Legal

Privacy Policy

Effective September 4, 2025

AgentNook.com (“AgentNook,” “we,” “us,” or “our”) provides a real-estate CRM and deal-tracking platform (the “Service”). This Privacy Policy explains how we collect, use, disclose, and safeguard information when you visit our website and use the Service. Questions or requests: hello@agentnook.com.

1) Roles and scope

• Website visitors (AgentNook.com marketing site): we act as a data controller.
• Customer Data inside the product (e.g., contacts, deals, properties, tasks): we act as a processor/service provider under your instructions.

2) Information we collect

• Account & profile: name, email, organization, role.
• Customer Data you submit: content your team adds to the Service (e.g., contacts, deals, notes, files). Stored within your organization’s workspace and associated with user/org IDs.
• Deal financials & commissions: commission amounts and deal financials you enter for reporting and reconciliation.
• Purchases & billing: payments are processed by Stripe. We receive Stripe customer/subscription identifiers, invoice metadata, and payment outcomes; we do not store full card numbers.
• Push notifications: Apple Push Notification service (APNs) device tokens linked to your account to deliver alerts you enable.
• Device & usage: IP address, device/browser, pages viewed, timestamps, and logs. We may derive a coarse location (e.g., city/region) from IP/time zone to display local weather/time. We do not collect precise GPS location.
• Cookies: essential cookies for sign-in/session and analytics cookies on the public website only (see §8).
• Communications: support messages and survey responses.

3) How we use information

• Provide, operate, and improve the Service;
• Authenticate users, secure accounts, and prevent fraud;
• Process payments and manage subscriptions and add-ons;
• Calculate commissions and produce deal/organization reports;
• Deliver push notifications you enable;
• Localize time/weather and tailor in-product settings at a coarse level;
• Provide support, respond to inquiries, and comply with legal obligations.

Legal bases (where applicable): contract, legitimate interests (security/product improvement), consent (for website analytics cookies), and legal obligations.

4) Data security

• Traffic is protected in transit with TLS.
• Phone and email are encrypted at rest in our database.
• Hosting uses reputable providers: Supabase (database) and Vercel (application). We apply access controls and least-privilege practices.

No method of transmission or storage is 100% secure, but we take reasonable measures aligned with industry practices.

5) How we share information

• We do not sell or “share” personal information for cross-context behavioral advertising.
• We share with service providers acting on our behalf (e.g., Vercel, Supabase, Stripe; and on the public website, Google Analytics and Microsoft Clarity), bound to process per our instructions.
• We may disclose information to comply with law or protect rights, safety, or the Service.

We do not run advertising networks on the authenticated dashboard; analytics are limited to the public site.

6) International transfers

If you access the Service from outside the United States, your information may be processed in the U.S. Where required, we use appropriate safeguards for cross-border transfers (e.g., Standard Contractual Clauses). Our Data Processing Addendum includes applicable transfer mechanisms.

7) Cookies & analytics

• Essential cookies: required for sign-in/session and core functionality. Disabling them may break features.
• Analytics (website only): we use Google Analytics and Microsoft Clarity on the public website only, not on the authenticated dashboard. You can control cookies through your browser settings; if applicable, we honor Global Privacy Control (GPC) signals on the website.

8) Your choices & rights

• For Customer Data in your organization’s workspace, contact your account owner/admin.
• For website/account data, email hello@agentnook.com.
• You may unsubscribe from non-transactional emails via the link in the email.
• Depending on your location, you may have rights to access, correct, delete, or export your data, and to limit use of any sensitive personal information. We will respond as required by applicable law.

9) Data retention

• Account and billing records: retained while your account is active and as needed for legal/accounting.
• Customer Data: retained for the duration of your subscription. Upon termination or request, we delete or de-identify Customer Data from active systems within 90 days, subject to legal holds and disaster-recovery backups.
• Logs & backups: server access logs ~30 days; application logs ~90 days; encrypted backups on a rolling ~35 days schedule before purge.
• Organization context: if you are (or were) part of a team or brokerage organization, that organization retains data in its workspace for the duration of the organization’s subscription. Your individual seat cancellation does not delete organization-owned data.

10) Account deletion in the app

You can delete your account from within the app: Profile → Settings → Account → Delete Account. Deletion immediately disables access and begins removal of account data from active systems within 30 days. Organization-owned content (e.g., deals, contacts) remains with the organization per workspace policies. Certain records (e.g., billing) may be retained as required by law and in disaster-recovery backups for up to 35 days before purging.

11) Diagnostics & product usage

We do not currently collect crash logs or diagnostics tied to a user identity in the authenticated app. We may capture de-identified, aggregated performance metrics to improve stability. If we introduce identifiable diagnostics in the future, we will update this Policy and any in-app disclosures.

12) Children’s privacy

The Service is intended for professionals and is not directed to individuals under 16. If you believe a child has provided personal information, contact us so we can take appropriate action.

13) Changes to this policy

We may update this Privacy Policy. We will post updates with a new effective date and, for material changes, provide additional notice.

14) Contact

AgentNook.com
Email: hello@agentnook.com

Processor addendum

For GDPR/UK GDPR/CPRA compliance, AgentNook acts as a processor/service provider for Customer Data. Review and execute our Data Processing Addendum.