Privacy Policy

1. Introduction

ZoneWire, LLC ("ZoneWire," "Company," "we," "our," or "us") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy describes how we collect, use, disclose, retain, and safeguard your information when you access or use our real estate intelligence software-as-a-service platform (the "Service"), including our website, applications, and related services.

By accessing or using the Service, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with our policies and practices, please do not use our Service.

This Privacy Policy applies to information we collect through the Service, in email, text, and other electronic messages between you and the Service, and when you interact with our advertising and applications on third-party websites and services. It does not apply to information collected by any third party, including through any application or content that may link to or be accessible from the Service.

2. Information We Collect

We collect several types of information from and about users of our Service, including:

2.1 Personal Information You Provide

When you register for an account, subscribe to our Service, or otherwise interact with us, you may provide the following personal information:

• Account Registration Information: Email address (required), full name (optional), and password credentials managed through our authentication provider
• Payment Information: When you subscribe to our Service at $97 per month or other pricing tiers, your payment card details (card number, expiration date, CVV, billing address) are collected and processed directly by Stripe, Inc. We do not store your complete payment card information on our servers; we receive only a tokenized reference, last four digits of your card, card type, and expiration date
• Communications: Information you provide when contacting our support team, including the content of your messages and any attachments

2.2 Information Collected Automatically

When you access or use our Service, we automatically collect certain information, including:

• Device and Browser Information: IP address, browser type and version, operating system, device type, and unique device identifiers
• Usage Data: Pages viewed, features accessed, search queries within the platform, clickstream data, time spent on pages, and interaction patterns
• Activity Logs: Authentication events (sign-in, sign-out, password changes), account modifications, and subscription-related actions, along with associated timestamps and IP addresses
• Technical Data: Error logs, performance data, and diagnostic information to maintain and improve the Service

2.3 Information from Third-Party Services

We may receive information about you from third-party services, including:

• Authentication Provider (Supabase): User authentication status and session information
• Payment Processor (Stripe): Subscription status, payment success or failure notifications, and fraud prevention signals

2.4 Public Meeting Data

Our Service processes publicly available recordings and documents from City Council and County Commissioner meetings. This data originates from public government sources and is not personal information about our users. However, these public records may contain names and statements of individuals who participate in or are mentioned during public meetings. We process this information to provide our real estate intelligence services.

3. How We Use Your Information

We use the information we collect for the following purposes:

3.1 Service Provision and Operations

• To create and manage your user account
• To authenticate your identity and maintain session security
• To process subscription payments and manage billing
• To provide access to our real estate intelligence features, including transcribed meeting content, zoning change alerts, and development opportunity insights
• To deliver customer support and respond to your inquiries

3.2 Service Improvement and Development

• To analyze usage patterns and improve the functionality and user experience of our Service
• To identify and fix technical issues, bugs, and security vulnerabilities
• To develop new features and services based on user needs and feedback
• To conduct internal research and analytics

3.3 Communications

• To send transactional communications, including account verification, password resets, payment confirmations, and subscription renewal notices
• To send service-related announcements, such as updates about our Service, changes to this Privacy Policy, or security alerts
• To respond to your comments, questions, and support requests

3.4 Legal and Security Purposes

• To comply with applicable laws, regulations, and legal processes
• To protect the rights, property, and safety of ZoneWire, our users, and others
• To detect, prevent, and address fraud, security breaches, and other harmful activity
• To enforce our Terms of Service and other agreements

4. Legal Bases for Processing (GDPR)

For users in the European Economic Area (EEA), United Kingdom, or Switzerland, we process your personal data based on the following legal grounds under the General Data Protection Regulation (GDPR):

• Performance of Contract: Processing necessary to fulfill our contractual obligations to you, including providing the Service, managing your account, and processing payments
• Legitimate Interests: Processing necessary for our legitimate business interests, such as improving our Service, ensuring security, and preventing fraud, provided these interests are not overridden by your rights and freedoms
• Legal Obligations: Processing necessary to comply with legal obligations to which we are subject, such as tax reporting requirements and responding to lawful government requests
• Consent: Where you have provided explicit consent for specific processing activities, which you may withdraw at any time

5. Third-Party Service Providers

We engage trusted third-party companies and individuals to facilitate our Service, provide services on our behalf, perform Service-related functions, or assist us in analyzing how our Service is used. These third parties have access to your personal information only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

5.1 Stripe, Inc. (Payment Processing)

We use Stripe to process subscription payments. When you provide payment information, it is transmitted directly to Stripe's secure servers. Stripe is certified as a PCI Level 1 Service Provider, the most stringent level of certification in the payments industry. Stripe's privacy policy is available at https://stripe.com/privacy.

Information shared with Stripe includes: payment card details, billing address, email address, IP address, and transaction amounts.

5.2 Supabase, Inc. (Authentication and Database)

We use Supabase for user authentication and database services. Supabase securely manages user credentials and session tokens. Supabase's privacy policy is available at https://supabase.com/privacy.

Information shared with Supabase includes: email address, hashed password credentials, authentication tokens, and session data.

5.3 Deepgram, Inc. (Transcription Services)

We use Deepgram's automated speech recognition technology to transcribe publicly available government meeting recordings. Deepgram processes audio files of public meetings to generate text transcripts. Deepgram's privacy policy is available at https://deepgram.com/privacy.

Information shared with Deepgram includes: audio recordings of public government meetings (not user personal data). We do not transmit your personal account information to Deepgram.

5.4 Infrastructure Providers

We use cloud infrastructure providers to host our Service and store data. These providers maintain industry-standard security certifications and comply with applicable data protection regulations.

6. Information Sharing and Disclosure

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

We may disclose your personal information in the following circumstances:

• Service Providers: To third-party vendors, consultants, and service providers who need access to such information to carry out work on our behalf, as described in Section 5
• Legal Compliance: If required to do so by law or in response to valid legal process, such as a subpoena, court order, or government request
• Protection of Rights: When we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request
• Business Transfers: In connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company, with appropriate confidentiality protections
• With Your Consent: For any other purpose disclosed by us when you provide the information, or with your consent

We may also share aggregated or de-identified information that cannot reasonably be used to identify you.

7. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect and use information about you and your interaction with our Service.

7.1 Types of Cookies We Use

• Essential Cookies: Required for the operation of our Service, including authentication cookies that maintain your logged-in session and security cookies that protect against unauthorized access
• Preference Cookies: Enable the Service to remember choices you make (such as your preferred settings) and provide enhanced, personalized features

7.2 Cookies We Do Not Use

We do not use advertising cookies, third-party tracking cookies, or analytics cookies that track your browsing behavior across other websites. We do not engage in interest-based advertising or sell your information to advertisers.

7.3 Managing Cookies

Most web browsers allow you to control cookies through their settings. However, if you disable essential cookies, you may not be able to access certain features of our Service, including remaining logged in to your account.

8. Data Security

We implement appropriate technical and organizational security measures designed to protect the security, confidentiality, and integrity of your personal information. These measures include:

• Encryption: All data transmitted between your browser and our Service is encrypted using TLS (Transport Layer Security). Sensitive data at rest is encrypted using industry-standard encryption algorithms
• Access Controls: Strict access controls limit employee and contractor access to personal information on a need-to-know basis
• Secure Authentication: User passwords are hashed using secure, industry-standard algorithms and are never stored in plain text
• Infrastructure Security: Our infrastructure providers maintain SOC 2 Type II certification and implement physical and network security controls
• Regular Assessments: We conduct regular security assessments and vulnerability testing

While we use commercially reasonable efforts to protect your personal information, no method of transmission over the Internet or method of electronic storage is completely secure. We cannot guarantee absolute security, and any transmission of personal information is at your own risk.

9. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes for which it was collected, including to satisfy any legal, accounting, or reporting requirements.

• Active Accounts: We retain your account information and usage data for as long as your account remains active
• Closed Accounts: When you delete your account, we will delete or anonymize your personal information within 30 days, except as required by law or legitimate business purposes
• Payment Records: We retain transaction records and payment history for seven (7) years as required for tax and accounting purposes
• Activity Logs: Security and activity logs are retained for up to two (2) years to support security investigations and comply with legal obligations
• Legal Holds: We may retain information for longer periods if required for ongoing legal proceedings, regulatory investigations, or to comply with legal obligations

Meeting transcripts and public record data are retained as part of our core service and are not considered personal information of our users.

10. Your Rights and Choices

10.1 Account Information

You may access, update, or correct your account information at any time by logging into your account settings. You may also request deletion of your account, subject to our data retention requirements.

10.2 Rights for EEA, UK, and Swiss Residents (GDPR)

If you are located in the European Economic Area, United Kingdom, or Switzerland, you have the following rights under GDPR:

• Right of Access: Request a copy of the personal data we hold about you
• Right to Rectification: Request correction of inaccurate or incomplete personal data
• Right to Erasure: Request deletion of your personal data under certain circumstances
• Right to Restriction: Request that we restrict processing of your personal data under certain circumstances
• Right to Data Portability: Receive your personal data in a structured, commonly used, machine-readable format and transmit it to another controller
• Right to Object: Object to processing of your personal data based on legitimate interests
• Right to Withdraw Consent: Where processing is based on consent, withdraw that consent at any time
• Right to Lodge a Complaint: File a complaint with your local data protection supervisory authority

10.3 Rights for California Residents (CCPA/CPRA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

• Right to Know: Request disclosure of the categories and specific pieces of personal information we have collected about you, the sources of collection, the business purposes for collection, and the categories of third parties with whom we share personal information
• Right to Delete: Request deletion of your personal information, subject to certain exceptions
• Right to Correct: Request correction of inaccurate personal information
• Right to Opt-Out of Sale/Sharing: We do not sell or share your personal information for cross-context behavioral advertising purposes
• Right to Limit Use of Sensitive Personal Information: We do not use sensitive personal information beyond purposes permitted by the CCPA
• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights

Categories of Personal Information Collected: In the preceding 12 months, we have collected the following categories of personal information: identifiers (email address, name, IP address), commercial information (subscription and payment records), and internet or network activity (usage data, browsing history within our Service).

Sale of Personal Information: We have not sold personal information in the preceding 12 months and do not sell personal information.

10.4 Exercising Your Rights

To exercise any of the rights described above, please contact us at support@zonewire.co or through the contact information provided in Section 15. We will respond to your request within the timeframe required by applicable law (generally 30-45 days). We may need to verify your identity before processing your request.

You may designate an authorized agent to make a request on your behalf. We may require written proof of the agent's authorization and verify your identity directly.

11. International Data Transfers

ZoneWire is based in the United States, and the information we collect is governed by U.S. law. If you are accessing our Service from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States and other countries where our service providers maintain facilities.

For users in the European Economic Area, United Kingdom, or Switzerland, we ensure that transfers of personal data to the United States are protected by appropriate safeguards, including:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions where applicable
• Service provider certifications and data processing agreements

By using our Service, you consent to the transfer of your information to the United States and other jurisdictions as described in this Privacy Policy.

12. Children's Privacy

Our Service is designed for business professionals, including real estate investors, developers, and land buyers, and is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children under 18 years of age.

If we learn that we have collected personal information from a child under 18, we will take steps to delete that information as quickly as possible. If you believe that a child under 18 may have provided us with personal information, please contact us at support@zonewire.co.

13. Do Not Track Signals

Some web browsers incorporate a "Do Not Track" (DNT) feature that signals to websites that a user does not want to have their online activity tracked. Because there is no uniform standard for recognizing or responding to DNT signals, we do not currently respond to DNT browser signals. However, as noted above, we do not engage in third-party tracking for advertising purposes.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes to this Privacy Policy, we will:

• Update the "Effective Date" at the top of this page
• Notify you by email (sent to the email address associated with your account) or through a prominent notice on our Service prior to the change becoming effective
• Where required by law, obtain your consent to material changes

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of the Service after the effective date of any changes constitutes your acceptance of the revised Privacy Policy.

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

For GDPR-related inquiries, you may also contact your local data protection authority.

We will make every effort to respond to your inquiry within 30 days.

16. Additional Information for Specific Jurisdictions

16.1 Nevada Residents

Nevada residents may submit a request directing us not to sell certain personal information we have collected or may collect about you. To submit such a request, please contact us at support@zonewire.co. Note that we do not currently sell personal information as defined under Nevada law.

16.2 Virginia, Colorado, Connecticut, and Utah Residents

Residents of Virginia, Colorado, Connecticut, and Utah have certain rights under their respective state privacy laws, including the right to access, correct, delete, and obtain a copy of personal data, as well as the right to opt out of targeted advertising, sale of personal data, and profiling. To exercise these rights, please contact us using the information in Section 15.