Privacy Policy

1. Information We Collect

• Account data: name, email, company name, password hash.
• Billing data: processed by our payment processor; we receive last-4 card digits and transaction metadata only.
• Content data: leads, proposals, customer information, and other content you submit.
• Usage data: log files, device identifiers, IP address, browser type, pages visited, timestamps.
• Cookies & similar technologies: see our Cookie Policy.
• Third-party sign-in: if you use Google to sign in, we receive your name, email, and profile picture.

2. How We Use Information

• Provide, operate, secure, and improve the Service.
• Process payments and manage subscriptions.
• Communicate about your account, security, and product updates.
• Generate AI Output you request.
• Comply with legal obligations and enforce our Terms.
• Analytics, fraud prevention, and product research (in aggregated or de-identified form).

3. Legal Bases (EEA/UK)

Where GDPR applies, we rely on: performance of a contract; legitimate interests (security, product improvement); consent (cookies, marketing); and legal obligations.

4. Sharing

We do not sell personal information. We share with:

• Service providers / subprocessors who help operate the Service (hosting, payment processing, email, AI model providers, analytics) under confidentiality obligations.
• Affiliates of Ivory Digital, LLC.
• Legal authorities when required by law or to protect rights, safety, or property.
• Successors in connection with a merger, acquisition, or asset sale.

5. AI Processing

Content you submit may be sent to third-party AI model providers to generate responses. We do not authorize providers to use your content to train their public models except as required to deliver the requested output. You are responsible for not submitting confidential information you are not permitted to share.

6. International Transfers

Your information may be transferred to and processed in the United States and other countries with different data-protection laws. Where required, we rely on Standard Contractual Clauses or equivalent safeguards.

7. Retention

We retain data for as long as your account is active and as needed to provide the Service, comply with legal obligations, resolve disputes, and enforce agreements. You may request deletion at any time, subject to our legal obligations.

8. Security

We use commercially reasonable technical and organizational measures to protect your data. However, no system is fully secure, and we cannot guarantee absolute security. You use the Service at your own risk.

9. Your Rights

Depending on your jurisdiction, you may have rights to access, correct, delete, port, restrict, or object to processing of your data, and to withdraw consent. To exercise these rights, email privacy@ivoryroof.com. We will respond within the time required by applicable law.

California (CCPA/CPRA)

California residents have rights to know, delete, correct, and limit use of sensitive personal information, and to non-discrimination for exercising rights. We do not sell or share personal information for cross-context behavioral advertising.

EEA/UK (GDPR)

You may lodge a complaint with your local supervisory authority.

10. Children

The Service is not directed to anyone under 18. We do not knowingly collect data from children. If you believe a child has provided us data, contact us and we will delete it.

11. Do Not Track

We do not respond to Do Not Track signals; the standard is not finalized.

12. Changes

We may update this Policy. Material changes will be posted to the Service or notified by email. Continued use constitutes acceptance.

13. Contact

Ivory Roof, a service of Ivory Digital, LLC — privacy@ivoryroof.com