CREXPERT.AI

Legal

Privacy Policy

How CREXPERT.AI collects, uses, stores, and shares your information.

Last updated: TBD

TBD-LEGAL

Placeholder language. Counsel-approved final copy lands before launch (Phase 8). The structure and headings here are intended to mirror the final document so links remain stable.

1. Overview

TBD-LEGAL. Plain-language summary of what data we collect, why, and what choices you have. Counsel will deliver the plain-language summary and the section-by-section detail below.

2. Information we collect

2.1 Account information

TBD-LEGAL. Email address, display name, and role chosen at sign-up. For agents: business information disclosed during listing creation. For Google sign-in: the profile claims Google provides.

2.2 Usage data

TBD-LEGAL. Pages visited, searches performed, listings saved, and inquiries sent. Aggregated and anonymized to drive marketplace insights.

2.3 Device and network data

TBD-LEGAL. Browser type, OS, approximate location derived from IP. No precise location tracking.

3. How we use information

TBD-LEGAL. Authentication, account management, marketplace functionality, AI features (NLP search, market reports), notifications, fraud prevention, and product improvement.

4. AI processing

TBD-LEGAL. Search queries are sent to Gemini for natural-language parsing. Conversational queries may be logged for model evaluation in anonymized form. AI-generated market reports are derived from Firestore-resident marketplace data.

5. Sharing

TBD-LEGAL. Listing details are visible to all marketplace users; inquiry content is visible only to the parties to the thread. Subprocessors (Firebase, Google Maps, SendGrid, Typesense, Gemini) will be listed here.

6. Data retention

TBD-LEGAL. Account data is retained while the account is active plus a defined window after deletion. Specific retention windows per data category will be enumerated here.

7. Your rights

TBD-LEGAL. Access, correction, deletion, portability, and opt-out rights described here, including jurisdiction-specific rights (CCPA, GDPR if applicable).

8. Cookies and tracking

TBD-LEGAL. Strictly necessary cookies for authentication, plus Firebase Analytics for usage measurement. No third-party advertising cookies.

9. Security

TBD-LEGAL. Encryption in transit, encryption at rest via Firebase Storage, Firestore security rules, custom-claim role enforcement. Final scope of security commitments pending counsel review.

10. Children

TBD-LEGAL. CREXPERT.AI is not intended for users under 18.

11. Changes to this policy

TBD-LEGAL. Notice mechanism for material changes.

12. Contact

Privacy questions can be sent to privacy@crexpert.ai.