Afterplots

Legal

Privacy Policy

Last updated: May 1, 2026

This Privacy Policy describes how Afterplots ("we," "us," or "our") handles information when you visit afterplots.com, use our hosted application (the "Service"), or interact with features such as property search, neighbor workflows, landing pages, integrations, or printed mail. By using the Service, you agree to this Policy together with our Terms of Service.

1. Who this applies to

This Policy applies to visitors, account holders, and workspace team members. If you use the Service on behalf of a company, you represent that you are authorized to bind that organization to this Policy where applicable.

2. Information we collect

We collect information in the following categories, depending on how you use the Service:

2.1 Account and profile

  • Authentication and workspace data. We use hosted authentication and database services to operate accounts and store application data. This may include your email address, name, business name, business location, service descriptions, branding assets you upload, team invitations, and workspace settings you configure in the console.
  • Billing. If you purchase a paid plan or add-ons, our payment processor (Stripe) receives payment details and provides us with identifiers and subscription status needed to operate billing. We do not store full payment card numbers on Afterplots servers.

2.2 Property, neighborhood, and workflow data

  • Listings and search context. When you use property search and related features, we process queries, saved rows, listing metadata, and similar fields needed to show results and power automations you enable.
  • Neighbor and mailing workflows. When you save neighbors, build leads, create postcards, or request physical mail, we process addresses, coordinates, creative assets, and operational metadata required to fulfill those features (including interactions with print and mail partners when you use those options).
  • Enrichment and research outputs. Some workflows combine public or licensed-style property signals with model outputs to produce scores, summaries, and creative drafts. You should treat model-generated content as unverified until you confirm facts against authoritative sources before sensitive outreach.

2.3 Integrations you connect

  • Outbound webhooks and notifications. If you configure a webhook URL, Slack destination, or similar integration, we transmit the event payloads you enable (for example landing page activity or export notifications) to those endpoints according to your settings. You are responsible for securing those endpoints and for any onward processing by your vendors.
  • Secrets you store. If you store API keys, webhook secrets, or similar credentials in the Service, we treat them as confidential configuration needed to operate your workspace features.

2.4 Technical and usage data

  • Logs and diagnostics. We may collect server logs, error reports, and security signals to operate and protect the Service. We aim to minimize personally identifiable information in logs.
  • Cookies and sessions. We use cookies and similar technologies as needed for authentication sessions and core product functionality.

3. How we use information

We use information to:

  • Provide, maintain, improve, and secure the Service;
  • Authenticate users, enforce workspace roles, and prevent abuse;
  • Process payments and communicate about billing;
  • Run features you request (search, scoring, creative generation, mail preparation, webhooks, exports);
  • Comply with law and respond to lawful requests;
  • Communicate service-related notices (for example security or policy updates).

4. How we share information

We share information only as needed to operate the Service:

  • Infrastructure and subprocessors. We use cloud hosting and managed services (for example database and authentication providers) to run the product. These providers process data under agreements appropriate to their role.
  • Model and data providers. When you use AI-assisted features, prompts and relevant context may be transmitted to model providers under their terms. When you use maps, geocoding, imagery, or listing data features, requests may be sent to the relevant providers under their terms.
  • Payment processing. Stripe (or another designated processor) handles payment transactions and related customer support flows hosted by the processor.
  • Print and mail partners. If you submit physical mail jobs, production data needed to print and deliver mail is shared with the fulfillment partner you route jobs through.
  • Destinations you configure. Webhooks, CRM endpoints, Slack, and similar integrations receive payloads you enable.
  • Legal and safety. We may disclose information if required by law or if we reasonably believe disclosure is necessary to protect rights, safety, or integrity of users, the public, or the Service.

We do not sell your personal information as that term is commonly understood in U.S. state privacy laws.

If the GDPR or similar laws apply, we rely on appropriate bases such as contract (to provide the Service), legitimate interests (to secure and improve the product, balanced against your rights), consent where required (for example certain cookies or marketing where offered), and legal obligation where applicable.

6. Retention

We retain information for as long as your account is active and as needed to provide the Service, comply with law, resolve disputes, and enforce our agreements. If you delete your account or request deletion where supported, we will delete or de-identify personal information subject to legal retention requirements and legitimate backup/archival practices.

7. Security

We implement administrative, technical, and organizational measures designed to protect information. No method of transmission or storage is completely secure; you should use strong passwords, protect team access, and review integration endpoints you control.

8. Your choices and rights

Depending on your location, you may have rights to access, correct, delete, export, or restrict certain processing of your information.

  • Many profile and workspace settings can be updated directly in the console. Billing-related actions may be available through the Stripe customer portal when enabled for your account.
  • To exercise privacy rights not available in-product, contact us using the method published on afterplots.com. We may need to verify your request.

9. Children

The Service is not directed to children under 16, and we do not knowingly collect personal information from children under 16. If you believe we have collected such information, contact us and we will take appropriate steps to delete it.

10. International transfers

If you access the Service from outside the United States, you understand that your information may be processed in the United States and other countries where we or our subprocessors operate, which may have different data protection rules than your country.

11. Changes to this Policy

We may update this Policy from time to time. We will post the updated version on this page and update the "Last updated" date. Material changes may be communicated through the Service or by email where appropriate.

12. Contact

Questions about this Policy: use the contact or support option published on https://afterplots.com.