Veridor
Sign in Get an API key →

Privacy Policy

Last updated: 2026-05-07

Who we are

The Service is operated by ACK Ventures, a California sole proprietorship ("we," "us"). The Service is offered to users in the United States only. See the Terms of Service for the geographic restriction.

What we collect

To operate the Service, we collect:

  • Email address — to authenticate you and send sign-in (magic-link) emails.
  • Stripe customer ID — for billing on paid plans. Card data is held by Stripe; we never see or store it.
  • API usage events — which tools you call, when, and how often, to enforce rate limits and bill metered usage where applicable.
  • Session cookie — a single first-party session cookie set after sign-in. It identifies your browser session for the dashboard. It is not used for analytics, advertising, or cross-site tracking. We do not set third-party cookies.

What we don't collect

  • We do not log the queries you run beyond aggregate counts. Specifically, the address / contractor / permit-number you pass into tools is not recorded in our usage_events table.
  • We do not sell or rent your personal information.
  • We do not use analytics trackers, advertising pixels, or session-replay tools.

Public-records data

The data we serve is public records obtained from city and county open-data portals. Owner names, addresses, and permit details are public information that already exists at the source. We canonicalize and aggregate; we do not augment with private data. Source-data attributions and licenses are listed at /attributions.

Service providers we share data with

We rely on the following third-party services to operate. Each processes only the minimum data needed for its role:

  • Stripe — payment processing. Receives email, Stripe customer ID, and billing details. Stripe Privacy Policy.
  • Resend — sending magic-link sign-in emails. Receives email address and message contents.
  • Sentry — error monitoring. May incidentally receive request metadata (URLs, status codes) when the server throws an exception. We do not configure Sentry to capture user input.
  • Fly.io — application hosting and database storage. Stores the application database and serves API traffic.

US-only service

The Service is offered exclusively to users in the United States. We do not knowingly collect personal data from individuals located in the European Economic Area, the United Kingdom, or other regions with similar data-protection regimes. If you are located outside the US, do not use the Service.

California residents

If you are a California resident, you have the right to know what personal information we have collected about you, to request its deletion, and to opt out of the sale of personal information. We do not sell personal information. To exercise any of these rights, email privacy@veridor.ai.

Data retention

Account data is retained while your account is active. After cancellation, account and usage records are retained for up to 90 days then deleted. Stripe billing records are retained per Stripe's own retention policy and applicable tax law.

Security

We use industry-standard protections (HTTPS in transit, encrypted volumes at rest, hashed API keys). No system is perfectly secure; if you become aware of a vulnerability, please report it to security@veridor.ai. We maintain professional liability and cyber liability insurance coverage as a backstop in the event of a covered incident.

Your choices

You can delete your account at any time from the dashboard, or email privacy@veridor.ai to request deletion or export of your account data.

Children

The Service is not directed to children under 13, and we do not knowingly collect personal information from children under 13.

Changes

We may update this Privacy Policy. Material changes will be announced via email to active accounts at least 14 days before taking effect.

Contact

Questions: privacy@veridor.ai.