Privacy Policy

Privacy Policy for PerilPulse

Effective Date: January 1, 2024

This Privacy Policy ("Policy") describes the information practices of PerilPulse, a service of Underwriters Technologies, Inc., a Texas corporation with its principal place of business in Austin, Travis County, Texas ("PerilPulse," "we," "us," or "our"), regarding the collection, use, and disclosure of information we receive through our website located at www.perilpulse.com (the "Site"), our application programming interface (the "API"), and any related services (collectively, the "Services").

This Policy is designed to provide transparency about our data practices and affirm our commitment to protecting the confidentiality of your property risk assessment activities. By using our Services, you agree to the collection and use of information in accordance with this Policy. Your use of our Services is also subject to our Terms of Service.

⚠️ MANDATORY ACCEPTANCE REQUIRED

BY ACCESSING OR USING PERILPULSE SERVICES, YOU MUST AGREE TO THIS PRIVACY POLICY IN ITS ENTIRETY. IF YOU DO NOT AGREE 100% WITH ALL TERMS AND CONDITIONS SET FORTH IN THIS POLICY, YOU ARE PROHIBITED FROM USING OUR SERVICES.

You have the option not to use PerilPulse services if you disagree with any aspect of this Privacy Policy. We demand that you immediately cease all use of our Services if you do not fully and completely agree to be bound by this Policy.

Your use of our Services constitutes your acknowledgment that you have read, understood, and agree to be legally bound by this Privacy Policy. No modifications, amendments, or waivers to this Policy will be effective unless explicitly agreed to in writing by PerilPulse.

1. Our Fundamental Privacy Commitment

PerilPulse operates on a foundational principle of absolute confidentiality for our API customers' property risk assessment activities. We recognize that property hazard analysis and risk assessment is a sensitive business function requiring the utmost discretion and security.

Critical Distinction: API Customers vs. Website Demo Users

For Paying API Customers:

We maintain strict limitations on how we use your property risk assessment data. We will NEVER:

  • Use property addresses for any purpose other than billing and usage tracking
  • Share, sell, or disclose your property queries or risk assessment results to any third party
  • Use your property lookup data for marketing, analytics, or business intelligence
  • Contact property owners or investigate the properties you query
  • Create market profiles or patterns based on your risk assessment activities

Your property addresses are logged solely for billing purposes and are encrypted and isolated from other customers' data.

For Free Website Testing/Demo Users:

If you use our free testing tool on our public website without an account:

  • We may analyze aggregated, anonymized search patterns for service improvement
  • We may use non-identifying statistical data in marketing materials
  • We never store or associate test queries with individual users
  • Demo queries are automatically purged within 24 hours

2. Jurisdiction and Applicable Law

⚖️ IMPORTANT LEGAL NOTICE

By accessing or using PerilPulse Services, you expressly acknowledge and agree that:

  • You are deemed to be transacting business in Austin, Travis County, Texas, United States, regardless of your physical location
  • This Policy and all matters related to your use of our Services shall be governed exclusively by the laws of the State of Texas and applicable U.S. federal law
  • You consent to the exclusive jurisdiction and venue of the state and federal courts located in Travis County, Texas
  • You waive any objections to such jurisdiction and venue, including claims of inconvenient forum
  • You are solely responsible for ensuring your use of the Services complies with the laws of your actual jurisdiction

We make no representation that our Services are appropriate or available for use in locations outside the United States. If you access our Services from outside the United States, you do so at your own risk and are responsible for compliance with local laws.

3. Information We Collect

3.1 Information You Provide Directly

  • Account Information: When you register for an API account, we collect your email address, company name, billing information, and API authentication credentials.
  • Communications: When you contact us for support or sales inquiries, we collect your name, email, and the content of your communications.
  • Payment Information: Payment processing is handled by our third-party payment processor. We do not store credit card numbers or banking information on our servers.

3.2 Information Collected Automatically

  • API Usage Metrics: For paying customers, we collect aggregate metrics such as total API calls, response times, and error rates. We also log property addresses queried solely for billing and usage tracking purposes.
  • Log Data: Our servers automatically record information including your IP address, API endpoint accessed, timestamp, property address queried, and response status codes.
  • Website Analytics: On our marketing website only (not the API), we use analytics tools to understand visitor behavior, including pages viewed, time spent, and referral sources.

3.3 Property Query Data

For API Customers:

  • Property addresses are logged solely for billing and usage tracking purposes
  • We do NOT use property addresses for marketing, analytics, or business intelligence
  • Risk assessment results are returned to you immediately and not retained on our servers
  • Address logs are maintained only as long as necessary for billing reconciliation

For Demo Users:

  • Demo queries may be temporarily cached for performance
  • All demo data is automatically purged within 24 hours
  • Demo queries are never associated with individual users

4. How We Use Information

4.1 Permitted Uses

We use the information we collect only for the following purposes:

  • To provide and maintain the property hazard risk assessment service
  • To authenticate API requests and prevent unauthorized access
  • To process payments and maintain billing records
  • To provide customer support and respond to inquiries
  • To send service announcements and security alerts
  • To monitor service performance and prevent abuse
  • To comply with legal obligations

4.2 Prohibited Uses

We explicitly commit that we will NEVER:

  • Use customer property query data for any purpose other than providing real-time hazard risk assessments
  • Build profiles, analytics, or intelligence based on which properties our customers assess
  • Share or sell property query data to any third party
  • Use property lookup patterns for marketing or business development
  • Allow our employees to view customer property queries except for legitimate technical support with explicit customer consent

5. Information Sharing and Disclosure

We do not sell, rent, or share your personal information or property query data with third parties except in these limited circumstances:

5.1 Service Providers

We engage certain trusted third parties to perform functions on our behalf, such as:

  • Cloud infrastructure providers (AWS) for hosting
  • Payment processors for billing
  • Email service providers for transactional emails
  • Identity verification services (Stripe) for account verification

These providers are contractually obligated to protect your information and are prohibited from using it for their own purposes.

5.2 Identity Verification with Stripe

We use Stripe for identity document verification. When you verify your identity for your PerilPulse account, Stripe collects the following information:

  • Identity document images (driver's license, passport, or other government-issued ID)
  • Facial images for biometric verification
  • ID numbers and addresses from your identity documents
  • Advanced fraud signals and information about the devices that connect to Stripe's services

Stripe shares this information with us to confirm your identity and also uses this information to operate and improve the services it provides, including for fraud detection. You may also choose to allow Stripe to use your data to improve Stripe's biometric verification technology.

You can learn more about Stripe and read its privacy policy at https://stripe.com/privacy.

5.3 Legal Requirements

We may disclose information if required by:

  • Valid subpoena or court order issued by a court of competent jurisdiction in Travis County, Texas
  • Law enforcement request accompanied by valid legal process
  • Legal obligation to protect our rights, property, or safety

We will notify affected customers of legal requests unless prohibited by law or court order.

5.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, customer information may be transferred. We will provide notice before your information becomes subject to a different privacy policy.

6. Data Security

We implement industry-standard security measures to protect your information:

  • All API communications are encrypted using TLS 1.3
  • Customer data is encrypted at rest using AES-256 encryption
  • Access controls limit data access to authorized personnel only
  • Regular security audits and penetration testing
  • Compliance with PCI DSS for payment processing
  • 24/7 monitoring for security incidents

Despite these measures, no method of Internet transmission is 100% secure. We cannot guarantee absolute security but commit to promptly notifying affected customers of any security breach that may impact their data.

7. Data Retention

  • API Property Queries: Stored for billing purposes only (retained for current billing period plus 90 days)
  • API Access Logs: 90 days (contains metadata and property addresses for billing)
  • Account Information: Duration of account plus 7 years for tax compliance
  • Billing Records: 7 years as required by law
  • Demo/Test Queries: Automatically purged after 24 hours
  • Support Communications: 2 years or as needed to resolve issues

8. Your Rights and Choices

8.1 Rights Under Texas Law

You have the right to:

  • Access personal information we maintain about you
  • Correct inaccurate information
  • Request deletion of your account and associated data
  • Opt out of marketing communications
  • Receive a copy of this privacy policy
  • Decline biometric verification and request alternative verification methods

8.2 Identity Verification Data Deletion

When you request deletion of your PerilPulse account, we will:

  • Delete your account information from our systems
  • Redact your identity verification session with Stripe
  • Remove all property query data associated with your account

Important: Stripe retains a copy of all data provided during identity verification. To delete your information from Stripe's servers or revoke your consent for Stripe to use your data to improve their technology, you must contact Stripe support directly at https://support.stripe.com.

8.3 International Users

Important Notice for Users Outside the United States:

  • By using our Services, you consent to the transfer of your information to the United States
  • We do not make any representations regarding compliance with foreign data protection laws
  • We are not subject to and do not comply with GDPR, UK data protection laws, or other non-U.S. privacy regulations
  • You are responsible for ensuring your use of our Services complies with your local laws
  • If your local law prohibits the transfer of data to the United States, you must not use our Services

9. API-Specific Privacy Commitments

Our Binding Commitments to API Customers:

  1. Limited Data Retention: We store property addresses only for billing and usage tracking purposes
  2. Billing-Only Usage: Property address logs are used exclusively for accurate billing and never for other purposes
  3. Encrypted Processing: All property data is encrypted in transit and during processing
  4. Data Isolation: Each customer's data is logically isolated from other customers
  5. No Analytics: We do not perform market analytics or intelligence gathering on property lookup patterns
  6. Limited Access: Only senior engineering and billing staff can access production systems, and only for their specific functions
  7. Audit Trail: All system access is logged and regularly audited
  8. Customer Control: You can request deletion of your account and all associated data at any time

10. Alternative Verification Options

In compliance with privacy laws, we offer alternative verification methods for users who:

  • Decline to consent to biometric verification
  • Cannot verify using supported document types
  • Are not covered by Stripe Identity's verification checks
  • Prefer not to share biometric information

To request alternative verification, please contact our support team at support@perilpulse.com. We will work with you to verify your identity through other means while maintaining our security standards.

11. Children's Privacy

Our Services are intended for business use only and are not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that a child has provided us with personal information, we will delete such information from our systems.

12. Third-Party Links

Our Site may contain links to third-party websites. We are not responsible for the privacy practices of these sites. We encourage you to read the privacy policies of any third-party sites you visit.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

  • Posting the new Privacy Policy on this page
  • Updating the "Effective Date" at the top
  • Sending an email to registered API customers

Your continued use of our Services after changes indicates acceptance of the updated Policy. For material changes affecting how we handle property query data, we will obtain explicit consent from API customers before implementing such changes.

14. Compliance and Certifications

While we maintain high security standards, we want to be transparent that PerilPulse is not currently certified under specific compliance frameworks such as SOC 2, ISO 27001, or HIPAA. We employ industry-standard security practices and are committed to protecting your data. Customers requiring specific compliance certifications should contact us to discuss their requirements.

15. Contact Information

For questions about this Privacy Policy or our data practices, please contact us:

PerilPulse

Attn: Privacy Officer

Email: privacy@perilpulse.com

Address: Austin, Texas 78701

For privacy-related requests, we will respond within 30 days. For urgent security matters, please email security@perilpulse.com.

Privacy Policy Summary

  • We never access, store, or share your property hazard queries
  • API customer data is completely confidential
  • Demo/test queries may be used for anonymous analytics only
  • We use Stripe for secure identity verification
  • Alternative verification methods are available upon request
  • All disputes are governed by Texas law in Travis County courts
  • We are not subject to international privacy laws like GDPR
  • You can delete your data at any time
  • We maintain industry-standard security practices

Last Updated: July 9, 2025 | Version 1.1