Privacy Policy

Last updated: February 27, 2026

PermitKeep ("we," "our," or "us") operates the PermitKeep mobile application and the permitkeep.app website. This Privacy Policy explains how we collect, use, and protect your information.

Information We Collect

We collect information you provide directly when using PermitKeep:

• Account information: Name, email address, and business name when you create an account.
• Permit data: Permit names, numbers, issuing authorities, dates, and photos you upload for tracking.
• Team information: Names and contact details of team members you add to your organization.
• Waitlist information: Email address when you sign up for our waitlist.
• Device information: Device type, operating system version, and push notification tokens for delivering reminders.

How We Use Your Information

We use your information to:

• Provide and maintain the PermitKeep service, including permit tracking, reminders, and inspector share links.
• Process permit photos using optical character recognition (OCR) to extract permit details.
• Send push notifications for permit renewal reminders you've configured.
• Communicate with you about your account, updates, and new features.
• Improve and develop our service.

OCR Processing

When you scan a permit, the photo is uploaded to our secure storage and processed using Google Cloud Vision API to extract text. The extracted text is used to populate permit fields in your account. Raw OCR data is stored alongside your permit record for accuracy verification. Photos are stored securely and are only accessible to members of your organization.

Inspector Share Links

When you generate an inspector share link, a public URL is created that displays your permit binder information (permit names, numbers, issuing authorities, and expiration dates). This link is accessible to anyone with the URL or QR code. You can deactivate share links at any time, and optionally protect them with a PIN.

Data Storage and Security

Your data is stored securely using Supabase, hosted on AWS infrastructure in the United States. We use row-level security to ensure each organization can only access its own data. All data is transmitted over HTTPS. Permit photos are stored in encrypted cloud storage accessible only to your organization members and our OCR processing service.

Third-Party Services

We use the following third-party services:

• Supabase: Database, authentication, and file storage.
• Google Cloud Vision: OCR text extraction from permit photos.
• Apple Push Notification Service (APNs): Delivering push notifications to your iOS device.
• Vercel: Hosting our website.

Data Retention

We retain your data for as long as your account is active. If you delete your account, we will delete your data within 30 days, except where we are required to retain it for legal or regulatory purposes. Waitlist email addresses are retained until we launch and you either create an account or request removal.

Your Rights

You have the right to:

• Access, update, or delete your personal information through the app settings.
• Export your permit data.
• Opt out of non-essential communications.
• Request deletion of your account and all associated data by emailing us.

Children's Privacy

PermitKeep is designed for business use and is not intended for children under 13. We do not knowingly collect information from children.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date.

Contact Us

If you have questions about this Privacy Policy, email us at privacy@permitkeep.app.