Privacy Policy
Effective date: March 9, 2026 · Last updated: March 9, 2026
MALCO LLC, doing business as InspectionTriage (“we,” “us,” “our”), respects your privacy. This policy describes what information we collect when you use inspectiontriage.com (the “Service”), how we use it, who we share it with, and your rights.
1. Information You Provide
- Email address — used to associate your submission and as the customer email for Stripe Checkout
- ZIP code or state — used to localize cost estimates to your region
- Home inspection PDF — uploaded for AI analysis
- Contact form messages — name (optional), email, and message body
- Feedback submissions — text you submit through the in-app feedback button
2. Payment Information
Payments are processed entirely by Stripe. We do not receive, process, or store your credit card number or full payment details.
From Stripe, we receive and store: the checkout session ID, payment intent ID, payment status, and the timestamp of successful payment. This information is used to verify your purchase and trigger your analysis.
3. Information Collected Automatically
When you visit InspectionTriage, we may collect:
- Cookies:
lp_variant(A/B test landing-page variant, 1 year, SameSite=Lax) andit_utm(campaign attribution parameters, 90 days, SameSite=Lax) - Local storage:
it_utm(same UTM parameters, persists until cleared) - UTM parameters: utm_source, utm_medium, utm_campaign, utm_term, utm_content, and gclid when present in the URL
- Bot protection: Cloudflare Turnstile verification token and your IP address, used solely for CAPTCHA validation
- Server logs: standard request logs collected by our hosting provider (Vercel)
4. Analytics
When configured, we use Google Tag Manager to track page views and interaction events (such as CTA clicks, upload starts, and analysis completions). These events include your landing-page variant and UTM parameters but do not include your email, PDF content, or analysis results.
We do not use cookies for advertising purposes.
5. How We Use Your Information
- Generate your AI-powered Decision Packet from your uploaded inspection report
- Process your payment via Stripe
- Deliver your results and enable PDF/CSV downloads
- Respond to support or contact-form inquiries
- Improve the Service using aggregate, non-identifying analytics
- Prevent abuse through rate limiting and CAPTCHA verification
6. Third-Party Services
We share data with the following processors to operate the Service:
| Service | Data shared | Purpose |
|---|---|---|
| OpenAI | Extracted PDF text and page images | AI analysis and OCR |
| Supabase | Email, ZIP, PDF file, analysis results | Database and file storage |
| Stripe | Customer email, submission ID | Payment processing |
| Cloudflare | Verification token, IP address | Bot protection (Turnstile CAPTCHA) |
| Vercel | Request logs, application code | Hosting and serverless functions |
| Google Tag Manager | Page views, interaction events | Analytics (when configured) |
| GitHub | Feedback message text | Feedback collection (when configured) |
We do not sell your personal data to any third party.
7. Cookies & Tracking Technologies
| Name | Purpose | Duration | Type |
|---|---|---|---|
lp_variant | A/B test landing-page variant | 1 year | Cookie |
it_utm | Campaign attribution | 90 days | Cookie |
it_utm | Campaign attribution | Until cleared | localStorage |
We do not use advertising cookies. Analytics scripts load only when a Google Tag Manager container is configured.
8. Data Retention
We retain your uploaded PDF and analysis results for a limited period to provide the Service and allow you to access your Decision Packet. We are working toward automated retention policies that will delete uploaded PDFs and result data on a rolling basis, but these automated processes are not yet active.
Uploads associated with unpaid or expired checkout sessions are cleaned up within 24 hours.
You may request deletion of your data at any time by emailing hello@inspectiontriage.com. We will process deletion requests within a reasonable timeframe.
9. Data Security
We take reasonable measures to protect your information, including:
- All data transmitted over HTTPS
- Uploaded PDFs stored in a private storage bucket (not publicly accessible)
- CAPTCHA protection on submission endpoints (Cloudflare Turnstile)
- Rate limiting on API endpoints
- No personally identifiable information in analytics or error logs
No method of transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.
10. Your Rights
You may:
- Request deletion of your uploaded PDF and analysis results
- Request a copy of the personal data we hold about you
- Opt out of analytics by disabling cookies or JavaScript in your browser, or by using browser privacy tools
To exercise any of these rights, contact us at hello@inspectiontriage.com or through our Contact page.
11. California & State Privacy Rights
If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with additional rights, including:
- The right to know what personal information we collect and how it is used
- The right to request deletion of your personal information
- The right not to be discriminated against for exercising your privacy rights
We do not sell personal information. To exercise these rights, contact us using the information in Section 14.
12. Children’s Privacy
InspectionTriage is not directed at anyone under 18 years of age. We do not knowingly collect personal information from minors. If you believe a minor has provided us with personal data, please contact us and we will promptly delete it.
13. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with a revised “Last updated” date. We encourage you to review this page periodically.
14. Contact
Questions about this Privacy Policy or your data? Reach us at hello@inspectiontriage.com or visit our Contact page.