RestoratorProRestoratorPro
Book a Demo

Privacy Policy

Last updated: [DATE — INSERT ON PUBLISH]

This Privacy Policy describes how Restorator Pro LLC, a Michigan limited liability company ("Company," "we," "us," or "our"), collects, uses, shares, and protects personal information when you use our website, applications, and services (collectively, the "Services"). This Policy is governed by the law and dispute-resolution terms of our Terms of Service.

1. INFORMATION WE COLLECT

1.1 Information You Provide

We collect information you voluntarily provide, including:

  • Account Information: Name, email address, phone number, company name, and other registration details.
  • Payment Information: Billing address and limited payment metadata (payment-card data is processed securely through our third-party payment processor; we do not store full card numbers — see Section 1.5).
  • Communications: Messages, questions, feedback, and other content you submit through our Services, including AI chat interactions.
  • Uploaded Content: Documents, images, files, and other materials you upload to our Services.
  • Business Information: Information about your business, projects, insurance claims, and related matters you choose to share, which may include your end customers' personal information and insurance-claim data ("Customer Content").

1.2 Information Collected Automatically

  • Device Information: Device type, operating system, browser type, unique device identifiers, IP address, and mobile network information.
  • Usage Information: Pages visited, features used, time spent, click patterns, search queries, and interaction data.
  • Location Information: General geographic location based on IP address; precise location only if you grant permission.
  • Log Data: Access times, error logs, referring URLs, and other standard web log information.

1.3 Information from Third Parties

We may receive information from third-party sources, including authentication providers (e.g., Google, Apple) if you use social sign-in, our payment processor, and analytics partners and business partners.

1.4 Our Roles (Controller vs. Processor / Service Provider)

For information about our business customers' own accounts, billing, and our marketing, we act as a controller/business and this Policy governs. For Customer Content that a business customer submits about its end customers and projects — including end-customer personal information and insurance-claim data — we act as a processor / service provider on that business customer's behalf, process it only on their documented instructions and to provide the Services, and do not sell it, share it for cross-context behavioral advertising, or retain, use, or disclose it for any purpose other than providing the Services. Our processing of such Customer Content is governed by our Data Processing Addendum (DPA) at https://restoratorpro.com/dpa, which is incorporated into the agreement with each business customer and includes CCPA/CPRA service-provider terms and, where applicable, GDPR Article 28 terms. A current list of subprocessors (including hosting, payment processing, SMS/voice, and AI providers) is available at https://restoratorpro.com/subprocessors; we will provide a mechanism to be notified of changes and to object to new subprocessors. End customers who wish to exercise privacy rights should contact the business customer that controls their data; we will reasonably assist that business customer in responding.

1.5 Payment Information

Payments are processed by our third-party payment processor (currently Stripe). We do not collect or store full payment-card numbers on our systems; card data is transmitted directly to and stored by the processor in accordance with the Payment Card Industry Data Security Standard (PCI-DSS). Your use of payment features is also subject to the processor's privacy policy and terms. We receive limited billing metadata (such as the last four digits, card brand, expiration, billing ZIP, and transaction status) to manage your subscription and detect fraud.

2. HOW WE USE YOUR INFORMATION

We use collected information to: provide, maintain, and improve our Services; process transactions and send related information; send transactional and (where permitted) promotional communications; respond to inquiries and provide support; personalize your experience; analyze usage patterns and trends; detect, prevent, and address fraud, abuse, and security issues; comply with legal obligations and enforce our terms; and for any other purpose with your consent.

2.1 AI Processing and Model Training

(a) We process your inputs, queries, uploaded files, and outputs ("AI Inputs") solely to operate and deliver the Services to you (including running the AI feature you requested, generating your response, security, abuse-prevention, and debugging).

(b) We do NOT use Customer Content — meaning the data, documents, images, communications, business information, insurance-claim data, or end-customer personal information that you or your authorized users submit to the Services — to train, fine-tune, or develop any general-purpose, shared, or cross-tenant AI model, and we contractually require our AI subprocessors not to do so.

(c) We may use Service-Generated Data (de-identified, non-content operational metadata such as feature-usage counts, latency, and error rates that cannot reasonably be re-associated with you, your end customers, or any identifiable individual) to monitor, debug, secure, maintain, and improve the Services.

(d) We do not sell your AI Inputs and do not disclose them to other tenants.

(e) If we ever offer a program to use Customer Content for model improvement, participation will be OPT-IN per account and revocable at any time, and your Order Form or Master Subscription Agreement controls over this Policy to the extent of any conflict.

(f) Upon verified account deletion, we will delete or de-identify your AI Inputs within a commercially reasonable period, except for de-identified/aggregated data no longer associated with you and records we must retain by law or to resolve disputes. The prior practice of treating all submitted content as training data is discontinued as of the effective date of this Policy.

3. HOW WE SHARE YOUR INFORMATION

3.1 Service Providers / Subprocessors

We share information with third-party service providers who perform services on our behalf, including hosting, payment processing, analytics, customer support, marketing, SMS/voice, and AI processing. These providers are contractually obligated to use your information only to provide services to us. A current subprocessor list is available at https://restoratorpro.com/subprocessors.

3.2 Business Transfers

In connection with any merger, acquisition, reorganization, sale of assets, or bankruptcy, your information may be transferred to a successor entity. We will notify you of any such change in ownership or control.

3.3 Legal Requirements

We may disclose your information if required by law or in response to valid legal requests, including subpoenas, court orders, or government demands, or to protect rights, property, or safety.

3.4 With Your Consent

We may share your information with third parties when you give us explicit consent.

3.5 Aggregated or De-Identified Data

We may share De-Identified Data that cannot reasonably be used to identify any individual, household, or end customer. We maintain technical and organizational measures to prevent re-identification, we will not attempt to re-identify it, and we contractually bind recipients to the same. We do not use De-Identified Data to reconstruct Customer Content.

3.6 No Sale or Share of Customer Content; Sensitive Information

We do not sell, and do not share for cross-context behavioral advertising, the Customer Content that business customers submit through the Services, including end-customer personal information and insurance-claim data. Any "sale" or "sharing" that may occur applies only to limited website-visitor and marketing data described in our cookies section (Section 4), and you may opt out as described in Sections 8 and 9. Some Customer Content may include sensitive personal information (such as insurance-claim details and, in limited cases, government identifiers). We use and disclose sensitive personal information only as necessary to provide the Services and for the limited purposes permitted by applicable law, and not to infer characteristics about any individual.

4. COOKIES AND TRACKING TECHNOLOGIES

We use cookies, pixels, beacons, and similar technologies to authenticate users and remember preferences, analyze usage and improve our Services, deliver and measure advertising, and prevent fraud and enhance security.

4.1 Types of Cookies: Essential, Performance, Functional, and Advertising cookies.

4.2 Your Choices: You can manage cookie preferences through your browser settings and, where offered, our cookie controls. Disabling cookies may affect functionality. Where required, we honor recognized universal opt-out signals (such as Global Privacy Control).

5. DATA RETENTION

We retain Customer Content for the duration of your subscription and then delete or return it within ninety (90) days after termination, except (a) backups, which are purged on our standard rolling backup cycle (not to exceed twelve (12) months), and (b) records we are required to retain by law (e.g., tax, accounting, and fraud-prevention records) or that we reasonably need to resolve disputes and enforce agreements, retained only for the applicable limitation period. We may retain De-Identified Data, which we process so it cannot reasonably identify, relate to, or be linked to any individual, household, or end customer; we maintain technical and organizational measures to prevent re-identification, we will not attempt to re-identify it, and we contractually bind recipients to the same. We do not use De-Identified Data to reconstruct Customer Content.

6. DATA SECURITY

We implement industry-standard security measures to protect your information, including encryption of data in transit (TLS/SSL) and at rest, access controls and authentication requirements, regular security assessments and monitoring, and employee training on data protection.

HOWEVER, NO METHOD OF TRANSMISSION OVER THE INTERNET OR ELECTRONIC STORAGE IS 100% SECURE, AND WE CANNOT GUARANTEE THE ABSOLUTE SECURITY OF YOUR INFORMATION. Nothing in this paragraph waives any non-waivable statutory duty we owe regarding data security; our liability arising from a security incident is governed by Section 15 and by the limitations in our Terms of Service.

7. INTERNATIONAL DATA TRANSFERS

Your information may be transferred to and processed in countries other than your country of residence, including the United States, which may have different data-protection laws. By using our Services, you consent to the transfer of your information to the United States and other countries as described in this Policy.

8. YOUR RIGHTS AND CHOICES

Depending on your jurisdiction, you may have rights to access, correct, delete, and port your personal information, opt out of marketing communications, and request restriction of or object to certain processing. To exercise these rights, contact us at privacy@restoratorpro.com or use the methods on our website. We may require verification of your identity. We will not discriminate against you for exercising your rights. We reserve the right to deny requests that are unfounded, excessive, or not required by applicable law, and certain data may be exempt from deletion under applicable law.

9. STATE PRIVACY RIGHTS (INCLUDING CALIFORNIA)

Because we serve customers nationwide, residents of states with comprehensive consumer-privacy laws — currently including but not limited to California, Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, and other states whose laws are in effect (collectively, "State Privacy Laws") — may have rights to: (a) confirm whether we process their personal data and access it; (b) correct inaccuracies; (c) delete personal data; (d) obtain a portable copy; (e) opt out of targeted advertising, the "sale" or "sharing" of personal data, and certain profiling that produces legal or similarly significant effects; and (f) appeal a denial of a rights request. [VERIFY current enacted/effective states and effective dates as of the publication date.]

We honor recognized universal opt-out signals (such as Global Privacy Control) where required. To exercise rights, email privacy@restoratorpro.com or use the methods on our website; we will respond within the timeframes required by the applicable State Privacy Law and will not discriminate against you. If we deny a request, you may appeal by replying to our decision; if your appeal is denied you may contact your state Attorney General.

California (CCPA/CPRA). California residents have the right to know what personal information we collect, use, and disclose; to delete personal information; to opt out of the "sale" or "sharing" of personal information; to correct inaccurate personal information; to limit the use of sensitive personal information; and to non-discrimination. As described in Section 3.6, we do not sell or share Customer Content; any "sale"/"sharing" is limited to website-visitor and marketing data, and you may opt out at privacy@restoratorpro.com. You may designate an authorized agent to make requests on your behalf, subject to verification.

10. EUROPEAN PRIVACY RIGHTS (GDPR)

If you are located in the EEA, United Kingdom, or Switzerland, you have rights of access, rectification, erasure, restriction, portability, and objection, and rights related to automated decision-making. We process your data based on (a) your consent; (b) performance of a contract; (c) compliance with legal obligations; or (d) our legitimate interests. You may lodge a complaint with your local data protection authority. Where we act as a processor on a business customer's behalf, our processing is governed by our DPA (Section 1.4).

11. NO USE BY MINORS

The Services are business tools intended solely for use by businesses and individuals who are at least eighteen (18) years old and authorized to act for a business. The Services are not directed to children, and we do not knowingly collect personal information from anyone under 18, and in no event from a child under 13 in violation of the Children's Online Privacy Protection Act (COPPA). If we learn that we have collected personal information from a child under 13, we will delete it promptly. If you believe a minor has provided us personal information, contact privacy@restoratorpro.com.

12. THIRD-PARTY LINKS AND SERVICES

Our Services may contain links to third-party websites, services, or applications. We are not responsible for the privacy practices or content of these third parties. We encourage you to review the privacy policies of any third-party services before providing them with your personal information.

13. MARKETING, SMS, AND AI VOICE COMMUNICATIONS

We may send you promotional communications about our products, services, and offers. You can opt out of marketing emails using the "unsubscribe" link or by contacting us. Even if you opt out, we may still send transactional or service-related communications, such as account notifications, security alerts, and updates to our terms and policies.

Telephone, SMS, and AI Voice Communications. If you provide a mobile number or enable our outbound messaging or AI voice features, the following apply:

(a) SMS/Text. By providing a mobile number and opting in, you consent to receive autodialed and/or pre-recorded transactional and, where separately authorized, marketing text messages from or on behalf of Restorator Pro at that number; consent is not a condition of purchase; message and data rates may apply; reply STOP to opt out and HELP for help.

(b) AI Voice Agent. Some calls placed or received through the Services are handled by an automated, artificial-intelligence voice agent. Where required by law, the AI agent will disclose at the start of the call that the caller is interacting with an automated/AI system.

(c) Call Recording. Calls and messages may be monitored or recorded for quality, training, compliance, and record-keeping. Because some states require all-party consent to record, you and your authorized users are responsible for, and must obtain, any consents required from call participants (including your end customers) before using recording features, and you authorize us to play or display a recording disclosure.

(d) Business-Customer Responsibility. If you use the Services to contact your own leads or customers, YOU are the sender/initiator under the Telephone Consumer Protection Act (TCPA) and applicable state telemarketing and recording laws, you represent that you have obtained all legally required prior express consent (and prior express written consent for marketing) from each recipient, you will honor opt-outs and applicable do-not-call rules, and you will indemnify us for claims arising from your messaging or calling.

14. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated Privacy Policy on our website and updating the "Last updated" date. Your continued use of the Services after any changes constitutes your acceptance of the revised Policy. We encourage you to review this Policy periodically.

15. DATA BREACH NOTIFICATION

We maintain a written incident-response program. If we determine that a breach of security has led to the unauthorized acquisition of or access to your personal information, we will notify affected parties and any required authorities without unreasonable delay and within the timeframes required by applicable law, including the Michigan Identity Theft Protection Act, MCL 445.61 et seq. [VERIFY] and other applicable state breach-notification statutes. For business customers, we will also notify you promptly so you can meet your own notification obligations to your end customers. Nothing in this Policy or our Terms waives any non-waivable statutory duty we owe regarding data security or breach notification. Our liability arising from a security incident is governed by the limitations and exclusions in our Terms of Service, except to the extent those limitations are unenforceable under applicable law; we do not attempt to disclaim liability for our own gross negligence, willful misconduct, or any liability that cannot be limited or excluded by law.

16. CONTACT INFORMATION

For questions about this Privacy Policy or our data practices, please contact us at:

Email: privacy@restoratorpro.com

Data Protection Officer: dpo@restoratorpro.com

Mailing Address: Restorator Pro LLC, Privacy Department, [MAILING ADDRESS — INSERT]

BY USING OUR SERVICES, YOU ACKNOWLEDGE THAT YOU HAVE READ AND UNDERSTOOD THIS PRIVACY POLICY.

Back to Restorator Pro