Igni

Privacy Policy

Last updated: June 2026

This Policy explains what personal information Igni (operated by PermitPulse) processes, why, and the rights available under the California Consumer Privacy Act / California Privacy Rights Act (CCPA/CPRA) and the EU/UK General Data Protection Regulation (GDPR).

These terms are being finalized; for the current binding version contact legal@igni.pro.

1. Who this affects

  • Customers (businesses): builders, lenders, and other B2B users of the Service. We process their account, contact, and usage data to provide the Service.
  • Property owners and other individuals named in public records: individuals appearing in public permit records and, in a future opt-in feature, individuals whose contact data is skip-traced.

Because we may process in the context of an EU establishment, GDPR protections apply to these individuals regardless of where the processing takes place.

2. What data we collect

Account and usage data (collected directly from Customers):

  • Account and contact details (email, company name).
  • Subscription configuration (tiers, filters, delivery channels).
  • Usage and diagnostic data (API usage, logs) for operating the Service, security, and abuse prevention.

Permit data (derived from publicly available government records): permit number, type/subtype, work description, address, valuation, status, dates, contractor name/license where published, plus assessor-sourced owner-of-record name and Igni-generated classifications (ADU typing, SB-9 / SB-10 flags).

3. Cookies

We use a small number of essential cookies and similar local storage to operate the site — including a language-preference cookie and a cookie-consent record. We do not use third-party advertising cookies. See our Cookie Policy for details and how to manage cookies.

4. Permit data and public records

Permit data is derived from publicly available government records. Information that is lawfully made available from government records is excluded from the definition of "personal information" under the CCPA/CPRA. We treat permit records and assessor-sourced owner name as publicly available information lawfully obtained from government records.

For permit-data processing under GDPR, our lawful basis is legitimate interest in providing market intelligence from public records.

5. Owner-contact data (opt-in feature, currently off)

Owner-contact enrichment — skip-traced telephone or other contact information — is a separate, opt-in feature that is gated off by default and is not currently live. When enabled in the future, it will operate under a dedicated data-broker compliance program:

  • Data-broker registration with the California Privacy Protection Agency before any contact data is provided;
  • Honoring deletion requests through the California Delete Act / DROP mechanism within statutory windows, with status reporting;
  • Continuing suppression: once an individual is on our suppression list, we block collection before any skip-trace — a permanent, pre-collection block — while per-field provenance lets us delete only skip-traced fields and retain public-record fields;
  • Under GDPR, a per-contact transparency notice to each property owner no later than the first disclosure to a third party.

6. Your rights

California (CCPA/CPRA): California residents may, where applicable, request to know/access, delete, and correct personal information, opt out of the sale or sharing of personal information, and not be discriminated against for exercising these rights. We do not sell or share permit-data records that fall within the public-records exclusion.

GDPR (Articles 15–22): data subjects may request access, rectification, erasure, restriction, and portability, and may object to processing based on legitimate interest. An objection or opt-out is implemented through our suppression list, which blocks future collection and disclosure. You may also lodge a complaint with your local supervisory authority.

To exercise any of these rights, contact legal@igni.pro.

7. Retention, disclosures, and security

  • Permit data is retained for the operating life of the Service as needed for the stated purposes.
  • Owner-contact data (when the feature is live) is retained only as needed for delivery and compliance, and suppressed or deleted per the Delete Act / DROP and GDPR.
  • Customer account and billing data is retained for the relationship plus any legally required period.

We disclose data to Customers under the Terms of Service, and to service providers (hosting, geocoding, email/webhook delivery, and, in the future, a skip-trace provider) under appropriate agreements. We apply reasonable technical and organizational security measures appropriate to the risk, but no method is perfectly secure.

8. International transfers and changes

Personal data may be processed in the US and the EU. Where personal data is transferred out of the EEA/UK, we rely on an appropriate transfer mechanism such as Standard Contractual Clauses. We may update this Policy and will update the "Last updated" date; material changes will be communicated as required by law.

9. Contact

Privacy questions and data-subject requests may be sent to legal@igni.pro. Controller: Igni (entity details available on request).