Privacy Policy
Effective Date: March 28, 2026 | Last updated: March 28, 2026
1. Overview
CivilSense, Inc., a Delaware corporation ("Company," "we," "us," "our"), operates the CivilSense catastrophe intelligence platform at civilsense.io ("Platform"). This Privacy Policy describes what personal information we collect, how we use it, how we protect it, and your rights under applicable law.
We are committed to data minimization. We collect only what is necessary to operate the Platform. We do not sell personal information. We do not use personal information for advertising or behavioral profiling.
2. Information We Collect
2.1 Account Information
When you create an account, we collect your email address. We use magic link authentication — we do not collect or store passwords. Your email is used for account access, subscription management, and disaster alerts (if you opt in). We may also collect your name and organization if you provide them.
2.2 Saved Locations (Precise Geolocation)
If you save locations (home, work, or custom addresses), we store the address text, geographic coordinates (latitude and longitude), and the label you assign. Under the California Privacy Rights Act (CPRA) and other state privacy laws, saved home and work addresses constitute sensitive personal information because they include precise geolocation data. We process this data only for the purposes you direct: generating proximity alerts when active disaster events affect your saved locations.
You may add, edit, or delete saved locations at any time. Saved locations are associated with your account and are never shared with other users, sold, or used for advertising.
2.3 Search Queries
Address searches are processed via the Mapbox Geocoding API. We do not log individual search queries on our servers. Mapbox processes geocoding requests subject to its own Privacy Policy.
2.4 Portfolio Data
If you upload portfolio locations (paid tiers with portfolio access), we store addresses, coordinates, and property metadata you provide (insured value, construction type, year built, square footage). Portfolio data is processed exclusively to generate hazard scores and analytical outputs for your account. Portfolio data is never shared with other users, sold, or used for purposes other than providing the Platform services.
2.5 ILS Trigger Configurations
If you create ILS trigger monitors, we store the trigger parameters you define (peril, location, threshold type and value, alert thresholds). This data is used solely to evaluate triggers against live event data and send alerts.
2.6 Payment Information
Payment processing is handled entirely by Stripe, Inc. We do not receive, process, or store credit card numbers, bank account details, or other payment credentials. Stripe transmits to us only your subscription status, tier, and billing period dates. Stripe's handling of your payment data is governed by Stripe's Privacy Policy.
2.7 Technical and Usage Data
We use Sentry for error monitoring and application performance tracking. Sentry collects browser type, operating system, device type, and error stack traces. We do not use Google Analytics, Meta Pixel, or any third-party advertising or behavioral tracking service. We collect server-side request logs (IP address, endpoint, timestamp, response code) for security monitoring and rate limiting. IP addresses in logs are automatically purged after 30 days.
2.8 API Usage Logs (API Subscribers)
For API subscribers (Enterprise tier and any tier with API access), we log API request counts, endpoints accessed, response times, and response codes for rate limiting, billing, and debugging. We do not log request payloads or response bodies.
3. Information We Do Not Collect
- We do not use tracking cookies or third-party analytics beyond Sentry for error monitoring
- We do not sell, rent, or trade personal information to any third party — we never have and never will
- We do not use personal information for advertising, marketing profiling, or behavioral targeting
- We do not collect device location without explicit user action (saved locations are user-initiated only)
- We do not collect biometric data
- We do not collect information from children (see Section 12)
- We do not use personal information for automated decision-making that produces legal or similarly significant effects on individuals
4. How We Use Your Information
We use the information we collect for the following purposes:
| Purpose | Data Used |
|---|---|
| Account authentication | |
| Subscription billing | Email, Stripe subscription ID |
| Disaster alerts | Saved locations, email, alert prefs |
| Hazard score computation | Saved/searched location coordinates |
| Portfolio analysis | Portfolio locations, property metadata |
| ILS trigger monitoring | Trigger configs, event data |
| Error diagnosis | Sentry error reports (anonymized) |
| Security monitoring | IP address, request logs (30-day retention) |
| Audit compliance (SOC 2) | SHA-256 hashed user ID, alert delivery log |
5. Legal Bases for Processing
- Contract performance: Processing your account data, saved locations, portfolios, and triggers to provide the services you subscribed to
- Consent: Processing your saved location data (sensitive PI) based on your affirmative action of saving each location. You may withdraw consent by deleting the location at any time
- Legitimate interest: Error monitoring (via Sentry), security monitoring, rate limiting, and fraud prevention
- Legal obligation: Maintaining audit logs for SOC 2 compliance readiness; responding to valid legal process
6. Data Sharing
We share personal information only with the following categories of recipients, solely to operate the Platform:
6.1 Service Providers (Sub-Processors)
| Provider | Purpose | Data Shared |
|---|---|---|
| Supabase | Database, auth | All account data |
| Stripe | Payment processing | Email, billing data |
| Mapbox | Map, geocoding | Search queries (client-side) |
| Sentry | Error monitoring | Browser, OS, error traces |
| Vercel | Hosting, edge functions | Request metadata |
| Upstash | Rate limiting, cache | Request identifiers |
6.2 We Do Not Share With
- Advertisers or ad networks
- Data brokers
- Social media platforms
- Marketing or analytics companies
- Insurance carriers (unless you are an Enterprise subscriber who directs integration via API)
6.3 Legal Disclosure
We may disclose personal information if required by law, subpoena, court order, or government request. We will notify you of such requests when legally permitted to do so.
6.4 Business Transfer
In the event of a merger, acquisition, or sale of assets, your personal information may be transferred as part of the transaction. We will notify you via email and/or prominent notice on the Platform before your information is subject to a different privacy policy.
7. Data Retention
| Data Type | Retention Period |
|---|---|
| Account data (email) | Active account + 30 days after deletion |
| Saved locations | Until you delete them or account is deleted |
| Portfolio data | Until you delete the portfolio or account |
| ILS trigger configs | Until you delete them or account is deleted |
| Alert audit logs | 2 years, then automatically purged |
| API usage logs | 90 days |
| Server request logs (IP) | 30 days |
| Stripe billing records | Per Stripe's retention (tax/legal requirements) |
Upon account deletion, we initiate data purge within 30 days. Certain data may be retained longer if required by law (e.g., tax records, legal holds).
8. Data Security
- All data transmitted over TLS 1.2 or higher
- Database protected by row-level security (RLS) — users can only access their own data through the application layer
- Server-side secrets (API keys, service role keys) are never exposed to client-side code and are stored in encrypted environment variables
- Supabase database hosted on AWS with SOC 2 Type II certification
- Alert audit logs store SHA-256 hashes of user IDs, not raw identifiers
- Rate limiting on all API endpoints to prevent abuse
- Content Security Policy, HSTS, X-Frame-Options, and Permissions-Policy headers enforced
9. Your Privacy Rights
9.1 All Users
Regardless of your location, you have the right to:
- Access: View all data associated with your account through the Platform at any time
- Correction: Update your email, saved locations, and portfolio data at any time
- Deletion: Delete your account and all associated data by contacting privacy@civilsense.io or through account settings
- Portability: Export your saved locations, portfolio data, and hazard scores in machine-readable format (JSON/CSV)
- Restrict processing: Request that we limit how we use your data
9.2 California Residents (CCPA / CPRA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act as amended by the California Privacy Rights Act:
- Right to Know: You may request the categories and specific pieces of personal information we've collected, the sources, the business purposes for collection, and categories of third parties with whom we share it
- Right to Delete: You may request deletion of personal information we've collected, subject to legal exceptions
- Right to Correct: You may request correction of inaccurate personal information
- Right to Opt-Out of Sale/Sharing: We do not sell or share personal information for cross-context behavioral advertising. This right is already satisfied by default
- Right to Limit Use of Sensitive PI: Your saved locations (precise geolocation) are sensitive personal information under CPRA. We process this data only for the purpose you direct — disaster proximity alerts. You may delete any saved location at any time to revoke processing
- Non-Discrimination: We will not discriminate against you for exercising any CCPA/CPRA right
To exercise your rights: email privacy@civilsense.io or use the in-app account settings. We will verify your identity using your account email and respond within 45 days.
CCPA categories collected: Identifiers (email); Geolocation (saved locations); Commercial information (subscription tier); Internet activity (Sentry error reports). We do NOT collect: Protected classifications, biometric data, sensory data, professional information, education information, or inferences drawn for profiling.
9.3 Other US State Privacy Laws
We comply with applicable state privacy laws including the Virginia Consumer Data Protection Act (VCDPA), Colorado Privacy Act (CPA), Connecticut Data Privacy Act (CTDPA), Texas Data Privacy and Security Act (TDPSA), and Oregon Consumer Privacy Act (OCPA). Residents of these states have rights substantially similar to those described in Section 9.1, including the right to access, delete, correct, and opt out of data sales (which we do not conduct).
To exercise rights under any state privacy law, contact privacy@civilsense.io. If we deny a request, you have the right to appeal. Appeals should be directed to legal@civilsense.io and we will respond within 45 days.
9.4 EEA / UK Residents (GDPR)
If you are in the European Economic Area or United Kingdom, you have the right to: access your data, rectify inaccurate data, erase your data, restrict processing, data portability, and object to processing. Our lawful bases are described in Section 5. You may lodge a complaint with your local supervisory authority. Contact: privacy@civilsense.io.
10. Cookies and Tracking
We use only strictly necessary cookies required for authentication (Supabase session tokens) and essential platform functionality (onboarding state in localStorage). We do not use:
- Advertising or retargeting cookies
- Third-party analytics cookies
- Tracking pixels or web beacons
- Fingerprinting or device-identification technologies
- Cross-site tracking of any kind
Because we use only strictly necessary cookies, no cookie consent banner is required under ePrivacy Directive or GDPR.
11. International Data Transfers
CivilSense is a US-based platform. Our infrastructure is hosted in the United States (Vercel, Supabase on AWS US regions, Upstash, Sentry). If you access the Platform from outside the United States, your data will be transferred to and processed in the United States. For EEA/UK users, we rely on Standard Contractual Clauses (SCCs) as the transfer mechanism where required.
12. Children
The Platform is not intended for users under 16 years of age. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact privacy@civilsense.io and we will delete it within 72 hours.
13. Data Breach Notification
In the event of a data breach that compromises personal information, we will: (a) notify affected users via email within 72 hours of becoming aware of the breach; (b) notify relevant regulatory authorities as required by applicable law; (c) provide a description of the breach, the data involved, and steps we are taking to address it. We maintain an incident response plan and will provide updates as the investigation progresses.
14. Enterprise Data Processing
Enterprise subscribers who require a Data Processing Agreement (DPA) may request one by contacting enterprise@civilsense.io. Our standard DPA covers: data processing instructions, sub-processor management, data breach notification, audit rights, data deletion upon termination, and compliance with GDPR Article 28 requirements where applicable.
15. Do Not Track
We honor Do Not Track (DNT) browser signals. Because we do not engage in cross-site tracking or behavioral advertising, our practices are consistent with DNT preferences by default.
16. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated via email to registered users at least 30 days before taking effect. The effective date at the top of this page reflects the most recent revision. We encourage you to review this page periodically.
17. Contact
For privacy-related questions or to exercise your data rights:
- Privacy: privacy@civilsense.io
- Legal: legal@civilsense.io
- Enterprise / DPA: enterprise@civilsense.io
- General: support@civilsense.io
CivilSense, Inc. is incorporated in the State of Delaware.