InspectSOP

Privacy Policy

Last updated: April 10, 2026

InspectSOP is privately owned. We do not sell, rent, or share your personal data with third parties for marketing purposes. This policy explains what we collect, why, and how you can control it.

1. Information We Collect

Account information

Name, email address, company name, and service area. Collected when you create an account or onboard your company workspace.

Inspection data

Inspection reports, findings, photos, narratives, property addresses, and client information you enter while using the Service. This data belongs to you.

Usage data

Log data including IP address, browser type, pages visited, and timestamps. Used for security monitoring and service improvement.

Payment information

We use Stripe to process payments. InspectSOP never stores your full card number. Stripe's privacy policy governs payment data.

2. How We Use Your Information

  • To provide and improve the Service
  • To process payments and manage subscriptions
  • To send transactional emails (welcome, report delivery, billing)
  • To respond to support requests
  • To detect and prevent fraud or abuse
  • To comply with legal obligations

We do not use your inspection data to train AI models. Voice and text inputs sent for AI narrative generation are processed by OpenAI in accordance with their API data use policies (no training on API inputs).

3. Third-Party Services

InspectSOP uses the following third-party services:

  • Supabase — database, authentication, and file storage (EU/US)
  • OpenAI — AI narrative generation via API (no training on inputs)
  • Stripe — payment processing and billing
  • Resend — transactional email delivery
  • Mapbox — operations map rendering

4. Data Retention

We retain your data for as long as your account is active. If you cancel your subscription, we retain your data for 90 days before permanent deletion. You may request earlier deletion by contacting us. You can export all your data at any time from Settings › Data Portability.

5. Security

All data is encrypted in transit (TLS 1.2+) and at rest. Row-level security policies in our PostgreSQL database ensure that each company can only access its own data. We conduct regular security reviews and apply patches promptly.

6. Your Rights

Depending on your location, you may have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate data
  • Request deletion of your data
  • Export your data in a machine-readable format
  • Opt out of non-essential communications

To exercise these rights, email privacy@inspectsop.com.

7. Cookies

We use strictly necessary cookies for authentication (Supabase session cookies). We do not use third-party tracking or advertising cookies.

8. Changes to This Policy

We will notify you by email at least 14 days before material changes to this policy take effect. Continued use of the Service after that date constitutes acceptance.

9. Contact

Privacy questions: privacy@inspectsop.com