Privacy Policy

This Privacy Policy explains how Grizzly Asset Holdings Inc. collects, uses, discloses, stores, and deletes personal information in connection with GrizzlyRadar and LeaseProtect.

It is written to reflect the actual operation of the service, including account creation, verified-email checkout, payment processing, uploaded lease analysis, AI-generated outputs, refund workflows, referral tracking, and short retention windows for lease files and report artifacts.

Depending on how you use GrizzlyRadar, we may collect personal information that you provide directly, information generated through your use of the service, and limited information received from service providers involved in operating the platform.

We use personal information to operate, secure, maintain, and improve GrizzlyRadar. That includes authenticating users, protecting accounts, verifying purchases, generating outputs, managing report access, administering referrals, handling refunds, responding to support requests, preventing misuse, and meeting legal, accounting, and operational obligations.

We may also use contact information to send transactional and service-related messages, such as verification emails, purchase confirmations, account notices, deletion workflow notices, and support responses. If you opt in, we may also send product updates and service emails.

We collect and use personal information with your consent, to provide the services you request, to complete transactions you initiate, to secure the platform, and to comply with legal obligations.

In practical terms, that means we use your information because you created an account, uploaded a lease, asked us to generate an output, made or attempted a purchase, requested support or a refund, or otherwise interacted with the service in a way that reasonably requires processing.

When you create or use an account, we process authentication and security information such as login sessions, password reset events, email verification tokens, IP addresses, device or browser user-agent data, and rate-limit or abuse-prevention records.

Verified email is required before checkout so the service can connect purchases and entitlement recovery to the correct account.

When you upload a lease or generate a report, we process the lease file, extracted text, derived analysis fields, generated outputs, and related operational metadata needed to deliver the service.

Uploaded lease files and generated report artifacts are deleted within 24 hours. This short retention rule is part of the product design. Some related account, entitlement, refund, and operational records may remain after that deletion window because they are needed to maintain account history, auditability, security, or legal compliance.

Payment processing is handled by Stripe. We do not store full payment card numbers in the GrizzlyRadar application database.

We do store transaction-related information needed to confirm purchases, deliver entitlements, investigate payment issues, evaluate refunds, and maintain accounting and operational records. That may include Stripe customer identifiers, checkout session identifiers, payment intent identifiers, product type, price, currency, entitlement status, and refund workflow data.

If you use or share referral links or codes, we may collect referral codes, anonymous session linkage, attribution records, and related purchase or entitlement data so that the referral system can operate and abuse can be reviewed.

GrizzlyRadar uses cookies or similar session technologies to maintain login state, CSRF protection, basic account security, and continuity across requests. We may also store limited local state needed to support product workflows, such as temporary browsing context or interface state.

These technologies are used primarily for service operation and security rather than third-party advertising.

We retain personal information only for as long as reasonably necessary for the purposes described in this Policy, unless a longer retention period is required or permitted by law.

Lease files and generated report artifacts are deleted within 24 hours. Account deletion requests trigger a delayed purge workflow for account-linked private data. Some financial, entitlement, fraud-prevention, policy acceptance, security, or other operational records may be retained longer where required by law or where reasonably necessary for legitimate business purposes such as dispute handling, auditability, or enforcing our terms.

We use administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, use, disclosure, alteration, and loss. This includes access controls, session controls, and encrypted storage for sensitive artifacts where applicable within the system architecture.

No method of transmission or storage is perfectly secure, and we cannot guarantee absolute security.

We use service providers to help operate GrizzlyRadar. Current processors and service-provider categories may include Stripe for payment processing, the configured email delivery provider for transactional and service email, and infrastructure or storage providers used to host and run the service.

We expect service providers to process information on our behalf for authorized business purposes, subject to contractual and operational controls we consider appropriate in the circumstances.

We do not sell personal information.

Depending on the location of GrizzlyRadar, Stripe, email providers, hosting providers, or other service providers, your information may be processed or stored outside your province, territory, or country.

When information is processed in another jurisdiction, it may be subject to the laws of that jurisdiction and may be accessible to courts, regulators, or law-enforcement authorities in accordance with applicable law.

Subject to applicable law, you may request access to personal information we hold about you, ask us to correct inaccurate information, or request deletion of certain account-linked information.

We may need to verify your identity before acting on a request. We may also retain information that we are legally required to keep or reasonably need for legitimate business purposes such as fraud prevention, financial recordkeeping, or dispute resolution.

We may update this Privacy Policy from time to time to reflect changes in the service, legal requirements, or operational practices. The updated Policy will take effect when posted unless we state a later effective date.

For privacy questions, access requests, correction requests, or deletion requests, contact Grizzly Asset Holdings Inc. at support@grizzlyassetholdings.com.