Identity & account data
- Name, email, role, organization/account membership, and auth/session metadata.
- Plan, seat, billing identifiers, and entitlement state.
Privacy
Privacy Policy
Last updated: February 17, 2026
This policy explains how Vindex handles data across AI narratives, portfolio maps, compliance operations, institutional/commercial workflows, and billing. Vindex is a business platform; account owners are generally responsible for lawful collection and use of data they upload or connect.
Portfolio & operations data
- Properties, units/beds, work orders, violations, cases, bids, and activity/audit records.
- Files and attachments (photos, PDFs, statements, compliance evidence).
Intelligence & external context
- Geocoding + geography context, market trend snapshots, and normalized external signal summaries.
- Imported feeds you enable (for example: regulatory, market, tax/lien, and mortgage datasets).
Technical telemetry
- Request metadata, pageview events, error diagnostics, and security controls (rate limits, abuse checks).
- Device/browser metadata and IP-derived security context.
How we use data
- Operate account-scoped workflows for compliance, legal, maintenance, financing, and marketplace operations.
- Generate analytics and AI narrative summaries from workspace data and enabled external datasets.
- Enforce security controls, role permissions, abuse prevention, and incident response.
- Provide support, billing, and service communications.
- Meet legal obligations including retention, audit, and lawful process handling.
AI outputs in Vindex are decision-support tools and should be reviewed by qualified operators before final legal, credit, or compliance decisions.
Sharing and subprocessors
Vindex does not sell personal data. Data may be processed by trusted service providers needed to run the platform.
- Infrastructure vendors (hosting, storage, logging, email, and monitoring).
- Billing providers (for example, Stripe) for subscription and payment processing.
- Data providers you or your admin enables for market, geography, or property intelligence.
Data is also shared with users your organization authorizes (owners, staff, counsel, consultants, contractors, lenders).
Security controls
Access controls
Role- and account-scoped permissions.
Transport security
Encrypted transport for client/API communication.
Abuse protection
Rate limits, blocklists, and suspicious-activity checks.
Auditability
Operational and access events for review and forensics.
Retention and deletion
Account and membership records
Retained while account is active + required legal retention period.
Operational records (violations/work orders/cases/bids)
Configured by workspace policy; may be retained for compliance history.
Security and audit logs
Retained based on security policy and applicable legal requirements.
Billing and subscription records
Retained for accounting, tax, and dispute handling requirements.
Your privacy rights
- Request access to or export of your account-scoped data.
- Request correction of inaccurate account/profile records.
- Request deletion where legally permitted and contractually supported.
- Manage notification and communication preferences.
If you are an employee or invited user, route requests through your account owner/admin first.
Cross-border and legal process
Depending on deployment and enabled integrations, data may be processed in multiple jurisdictions. Vindex will respond to valid legal requests where required by law and will seek to protect customer data using contractual and technical safeguards.
Policy updates
We may update this policy as the platform and legal requirements evolve. Material updates will be posted with a revised “Last updated” date.