Privacy Policy

Approveda takes your privacy seriously. This policy explains what information we collect, how we use it, and your rights.

Information We Collect

Account information: When you create an account, we collect your name, email address, and authentication credentials (password hash or Google OAuth token).

Business information: When you use ClearedPath, you may provide business details including business name, entity type, address, EIN, NAICS code, and other information needed for permit applications. This information is stored in your account and used to generate roadmaps and pre-fill applications.

Search data: We log search queries, business types, and locations to improve our permit database and search quality. Search logs are associated with your session but not with your personal identity unless you are signed in.

Payment information: Payments are processed by Stripe. We do not store credit card numbers. Stripe's privacy policy governs payment data.

Checkpoint data: Applications submitted through Checkpoint contain applicant names, contact information, and permit application data. This data is accessible only to the applicant and the agency that received the application.

How We Use Your Information

To provide the Services: generating roadmaps, scoring applications, sending deficiency notices, tracking application status, and processing payments.

To improve the platform: analyzing aggregate search patterns, deficiency rates, and usage trends. This analysis uses anonymized, aggregate data only.

To communicate with you: sending transactional emails (deficiency notices, application status updates, compliance reminders), and occasional product updates. You can unsubscribe from non-transactional emails at any time.

What We Do Not Do

We do not sell your personal information to third parties.

We do not share individual applicant data between agencies. Each agency on Checkpoint sees only the applications submitted to them.

We do not share your ClearedPath account data with government agencies unless you explicitly submit an application through Checkpoint.

We do not use your business data to train AI models. Our AI systems use your input to generate roadmaps and scores in real time but do not retain your data for model training.

Aggregate Data

We may publish or share anonymized, aggregate data about business formation trends, permit volumes, and regulatory patterns. This data contains no personally identifiable information and cannot be traced to individual users or businesses.

Data Retention

Account data is retained as long as your account is active. You may request deletion of your account and all associated data by contacting will@ssgr.us. We will process deletion requests within 30 days.

Checkpoint application records are retained for the duration required by the receiving agency's records retention policy, or 7 years, whichever is longer.

Search analytics data is retained in anonymized form indefinitely.

Data Security

We use industry-standard security measures including encrypted connections (HTTPS/TLS), hashed passwords (bcrypt), JWT authentication tokens, and secure database connections (SSL). Checkpoint submissions are secured with SHA-256 cryptographic hash chains. See our Security page for more details.

Cookies

We use essential cookies for authentication and session management. We do not use third-party tracking cookies or advertising cookies.

Your Rights

Access: You may request a copy of all data we hold about you.

Correction: You may update your account information at any time through your account settings.

Deletion: You may request deletion of your account and data.

Portability: You may request your data in a machine-readable format.

To exercise any of these rights, contact will@ssgr.us.

Children

Our Services are not directed to individuals under 18. We do not knowingly collect information from children.

Changes

We may update this policy. Material changes will be communicated via email to registered users.

Contact