Privacy Policy

PRIVACY POLICY

Updated Date: 06-25-2025

Introduction

ResiQuant, Inc. ("we," "us," or "our") is committed to protecting the privacy and security of personal information. This Privacy Policy explains how we collect, use, disclose, and protect personal information in connection with our AI-powered property risk assessment platform and related services (the "Services").

This Privacy Policy applies to personal information we process as both a data controller (when we determine the purposes and means of processing) and as a data processor (when we process personal information on behalf of our customers).

Information We Collect

Information You Provide Directly

  • Account registration information (name, email, company, job title)

  • Contact information for support and communications

  • Payment and billing information

  • Property data and building information uploaded to our platform

  • Communications with our support and sales teams

Information We Collect Automatically

  • Log data (IP addresses, browser type, operating system, pages visited)

  • Device information (device type, operating system, unique device identifiers)

  • Usage data (features used, time spent, user interactions)

  • Cookies and similar tracking technologies

Information from Third Parties

  • Property data from government databases and commercial data providers

  • Satellite imagery and aerial photography

  • Building permits and inspection records

  • Demographic and census data

  • Weather and climate data

How We Use Information

Primary Business Purposes

  • Providing and operating our AI-powered risk assessment services

  • Processing property data to generate risk reports and analytics

  • Improving our algorithms and machine learning models

  • Providing customer support and technical assistance

  • Processing payments and managing accounts

Secondary Purposes

  • Communicating about service updates and new features

  • Marketing our services (with your consent where required)

  • Analyzing usage patterns to improve our services

  • Conducting research and development

  • Ensuring security and preventing fraud

Legal Bases for Processing (GDPR)

  • Contract performance: Processing necessary to provide our services

  • Legitimate interests: Service improvement, security, and business operations

  • Consent: Marketing communications and certain data processing activities

  • Legal obligations: Compliance with applicable laws and regulations

Information Sharing and Disclosure

We May Share Information With:

Service Providers: Third-party vendors who help us operate our business (cloud hosting, payment processing, customer support)

Business Partners: With your consent, we may share aggregated, anonymized insights with industry partners

Legal Requirements: When required by law, regulation, or valid legal process

Business Transfers: In connection with mergers, acquisitions, or asset sales

Consent: With your explicit consent for specific purposes

We Do Not:

  • Sell personal information to third parties

  • Share customer property data with competitors

  • Use personal information for automated decision-making that significantly affects individuals

  • Transfer personal information internationally without appropriate safeguards

Data Security

We implement comprehensive security measures including:

Technical Safeguards:

  • Encryption of data in transit and at rest (AES-256 or equivalent)

  • Multi-factor authentication and access controls

  • Regular security assessments and penetration testing

  • Continuous monitoring for security threats

Organizational Safeguards:

  • Employee security training and background checks

  • Incident response procedures

  • Vendor security assessments

  • SOC 2 Type II and ISO 27001 compliance

Incident Response:

  • 24/7 security monitoring

  • Documented incident response procedures

  • Notification within 72 hours of discovering security incidents

  • Cooperation with regulatory authorities as required

Your Privacy Rights

All Users

  • Access: Request information about what personal information we have about you

  • Correction: Request correction of inaccurate personal information

  • Deletion: Request deletion of your personal information (subject to legal retention requirements)

  • Data Portability: Receive your personal information in a machine-readable format

California Residents (CCPA Rights)

  • Right to know what personal information we collect, use, and share

  • Right to delete personal information (with certain exceptions)

  • Right to opt-out of the sale of personal information (we do not sell personal information)

  • Right to non-discrimination for exercising privacy rights

European Users (GDPR Rights)

  • Right to object to processing based on legitimate interests

  • Right to restrict processing in certain circumstances

  • Right to data portability for information provided under contract or consent

  • Right to lodge a complaint with supervisory authorities

Exercising Your Rights

To exercise your privacy rights, contact us at:

  • Email: notices@resiquant.ai

  • Mail: ResiQuant, Inc., Attention: Privacy Officer, 535 Mission Street, Suite 1820, San Francisco, CA 94105

We will respond to verified requests within 30 days (45 days for complex requests).

Data Retention

We retain personal information for as long as necessary to:

  • Provide our services and support your account

  • Comply with legal and regulatory obligations

  • Resolve disputes and enforce agreements

  • Pursue legitimate business purposes

Specific Retention Periods:

  • Customer account data: Duration of relationship plus 7 years

  • Property and risk assessment data: Duration of service plus 5 years

  • Transaction and billing records: 7 years after final transaction

  • Marketing data: Until you opt out or we determine it's no longer needed

  • Security logs: 2 years from creation

International Transfers

We primarily process data in the United States. For international transfers, we ensure adequate protection through:

  • Standard Contractual Clauses approved by European authorities

  • Adequacy decisions by relevant data protection authorities

  • Other approved transfer mechanisms under applicable law

Cookies and Tracking

We use cookies and similar technologies to:

  • Remember your preferences and settings

  • Analyze how our services are used

  • Provide personalized experiences

  • Ensure security and prevent fraud

Cookie Categories:

  • Essential: Required for basic service functionality

  • Analytics: Help us understand how our services are used

  • Functional: Remember your preferences and settings

  • Marketing: Deliver relevant marketing content (with consent)

You can control cookies through your browser settings, but disabling certain cookies may affect service functionality.

Children's Privacy

Our services are not directed to individuals under 18. We do not knowingly collect personal information from children under 18. If we learn we have collected such information, we will delete it promptly.

Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes by:

  • Posting updated policy on our website

  • Sending email notification to registered users

  • Providing in-app notifications for significant changes

Continued use of our services after changes constitutes acceptance of the updated policy.

Contact Information

For privacy-related questions or concerns:

Privacy Officer

ResiQuant, Inc. 535 Mission Street, Suite 1820 San Francisco, CA 94105

Email: notices@resiquant.ai

Industry-Specific Considerations

Insurance Industry Compliance

We recognize that our customers operate in a heavily regulated industry. We maintain compliance with:

  • NAIC Insurance Data Security Model Law

  • State insurance privacy regulations

  • International insurance data protection requirements

  • Industry best practices for data handling and security

AI and Machine Learning

Our AI services process data to generate risk assessments. We:

  • Use personal information only as necessary for risk assessment

  • Implement bias detection and fairness measures

  • Provide transparency about AI decision-making where required

  • Allow customers to understand and contest AI-driven assessments

This Privacy Policy is designed to meet the needs of our diverse customer base while ensuring compliance with applicable privacy laws and insurance industry regulations.