LBC Assist

Privacy Policy

Version 2026-03-24.1 | Effective March 24, 2026
Home Terms SLA Termination
This Privacy Policy is intended for U.S.-only use of the Service. The Service is not offered for projects or users outside the United States.

1. Scope

This Privacy Policy describes how Provider collects, uses, discloses, stores, and protects personal information and other data processed through the LBC Assist Service. This Privacy Policy applies to the public website, portal, permit-related workflows, assistant features, notifications, APIs, and related support operations.

2. Information We Collect

  • Tenant and business information, including business name, contact number, business email, website, contractor license information, insurance provider information, and account administrator details.
  • User account information, including name, email address, username, phone number, permissions, role, password hash, passkey public-key credentials, and security settings.
  • Project and property information, including project descriptions, project addresses, mailing addresses, parcel or tax identifiers, owner details, property type, cost estimates, permits, jurisdiction selections, permit workflow data, and document-preparation answers.
  • Time, mileage, task, note, comment, audit, and assignment records created through the Service.
  • Location and device information when enabled or submitted, including browser geolocation, mobile location updates, notification device identifiers, push tokens, time zone, app version, and related metadata.
  • Usage, security, and session data, including IP address, user agent, cookies, local browser storage, launch-token session storage, authentication events, lockout events, and legal-acceptance records.

3. Sources of Information

  • Directly from you, your administrators, and your authorized users.
  • Automatically from devices and browsers interacting with the Service.
  • From third-party providers you or the Service use for mapping, geocoding, parcel lookup, AI processing, notification delivery, passkeys, and diagramming.
  • From public or official sources, such as governmental or mapping datasets, when used to support Service features.

4. How We Use Information

  • To create and administer accounts, authenticate users, and manage tenant settings.
  • To provide the Service, including permit, project, task, time, mileage, notification, diagramming, and document-related functionality.
  • To maintain security, investigate misuse, prevent fraud, enforce our agreements, and create audit records.
  • To communicate with you about the Service, service status, outages, support matters, policy updates, billing matters, or legal notices.
  • To maintain backups, disaster recovery, and operational resilience.
  • To comply with applicable law, lawful requests, and legal process.

5. Cookies and Local Device Storage

The web Service uses an authenticated session cookie to keep you signed in for same-origin requests. The web Service also uses browser local storage or session storage for limited client-side functions such as launch tokens, color mode, and tenant-display preferences. Disabling cookies or browser storage may impair Service functionality.

6. Precise Location, Mileage, and Tracking Features

Certain features may collect or process precise or near-precise location data for time, mileage, project, or notification-related functions when enabled by you or your device permissions. You are responsible for ensuring that you have provided all legally required notices and obtained all necessary consents for workforce or other user location tracking and device-based monitoring.

7. Passkeys and Push Notifications

The Service may support passkeys and push notifications. The Service stores public-key passkey credentials and related metadata, not your device biometric template. Push notification support may require storage of device identifiers, push tokens, time zone data, notification preferences, and delivery records.

8. How We Disclose Information

We may disclose information to service providers, infrastructure providers, AI providers, mapping and geocoding providers, parcel-data providers, notification providers, security providers, professional advisers, law enforcement, regulators, courts, or transaction counterparties as reasonably necessary to operate the Service, comply with law, protect rights, or complete a corporate transaction.

9. Current Third-Party Service Providers and Data Sources

  • Oracle Cloud Infrastructure for hosting, storage, networking, backup, and disaster-recovery operations.
  • OpenAI for AI and language-model processing used in Service features.
  • Google Maps Platform and related Google APIs for address validation, geocoding, places, and related mapping functions.
  • Esri ArcGIS services and U.S. Census geocoding services for parcel, address, or location-related functions.
  • OpenStreetMap tile services for map tile rendering.
  • Apple services for passkeys and push notification delivery.
  • Google Fonts and diagrams.net / draw.io for interface and diagramming-related functionality.

10. Sale or Sharing

We do not sell personal information for money. We do not use customer data for cross-context behavioral advertising. We may disclose data to service providers and processors strictly for business and operational purposes described in this Privacy Policy.

11. Retention

We retain data for as long as reasonably necessary to provide the Service, maintain the account relationship, comply with law, resolve disputes, enforce agreements, and maintain security and audit records. Different categories may have different retention periods.

Backups and disaster-recovery copies may be retained for up to 30 days in two cloud infrastructure regions. If non-payment continues for 14 calendar days after the due date, Service access is subject to termination, and the affected tenant's data is scheduled for purge so that active and backup copies are intended to be purged by day 30 from the original non-payment date, except to the extent law requires preservation or a specific legal hold applies.

During an active subscription, and during any limited post-suspension window that Provider elects to make available before a non-payment termination takes effect, the tenant default administrator may be able to download a tenant-scoped customer-data export from the account area of the Service. Those exports are intended to provide portable access to customer records in a structured format, but they may omit or redact password hashes, session tokens, push tokens, transient authentication challenges, and similar security-sensitive material.

12. Security

We use administrative, technical, and organizational measures intended to protect data appropriate to the nature of the Service. No system is perfectly secure, and we cannot guarantee absolute security. We may comply with applicable legal obligations regarding security-incident investigation and notice.

13. State Privacy Rights

To the extent required by applicable U.S. privacy law, eligible individuals may have rights to request access, correction, deletion, portability, or appeal of certain decisions regarding personal information. We will not unlawfully discriminate for exercising rights provided by applicable law.

Requests may be submitted to privacy@lbcassist.com. We may require reasonable verification before acting on a request and may limit our response where permitted by law, including where rights do not apply to business-to- business records, employee records, security records, or other exempt data.

14. California-Specific Disclosures

For California users, this Privacy Policy is intended to function as our public privacy notice and notice at collection to the extent required by California law. We collect identifiers, commercial information, internet or network activity, geolocation data, professional or employment-related information, and other information described above for the business purposes described in this Privacy Policy.

15. Children

The Service is not directed to children under 13 and is not intended for minors. Do not use the Service if you are under 18. If you believe a child has provided information to the Service, contact us so we can review and delete it where appropriate.

16. Changes

We may update this Privacy Policy from time to time. The current version will be posted in the Service with an updated version number or effective date.