 days after closure.
• Export CSV files: stored for 30 days after the build completes, then automatically deleted.
• Billing records: retained for 7 years to comply with tax law.
• Aggregated, anonymized usage stats: kept indefinitely.

Data is encrypted in transit (TLS) and at rest (Supabase / Hetzner managed encryption). Passwords are hashed with bcrypt. Service-role database keys are kept on backend infrastructure only - never shipped to the browser. We follow OWASP Top 10 hardening practices and run regular dependency audits.

PropContact stores account data in the United States. If you access the service from outside the US, you consent to your data being transferred to and processed in the US under our subprocessors' standard contractual clauses.

PropContact is not intended for use by anyone under 18. We do not knowingly collect data from children.

We may update this policy from time to time. The current version is always at propcontact.net/privacy. Material changes are communicated by email to active users at least 14 days before they take effect.

Email privacy@propcontact.net for any privacy question or to exercise a right under this policy. For account or billing matters, reach our support team at support@propcontact.net or +1 (941) 991-5772 (Adam).