Privacy
Privacy (public beta)
Section titled “Privacy (public beta)”Effective 2026-07. Short version: there is almost nothing to collect, so almost nothing is collected.
Docs site
Section titled “Docs site”No cookies, no analytics, no tracking pixels, no accounts. Reading these pages sends us nothing.
API and MCP server
Section titled “API and MCP server”- Rate limiting: the worker holds your IP address and a request counter in memory for up to 60 seconds (a sliding per-minute window) to enforce the 30 calls/min limit. It is not written to storage and is discarded on rollover.
- No application request logging: the worker does not persist who called what. The run metadata it stores (listing-refresh timestamps and counts) contains no user data.
- Address lookups: if you call the underwrite or comps endpoints with a street address instead of coordinates, that address is sent to a third-party geocoder (OpenStreetMap Nominatim) to resolve it, and is not stored by us.
- Infrastructure: the service runs on Cloudflare Workers; Cloudflare processes requests in order to deliver them, under its own policies.
- No cookies, no analytics, no sale of anything.
Future, stated now so it isn’t a surprise
Section titled “Future, stated now so it isn’t a surprise”When self-serve API keys ship (F2), accounts will exist for the first time: key identifiers, granted scopes, and issuance/usage audit logs. Retention periods for those logs will be stated on this page at launch, before any key is issued.
Questions: GitHub issues (repository link to be published).