Privacy Policy

RiskZone ("we," "us," or "our") is the product name for the Service. The operator identified in the legal disclosure on this page acts as the data controller responsible for processing your personal data when you use our website at riskzone.ai, our browser extension, and related services (collectively, the "Service").

This Privacy Policy describes what personal data we collect, how and why we process it, with whom we share it, and the rights you have regarding your data. By using the Service, you acknowledge that you have read and understood this Privacy Policy.

The Service is operated from Georgia. Privacy inquiries are handled by our internal team at [email protected].

We collect and process the following categories of personal data:

Account Data
When you create an account, we collect your email address and, optionally, a display name. If you register via Google or Apple OAuth, we receive your name, email, and profile picture URL from the authentication provider. We store a bcrypt hash of your password — we never store your password in plain text.

Profile Preferences
We store your chosen locale (language), theme (light/dark/system), measurement unit preference (auto/metric/imperial), scoring preferences (risk category weights), highlights preferences (pinned metrics), and communication preferences for subscription-related and quota-warning emails. These are stored on our servers and synchronized across your devices.

Location Data
When you request a Risk Passport, we process the geographic coordinates (latitude and longitude) or address you provide. If you use our browser extension, detected addresses on listing pages are sent to our servers when you request a risk assessment. When you search for an address or interact with the map on our website or extension, address queries are sent to our servers for geocoding. Our servers forward normalized address text to LocationIQ for coordinate resolution; your IP address is not shared with LocationIQ.

Saved Places
If you save locations to your account, we store the place name, coordinates, optional notes, and the timestamp of when you saved them.

Subscription & Billing Metadata
If you purchase or manage a paid plan, we store subscription-related metadata needed to provision and administer access, including your current subscription tier, Paddle subscription and customer identifiers, Paddle price or plan identifier, billing country, billing status, current billing period dates, and scheduled downgrade or cancellation status.

Passport History & Reports
Risk Passport results may be stored for your viewing history and shareable report links. Reports include risk scores, analytics data, and data quality metadata for the queried location. Anyone with a valid share link can view the stored report.

Usage Data
We automatically collect information about how you use the Service, including your IP address, the API endpoints you access, the type of action performed, timestamps, and plan-entitlement or quota-related events. For quota enforcement, we may also store a normalized location identifier derived from the requested coordinates or address so that repeat requests for the same location are not double-counted within the applicable quota window. This data is used for rate limiting, quota enforcement, subscription feature enforcement, and abuse prevention.

Chat Data
When you use the AI location chat feature, your questions and the AI-generated responses are processed in real time. Chat conversations are not permanently stored on our servers.

Contact Form Submissions
If you contact us via the contact form, we collect your name, email address, and message. This information is delivered to our support team via email and is not stored in our database.

Authentication Tokens
We store hashed refresh tokens along with your IP address and user agent string. This data is used for session management, token rotation, and replay attack detection. Refresh tokens expire after 30 days.

Browser Extension Data
The browser extension stores authentication tokens, signed-in user snapshot, settings, recent passports, and cached passport data in browser extension storage (chrome.storage). Temporary popup state (including chat/session messages) may be stored in chrome.storage.session. Detected addresses may be held temporarily in extension memory for the current tab to support extension features. This data is isolated from websites you visit. Relevant address/query data is sent to our APIs when you request geocoding, save a detected location, or generate risk assessments. Our servers may forward normalized address text to LocationIQ for coordinate resolution.

When the browser extension setting "Detect addresses on pages" is enabled, the extension may read limited content from supported real estate listing pages in order to identify a property address and page-provided location context. This may include structured data embedded in the page (such as JSON-LD or meta tags), visible address elements, page title, URL patterns, and coordinates exposed by the page.

On supported real estate sites, this detection may run automatically while you browse those pages. On other websites, the extension may analyze the active tab only after you interact with the extension and request address detection or a related feature.

If "Detect addresses on pages" is disabled, the extension does not perform this page analysis. The separate setting "Show overlays on pages" controls only whether RiskZone badges or similar interface elements are displayed on the page. It does not by itself enable or disable address detection.

We process your personal data for the following purposes and on the following legal bases:

Contract Performance
- Providing and maintaining the Service, including generating Risk Passports, analytics, and AI chat responses.
- Managing your account registration, authentication, and profile preferences.
- Processing subscription upgrades, downgrades, and cancellations.
- Enforcing usage limits and subscription tier restrictions.

Legitimate Interests
- Preventing abuse, fraud, and unauthorized access through rate limiting, IP logging, and token replay detection.
- Monitoring error rates and service health through our error tracking system (Sentry).
- Analyzing aggregated, anonymized usage patterns to improve the Service.
- Ensuring the security and integrity of our systems.

Consent
- Setting optional analytics cookies (Google Analytics) to understand how visitors use our website. You may withdraw consent at any time via the "Cookie Settings" link in the site footer.

Legal Obligation
- Retaining transaction records as required by applicable tax and accounting laws.
- Responding to lawful requests from public authorities.

We do not use your personal data for automated decision-making or profiling that produces legal or similarly significant effects on you.

We retain your personal data only for as long as necessary for the purposes described in this Privacy Policy:

- Account data: retained until you delete your account.
- Profile preferences: retained until you delete your account.
- Saved places: retained until you delete them or your account.
- Subscription and billing metadata received from Paddle: retained as needed to manage paid access, cancellations, disputes, fraud prevention, and tax/accounting obligations.
- Passport reports with shareable links: retained indefinitely to ensure shared links remain accessible. Reports linked to your account are deleted upon account deletion.
- Usage logs: retained for audit, quota enforcement, and abuse prevention purposes. Upon account deletion, logs are fully anonymized (user identifier, IP address, and location data are removed).
- Email delivery logs: retained for delivery monitoring. Upon account deletion, recipient email addresses are replaced with a placeholder while preserving delivery status metadata.
- Refresh tokens: automatically expire and are purged after 30 days.
- Authentication data (hashed passwords, OAuth identifiers): retained until account deletion.
- Contact form submissions: retained in our email system according to our email provider's retention policies; not stored in our database.
- Error monitoring data (Sentry): retained according to Sentry's data retention policy (typically 30-90 days).
- Analytics data (Google Analytics): retained according to Google's data retention settings.

When you delete your account, we permanently remove your profile data, saved places, account-linked passport reports/history, API keys, and authentication tokens. If a paid subscription is active, we attempt immediate cancellation during account deletion. If automatic cancellation fails, manual cancellation in Paddle may be required before deletion can complete.

We share your personal data with the following categories of third parties, and only to the extent necessary for the stated purposes:

Geocoding Provider — LocationIQ
When you search for an address on our website or in the extension, or when the extension resolves coordinates for detected addresses, address queries are sent to our servers. Our servers forward normalized address text to LocationIQ for geocoding. LocationIQ receives the address text from our servers and returns geographic coordinates. LocationIQ does not receive your IP address, account information, or any other personal data. LocationIQ's privacy policy applies to their processing of address data.

Email Delivery Provider — Resend
We use Resend to send transactional and account-related emails, such as welcome emails, email verification, password reset, password change confirmations, subscription notifications, quota warnings, and contact form confirmations. Resend receives your email address, message subject and content, and related delivery metadata as needed to deliver these emails. Resend's privacy policy and data processing terms apply to their handling of this data.

AI/LLM Providers — OpenAI, Azure OpenAI, or Google (Gemini)
When you use the AI chat feature, the following location-specific data is sent to the configured language model provider to generate a contextual response:
- Your question and previous messages in the chat session
- The queried address (full text as entered)
- Geographic coordinates (latitude and longitude in full precision)
- County and state derived from the coordinates
- Risk scores, grades, confidence levels, and summary details for all assessed risk categories
- Data-driven recommendations generated for the location
- When relevant to your question, detailed analytics data for selected categories (such as crime statistics, air quality metrics, water quality data, noise levels, and similar breakdowns)

We do not send your account information, email, user ID, subscription tier, or other personal identifiers to the LLM provider. The provider processes the request to generate a response and does not receive information about who is asking.

Data retention and model-training policies are governed by the configured provider's terms. For details, refer to:
- OpenAI API data usage policy (openai.com)
- Microsoft Azure OpenAI data processing terms (microsoft.com)
- Google Gemini API terms of service (ai.google.dev)

Error Monitoring — Sentry
We use Sentry for error tracking and performance monitoring. When errors occur, Sentry may receive technical information including error stack traces, your user ID, email, and subscription tier. This data helps us diagnose and resolve issues. Sentry's privacy policy governs their processing.

Analytics — Google Analytics
If you consent to analytics cookies, we use Google Analytics to understand website usage patterns. Google Analytics collects anonymized data (IP anonymization is enabled) including pages visited, session duration, and browser type. No account-level identifiers are sent to Google Analytics.

We do not sell personal information. We do not share personal information for cross-context behavioral advertising. We do not provide your information to advertisers or data brokers.

We may disclose your personal data if required by law, in response to valid legal process, or to protect the rights, property, or safety of RiskZone, our users, or the public.

All payment processing for paid subscriptions is handled by Paddle.com Market Limited ("Paddle"), which serves as our Merchant of Record. Paddle is responsible for billing, sales tax calculation and collection, and payment card processing.

When you purchase a subscription:
- You provide your payment information directly to Paddle through their secure checkout overlay. RiskZone never receives, processes, or stores your credit card number or full payment card details.
- Paddle shares with us limited customer and subscription metadata, including your name, email, billing country, subscription status, price or plan identifier, billing period dates, customer portal management URLs, and cancellation or scheduled-change status, so that we can manage your subscription tier and access level.
- Paddle handles refunds, chargebacks, and payment disputes according to their own terms and policies.

By purchasing a subscription, you agree to Paddle's Terms of Service and Privacy Policy in addition to ours. We encourage you to review Paddle's privacy practices at paddle.com.

We use cookies and browser storage technologies as follows:

Essential Storage
These items are required for core functionality and security:
- Refresh token (web app): stored in localStorage as "riskzone.refresh_token"
- Cookie consent preference: stored in localStorage as "riskzone.cookie-consent"

Analytics Cookies (Optional)
If you consent, we load Google Analytics (gtag.js) to collect anonymized usage statistics. Analytics cookies are only set after you click "Accept All" in the cookie consent banner. You can withdraw consent at any time via the "Cookie Settings" link in the site footer.

Local Storage
We use browser localStorage for product state and preferences:
- Theme preference: "riskzone.theme"
- Unit preference: "riskzone.unit_preference"
- Scoring preferences: "riskzone.scoring_prefs"
- Highlights preferences: "riskzone.highlights"
- Saved places cache: "riskzone.saved"
- Recent locations/passports cache: "riskzone.recents"
- Cookie consent choice: "riskzone.cookie-consent"

These values remain on your device. If you sign in, selected preferences and saved places may be synchronized to your account via API calls.

Browser Extension Storage
The RiskZone browser extension uses chrome.storage.local for refresh token, user snapshot, settings, recent passports, and passport cache, and chrome.storage.session for temporary popup state (including active view and chat/session context). This data is sandboxed within the extension and is not accessible to websites you visit.

Depending on your jurisdiction, you may have the following rights regarding your personal data:

Right of Access: You may request a copy of the personal data we hold about you. Your profile, saved places, and preferences are accessible through your account dashboard at any time.

Right to Rectification: You may update or correct your display name and preferences through your account settings. Saved places can be managed through dashboard/map features.

Right to Erasure: You may delete your account at any time from your dashboard settings (Settings > Delete Account). Account deletion permanently removes your profile data, saved places, passport history, API keys, and authentication tokens. Usage logs and email delivery logs are anonymized upon deletion.

Right to Restrict Processing: You may request that we restrict the processing of your personal data under certain conditions by contacting us at [email protected].

Right to Data Portability: You may request your data in a structured, machine-readable format by contacting us at [email protected].

Right to Object: You may object to the processing of your personal data based on legitimate interests by contacting us. Note that this may limit your ability to use certain features of the Service.

Right to Withdraw Consent: Where processing is based on your consent (e.g., analytics cookies), you may withdraw consent at any time. Withdrawal does not affect the lawfulness of processing performed before withdrawal.

To exercise any of these rights, you may use available dashboard controls (profile preferences, saved places, account deletion) or contact us at [email protected]. We will respond to your request within 30 days. We may need to verify your identity before processing your request.

If you believe your data protection rights have been violated, you have the right to lodge a complaint with a supervisory authority in your jurisdiction.

The Service is not intended for anyone under the age of 18. We do not knowingly collect personal data from individuals under 18 years of age. By creating an account or using the Service, you represent that you are at least 18 years old.

If we become aware that we have inadvertently collected personal data from a person under 18, we will take steps to delete that data as promptly as possible. If you are a parent or guardian and believe your child has provided us with personal data, please contact us at [email protected].

RiskZone is operated from Georgia. Your personal data may be transferred to and processed in countries other than your country of residence, including countries where data protection laws may differ from those in your jurisdiction.

Specifically, data may be processed by the following third-party services located in the United States:
- LocationIQ (geocoding)
- Resend (transactional email delivery)
- Google Analytics (website analytics)
- Sentry (error monitoring)
- OpenAI / Azure OpenAI / Google Gemini (AI chat processing)
- Paddle (payment processing)

Where your data is transferred outside of the European Economic Area (EEA) or the United Kingdom, we rely on appropriate safeguards, including the European Commission's Standard Contractual Clauses where applicable, or the recipient's certification under recognized frameworks.

By using the Service, you acknowledge that your data may be transferred internationally as described in this section. We take reasonable steps to ensure that your data is treated securely and in accordance with this Privacy Policy regardless of where it is processed.

We may update this Privacy Policy from time to time to reflect changes in our data practices, legal requirements, or the Service itself. When we make material changes, we will:
- Update the "Last updated" date at the top of this page.
- Where appropriate, notify registered users via email or in-app notification before material changes take effect.

Your continued use of the Service after the effective date of a revised Privacy Policy constitutes your acceptance of the updated practices. If you do not agree with the changes, you should stop using the Service and, if applicable, delete your account.

We encourage you to review this Privacy Policy periodically.

If you have questions about this Privacy Policy, wish to exercise your data protection rights, or have concerns about how we handle your personal data, please contact us:

Email: [email protected]
Website: https://riskzone.ai/contact

For general inquiries: [email protected]
For account and support issues: [email protected]

Operator: Tymur Kvaratskheliia, Individual Entrepreneur
Registration No.: 305553184 (LEPL National Agency of Public Registry, Georgia)
Legal Address: Georgia, Tbilisi, Vake District, Otar Lortkipanidze Street, N 33, Floor 1, Apt. N1

We aim to respond to all privacy-related inquiries within 30 days.

If you are a California resident, the California Consumer Privacy Act, as amended by the California Privacy Rights Act ("CCPA"), may provide additional rights regarding your personal information. This section supplements the rest of this Privacy Policy.

California Rights
- Right to Know: You may request the categories and specific pieces of personal information we collected about you, the categories of sources, the business or commercial purposes for collecting or disclosing it, and the categories of third parties to whom it was disclosed.
- Right to Delete: You may request deletion of personal information we collected from you, subject to legal exceptions.
- Right to Correct: You may request correction of inaccurate personal information we maintain about you.
- Right to Opt Out of Sale or Sharing: You may direct a business not to sell or share your personal information. RiskZone does not sell personal information and does not share personal information for cross-context behavioral advertising.
- Right to Non-Discrimination: We will not discriminate against you for exercising your California privacy rights.

Categories of Personal Information We Collected in the Preceding 12 Months
- Identifiers: name, email address, account name, online identifiers, IP address, user agent, OAuth profile image URL, and account or session identifiers.
- Personal information described in California Civil Code Section 1798.80(e): contact details and, when applicable, billing country and subscription-related records received from Paddle.
- Commercial information: subscription status, plan, transaction metadata, billing period dates, and service usage quota records.
- Internet or other electronic network activity: usage logs, pages or features used, API activity, browser or extension interaction data, cookie consent state, analytics events if you enable analytics cookies, and limited website content used by the extension for address detection when you enable that feature.
- Geolocation data: address queries, latitude and longitude, saved place coordinates, and listing addresses detected by the extension when you request a risk assessment.
- Sensitive personal information: precise geolocation when you use location-based features. We use this information only to provide the Service, maintain security, prevent abuse, and perform related business operations.

Categories of Sources
- Directly from you.
- Automatically from your use of the Service and browser extension.
- From authentication providers (Google or Apple) when you choose OAuth sign-in.
- From Paddle for subscription and billing administration.

Categories of Third Parties to Whom We Disclose Personal Information for Business Purposes in the Preceding 12 Months
- LocationIQ for geocoding.
- Paddle for subscription and payment administration.
- Resend for transactional email delivery.
- Sentry for error monitoring.
- OpenAI, Azure OpenAI, or Google Gemini for AI chat processing when you use that feature.
- Google Analytics, if you opt in to analytics cookies.

Sale or Sharing
We do not sell personal information. We do not share personal information for cross-context behavioral advertising. In the preceding 12 months, we have not sold or shared personal information.

How to Exercise California Rights
You may submit a California privacy request by emailing [email protected] or by using our contact page at https://riskzone.ai/contact and writing "California privacy request" in your message. You may also delete your account from your dashboard settings. We may need to verify your identity before processing a request to know, delete, or correct.

Do Not Track / CalOPPA
Some web browsers offer a "Do Not Track" setting. Our website does not currently respond to Do Not Track browser signals in a uniform way. We do not allow third-party advertising networks to collect personal information on our site for cross-context behavioral advertising. If you opt in to analytics cookies, Google Analytics may collect usage information from our site under Google's policies. You can reject optional cookies or withdraw analytics consent at any time via the "Cookie Settings" link in the site footer.