Privacy policy

Legible Home stores the account details needed to sign you in, including identifiers from our authentication provider and any name, email address, or phone number you provide.

We store the property details you add, including home addresses and home facts, homeowner notes, project and expense data, AI feedback, receipt details, and the documents or photos you upload to support analysis.

We also store generated reports, value snapshots, tracked projects, product-interaction data, diagnostics, and operational logs needed to keep the service reliable, secure accounts, enforce limits, and support users when something goes wrong.

For California residents and other users covered by US state privacy laws, the categories of personal information Legible Home has collected in the past 12 months are: identifiers (name, email, phone number, account identifiers from our authentication provider, IP address, device identifiers); customer records (account credentials, profile details); commercial information (records of features used, plans, and any future paid transactions); internet and similar network activity (product interactions, diagnostics, error logs); geolocation information (the property addresses you add, derived only from what you provide); audio, electronic, visual, or similar information (photos, documents, receipts, and other files you upload); professional or employment-related information only if you voluntarily include it in uploads or notes; and inferences drawn from the above to provide AI-assisted planning guidance.

We collect this information directly from you when you create an account, upload materials, use AI features, or contact us; automatically when you use the service through cookies, device signals, and product telemetry; and from our service providers (authentication, address lookup, public market data) as described below.

We use this information for the purposes described in 'How the data is used' below. We retain each category only as long as needed for those purposes, in line with the retention schedule in 'Storage, retention, and deletion'.

Your uploaded materials and saved home context are used to authenticate your account, maintain your home workspace, generate AI-assisted homeowner planning guidance, produce value ranges, recommend projects, support address lookup, and help you track work over time.

Before Legible Home sends personal data to a third-party AI provider for the first time, the app or web dashboard asks for explicit permission and identifies the providers and categories of data involved. You can revoke this third-party AI permission from Profile > Privacy & AI; revoking stops future third-party AI sharing until you allow it again. When you use AI-powered features after granting permission, you authorize Legible Home to process the account, property, uploaded-material, and usage data reasonably needed to provide those features with our service providers, including third-party AI, search, address, hosting, storage, authentication, and monitoring providers described below.

We may use operational metadata, redacted test fixtures, user feedback, and error information to improve reliability, evaluate output quality, enforce safety and abuse controls, and support the product while we scale. We do not use your uploaded documents, photos, receipt images, or raw home context to train third-party AI models, we do not share your data with advertising networks, and we do not sell or share your personal information for cross-context behavioral advertising.

Depending on the feature, Legible Home may send data to Anthropic (Claude), OpenAI, or both to generate the requested AI result. Anthropic (Claude) powers report extraction, inspection-task generation, regional repair-cost research, project recommendation refinement, and home-value estimates. OpenAI may power features such as receipt-photo extraction, which can process vendor names, totals, dates, notes, and limited payment context visible on the receipt image, such as card brand or last four digits.

According to the current commercial/API data-use commitments from Anthropic and OpenAI, customer inputs and outputs submitted through their business/API services are not used to train or improve their models by default unless the customer opts in or submits feedback through provider channels. Legible Home does not opt in to third-party model training for uploaded documents, photos, receipt images, or raw home context.

AI providers and other service providers may still process and temporarily retain content, metadata, or abuse-monitoring records as needed to provide their services, secure their systems, comply with law, and enforce usage policies.

The home-value assessment also uses public market data from government and open-data sources, including ZIP-level house price index data where available. Search queries mention the city, state, and ZIP code of the home being assessed, but not your name or account identifiers. Results are cached locally for up to 14 days to minimize repeat calls. Address search and address resolution may use Google Maps Platform / Google Places to suggest and normalize property addresses while you type or select an address.

Documents, photos, and receipts you upload are processed by our analysis pipeline only for the feature you request, which may include enabled vision and language models for extraction and summarization.

Legible Home applies redaction and sanitization safeguards to text we extract from your documents. Common patterns like Social Security numbers, account numbers, dates of birth, phone numbers, and email addresses are removed or masked where detected before content reaches the intelligence engine or appears in reports.

These safeguards apply most reliably to text-layer content such as typed PDFs and plain text. Image-only documents, scans without an embedded text layer, photographs of paperwork, screenshots, GIFs, WEBP files, and unusual document formats go through OCR-based or best-effort redaction where available, but no automated redaction system catches every sensitive field.

Avoid uploading highly sensitive information unless it is necessary for the planning task at hand. If you upload sensitive material, it may be processed by Legible Home and our service providers to provide the requested feature.

We do not intentionally collect government identifiers, precise geolocation in the legal sense, racial or ethnic origin, religious beliefs, union membership, genetic data, biometric data, health data, or sexual orientation. If categories of 'sensitive personal information' as defined by the California Consumer Privacy Act or a comparable state law happen to appear in materials you upload, we treat them as sensitive: we use that data only to provide the feature you requested, secure your account, prevent abuse, comply with law, or perform other purposes a user would reasonably expect, and we do not use it to infer characteristics about you or for advertising.

Because we use sensitive personal information only for the limited purposes listed above, no separate 'Limit the Use of My Sensitive Personal Information' link is required. If that changes, we will add one and update this section before the change applies. You can also email privacy@legiblehome.com to ask us to limit any specific use.

Account, property, and report data is stored in databases managed by Render in the United States. Uploaded files are stored in Amazon S3 in the us-east-1 region with server-side encryption at rest and TLS-only transport.

We rely on the following sub-processors to operate the service: Anthropic (AI inference, document/photo extraction, analysis, reports, project recommendations, and hosted web search for regional cost context), OpenAI (AI inference, vision extraction, receipt extraction, and model evaluation for AI-powered features), Google Maps Platform / Google Places (address autocomplete and address normalization), Clerk (authentication and account management), Amazon Web Services (file storage), Render (application hosting and database), Vercel (web app hosting), Sentry where enabled (error monitoring with PII scrubbing), and Apple (iOS app distribution, App Store, and Apple-provided diagnostics). We require service providers that process user data for Legible Home to protect that data under terms and safeguards that are the same as or equal to the protections described in this Privacy Policy and required by applicable App Store privacy guidelines.

We do not sell your data, share it with advertising networks, or use it for cross-context behavioral advertising. If that changes, we will update this policy and any required platform privacy labels before the change applies.

Legible Home is operated in the United States, and the data we hold is stored on infrastructure in the United States. Some of our sub-processors operate globally and may process data outside your home jurisdiction in the course of providing infrastructure, model inference, or support services.

If you access Legible Home from outside the United States, you understand and agree that your information is processed in the United States, where privacy laws may be different from the laws in your country. We do not currently target Legible Home at users in the European Economic Area, the United Kingdom, or Switzerland; if you choose to use the service from those regions, you do so on your own initiative and remain responsible for compliance with local law.

We take reasonable administrative, technical, and physical measures to protect Legible Home data. Transport is TLS-encrypted, uploaded files are stored with server-side encryption at rest, secrets and access tokens are managed through dedicated secret stores, sensitive-data redaction runs on extracted text where feasible, and access to production systems is limited to authorized personnel and audited.

No security program is perfect. You are responsible for keeping your account credentials confidential and for notifying us promptly at privacy@legiblehome.com if you believe your account has been compromised.

Uploaded files are stored in encrypted cloud storage and linked to your home workspace. Generated reports, extracted facts, value snapshots, and project-tracking data are stored in the application database.

If you remove a document from a home, Legible Home deletes the document record and attempts to delete the stored file. If you delete your account, we remove your account record immediately and sweep associated files from cloud storage as a background job, with the goal of completing deletion within 30 days.

Internal logs, security records, usage records, backups, and derived outputs may persist for support, debugging, abuse prevention, legal, tax, accounting, or compliance reasons for up to 90 days, after which they are deleted or anonymized, unless a longer retention period is required or permitted by applicable law.

You can review and delete your account and homeowner data from the app. To request a copy, correction, export, or deletion help, contact privacy@legiblehome.com; we aim to respond within 30 days unless applicable law allows or requires a different timeline.

If you are a resident of California, Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, Iowa, Delaware, Tennessee, New Jersey, Indiana, New Hampshire, Kentucky, Minnesota, Maryland, Nebraska, or another US state with a comprehensive privacy law, you may have the right to know what personal information we hold about you, request a copy in a portable format, request correction of inaccurate information, request deletion, opt out of the sale or sharing of your personal information for cross-context behavioral advertising and of targeted advertising (we do neither), opt out of certain profiling, limit certain uses of sensitive personal information, and not receive discriminatory treatment for exercising these rights. You may also designate an authorized agent to submit a request on your behalf where state law permits; we will ask you to verify the request to protect your account.

If we deny a request, you may appeal by replying to our response email. We will review the appeal and respond within the timeframe required by the law that applies to you.

We do not sell or share personal information for cross-context behavioral advertising, do not run targeted advertising, and do not engage in legally-defined profiling that produces decisions with legal or similarly significant effects.

Because of that, opt-out preference signals such as Global Privacy Control (GPC) and Do Not Track do not change how Legible Home handles your data today. If we ever introduce features that would change this, we will honor recognized opt-out signals as required by applicable state privacy law.

Legible Home is intended for adult homeowners. We do not knowingly collect personal information from anyone under 18, and the service is not directed to children. If you believe a minor has provided personal information to Legible Home, contact privacy@legiblehome.com and we will delete it.

We may update this Privacy Policy from time to time. When we do, we will revise the 'Last updated' date at the top of this page and, for material changes, give reasonable advance notice through the service or by email before the change takes effect. Continued use of Legible Home after an updated policy takes effect means you accept the updated policy.

For deletion, access, correction, export, or other privacy concerns, contact privacy@legiblehome.com. For general support, contact support@legiblehome.com.