Privacy Policy

1. Overview

This Privacy Policy describes how Searcherbase LLC ("Searcherbase," "we," "us," or "our") collects, uses, discloses, and protects information in connection with the Searcherbase website, applications, APIs, and related services (collectively, the "Service"). By accessing or using the Service, you agree to the practices described in this Privacy Policy. If you do not agree, do not use the Service.

2. Information We Collect

Information you provide to us. We collect information you submit directly, including:

• Account information such as your name, email address, and company name
• Billing information processed by our payment processor, Stripe. Stripe handles card details directly; we receive limited billing metadata (such as the last four digits, card brand, billing country, subscription status, and transaction identifiers) but do not receive or store full payment card numbers on our servers
• Communications you send us, including support requests, feedback, and suppression or rights requests
• Content you create in the Service, such as saved searches, watchlists, filters, and notes

Information collected automatically. When you use the Service, we and our service providers automatically collect:

• Device and log data, including IP address, browser type, operating system, referring pages, pages visited, session identifiers, and timestamps
• Usage data, including features used, searches performed, filters applied, records viewed, and exports generated
• Cookies, local storage, and similar technologies (see "Cookies and Tracking Technologies" below)
• Security signals from Cloudflare Turnstile, which helps us distinguish humans from automated traffic at sign-in and on sensitive actions

Information from third parties. We receive limited information about you from the providers that help us operate the Service, including payment confirmation and subscription status from Stripe, authentication events from Supabase, and product analytics events from PostHog.

Sensitive personal information. We do not intentionally collect sensitive categories of personal information as defined under applicable law, including government-issued identifiers (such as Social Security numbers, driver's license numbers, or passport numbers), precise geolocation, financial account credentials, account passwords other than those used to access the Service, biometric data, health information, racial or ethnic origin, religious or philosophical beliefs, union membership, genetic data, or data concerning sexual orientation. Please do not submit sensitive information to us.

Business records data. The Service makes available a compiled dataset of approximately 1.5 million business entities sourced from publicly available government filings, including Secretary of State business registrations, Uniform Commercial Code (UCC) filings, and similar public datasets. We are the publisher of this compiled dataset; we are not the original source of the underlying public records. The dataset describes businesses and, to the extent disclosed in those public records, may reference principals, officers, members, or registered agents of those businesses.

3. Categories of Personal Information

For purposes of the California Consumer Privacy Act, as amended by the California Privacy Rights Act (together, the "CCPA"), in the twelve months preceding the date of this policy we have collected the following categories of personal information:

• Identifiers (name, email address, account identifier, IP address) — collected from you and automatically. Used to provide the Service, authenticate you, and communicate with you.
• Customer records information (billing name, address, and payment metadata returned by Stripe) — collected from you through Stripe. Used to process payments and manage your subscription.
• Commercial information (subscription history, transactions, usage quotas such as export counts) — collected automatically. Used to bill, support, and administer your account.
• Internet or other network activity (pages visited, features used, search queries, exports, session logs) — collected automatically. Used to operate, secure, and improve the Service.
• Geolocation data (approximate location inferred from IP address; we do not collect precise GPS location) — collected automatically. Used for security, fraud prevention, and analytics.
• Professional or employment-related information (company name you provide; principal, officer, or registered-agent designations disclosed in public business records) — collected from you and from public government filings. Used to deliver the business-records component of the Service.
• Inferences drawn from the categories above to administer the Service, detect abuse, and improve search relevance.

4. How We Use Information

We use the information we collect to:

• Provide, operate, maintain, and improve the Service
• Authenticate users, process payments through Stripe, and manage subscriptions
• Send transactional messages, including security alerts, service updates, receipts, and billing notices
• Respond to inquiries, provide customer support, and process rights and suppression requests
• Monitor and analyze usage, diagnose technical issues, enforce usage limits, and prevent fraud, abuse, and automated scraping
• Send marketing communications where permitted by law (you may opt out at any time using the unsubscribe link in any marketing email)
• Comply with legal obligations, respond to lawful requests, and enforce our Terms of Service

5. How We Share Information

We do not sell your personal information for money, and we do not share your personal information with third parties for cross-context behavioral advertising, as those terms are defined under the CCPA. We share information only as described below:

• Service providers. We share information with vendors that perform services on our behalf under contractual confidentiality and data-protection obligations. Our current core providers include: Vercel (website hosting and content delivery); Supabase (managed authentication, database, and object storage); Stripe (payment processing and subscription management); PostHog (product analytics); Cloudflare (Turnstile bot protection and network security); and our transactional email provider (delivery of account, receipt, and support messages).
• Legal and safety. We may disclose information to comply with applicable law, legal process, or enforceable governmental request; to enforce our agreements; or to protect the rights, property, or safety of Searcherbase, our users, or others.
• Business transfers. If we are involved in a merger, acquisition, financing, or sale of all or part of our business or assets, information may be transferred as part of that transaction, subject to reasonable confidentiality arrangements.
• With your consent. We may share information for any other purpose disclosed at the time of collection or with your consent.

6. Cookies and Tracking Technologies

We and our service providers use cookies, local storage, and similar technologies for three purposes: (a) strictly necessary operation of the Service, including session management, load balancing, and security; (b) preference storage, such as remembering your filters and UI settings; and (c) analytics, primarily through PostHog, to understand aggregate feature usage and improve the product. We do not use third-party advertising cookies and we do not participate in cross-context behavioral advertising networks. You can control cookies through your browser settings. Blocking strictly necessary cookies may prevent parts of the Service from functioning.

7. Data Security

We implement administrative, technical, and physical safeguards designed to protect information from unauthorized access, disclosure, alteration, and destruction. These include encryption of data in transit using TLS, role-based access controls, database row-level security provided by our managed database platform, limited employee access on a need-to-know basis, and routine security review of our code and infrastructure. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

8. Data Retention

We retain personal information for as long as your account is active and for a reasonable period thereafter, or as needed to provide the Service, comply with our legal, tax, and accounting obligations, resolve disputes, and enforce our agreements. Backup copies and aggregated or de-identified data may be retained for longer periods.

You may request deletion of your account information by contacting us at privacy@searcherbase.app. Upon verified request, we will delete or de-identify personal information we hold about you, except where retention is required or permitted by law (for example, to complete a transaction, detect or prevent fraud, or comply with tax or other legal obligations).

9. Your Rights and Choices

Depending on your jurisdiction, you may have rights with respect to your personal information, including the right to:

• Access or obtain a copy of your personal information
• Correct inaccurate or incomplete information
• Request deletion of your personal information, subject to legal exceptions
• Object to or restrict certain processing
• Port your information to another service
• Opt out of marketing communications at any time

To exercise these rights, contact us at privacy@searcherbase.app. We will respond within the timeframe required by applicable law. We may need to verify your identity before acting on your request and may ask you to confirm the email address on file or to provide information sufficient to match you to a record.

10. California Residents (CCPA / CPRA)

If you are a California resident, you have the following rights under the CCPA:

• Right to know the categories of personal information we have collected, the sources, the business purposes for collection, the categories of third parties with which we have shared information, and the specific pieces of personal information we hold about you.
• Right to delete personal information we have collected from you, subject to statutory exceptions.
• Right to correct inaccurate personal information we maintain about you.
• Right to opt out of sale or sharing. We do not sell or share personal information as those terms are defined under the CCPA. You can confirm and submit a formal opt-out request at our Your Privacy Choices page.
• Right to limit use of sensitive personal information. We do not collect or use sensitive personal information for purposes that trigger the right to limit under the CCPA.
• Right to non-discrimination. We will not deny the Service, charge different prices, or provide a different level of quality because you exercised a CCPA right.

To submit a verifiable consumer request, email privacy@searcherbase.app with the subject line "CCPA Request" and include your full name, the email associated with your account (if any), and enough detail to allow us to locate responsive information. We may ask for additional information to verify your identity. An authorized agent may submit a request on your behalf by providing written permission signed by the consumer and sufficient proof of the agent's authority; we may contact the consumer directly to confirm.

11. EU, UK, and Swiss Residents

If you are located in the European Economic Area, the United Kingdom, or Switzerland, the General Data Protection Regulation, the UK GDPR, or the Swiss Federal Act on Data Protection applies to our processing of your personal information. The legal bases on which we rely are:

• Performance of a contract when we provide the Service to you pursuant to our Terms of Service
• Legitimate interests in operating, securing, improving, and marketing the Service, and in publishing a compiled dataset derived from public government records, balanced against your interests and rights
• Consent where required by applicable law, such as for certain cookies and marketing communications
• Compliance with legal obligations to which we are subject

You have the rights of access, rectification, erasure, restriction of processing, objection to processing, and data portability, and the right to withdraw consent where processing is based on consent. You also have the right to lodge a complaint with your local supervisory authority.

Searcherbase is operated from the United States. Where we transfer personal information from the EEA, the United Kingdom, or Switzerland to the United States or to any other country that has not been deemed to provide an adequate level of protection, we rely on the European Commission's Standard Contractual Clauses (together with the UK International Data Transfer Addendum where applicable) as the transfer mechanism with our subprocessors.

12. Automated Decision-Making

We do not use your personal information to make decisions that produce legal or similarly significant effects concerning you based solely on automated processing, including profiling. Search ranking, feature personalization, and anti-abuse signals do not, in our view, produce such effects.

13. Business Records and Public Data — Suppression Requests

Our business-records dataset is compiled from publicly available government filings and similar public sources. If you are an individual whose information appears in these public records (for example, as a principal, officer, or registered agent of a business) and you wish to request correction or suppression of specific records from our Service, please contact us at privacy@searcherbase.app with the subject line "Records Suppression Request" and include: (a) your full name as it appears in the record, (b) the exact business name or filing identifier, (c) the jurisdiction, and (d) the basis for the request. We will review each request and respond in accordance with applicable law, generally within 30 days. Note that we are not the authoritative source of the underlying public record; suppression from our Service does not remove the record from the government filing from which it originated.

14. Children's Privacy

The Service is not directed to children under 16, and we do not knowingly collect personal information from children under 16. If you believe a child has provided us with personal information, please contact us and we will take appropriate steps to delete it.

15. International Users

Searcherbase is operated from the United States. If you access the Service from outside the United States, your information will be transferred to, stored, and processed in the United States, where data protection laws may differ from those of your jurisdiction. By using the Service, you consent to this transfer.

16. Third-Party Links and Services

The Service may contain links to third-party websites, including links to source government filings and similar public records. We are not responsible for the privacy practices or content of those third-party sites. This Privacy Policy applies only to the Service.

17. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be indicated by updating the "Last updated" date at the top of this page and, where appropriate, by additional notice (such as an email to the address on your account). Your continued use of the Service after changes take effect constitutes acceptance of the updated policy.

18. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us at:

Searcherbase LLC
418 Broadway, STE N
Albany, NY 12207, USA
Email: privacy@searcherbase.app