Privacy Policy
Last updated: May 28, 2026
1. Who We Are
TradeHound (“we”, “us”, “our”) operates the permit lead platform at tradehound.ca. This policy explains how we collect, use, and protect your personal information in compliance with Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy legislation.
2. Information We Collect
Account information
When you register, we collect your name, email address, and optionally your business name. If you sign in with Google, we receive only the information your Google account shares (name and email).
Business profile
To use the postcard mailing feature, you may optionally provide your business mailing address (street, city, province, postal code). This is used solely as the return address on postcards you send.
Payment information
Subscription payments are processed by Stripe. We do not store your credit card number, CVV, or full card details on our servers. We store only a Stripe customer ID so we can manage your subscription.
Usage data
We collect standard server logs (IP address, browser type, pages visited, timestamps) and application error data via Sentry. This is used to operate and improve the service.
Permit data
The permit addresses and property information displayed on TradeHound are sourced from publicly available municipal open data portals. This is not personal information we collect from you — it is public government data that we index.
3. How We Use Your Information
- To create and maintain your account
- To process subscription payments via Stripe
- To send you the daily permit digest email (you can opt out at any time)
- To send transactional emails (password resets, billing receipts)
- To send physical postcards on your behalf when you use the postcard feature
- To monitor application errors and performance
- To comply with legal obligations
We do not sell your personal information to any third party. We do not use your information for advertising or behavioral profiling.
4. Third-Party Service Providers
We share limited information with the following service providers solely to operate the platform:
| Provider | Purpose | Data shared |
|---|---|---|
| Stripe | Payment processing | Name, email, billing info |
| Resend | Transactional + digest email | Name, email address |
| Lob.com | Postcard mailing (if used) | Your return address, recipient address |
| Sentry | Error monitoring | Anonymized error logs, session replay |
| Anthropic | AI trade tag extraction | Permit work descriptions (public data only) |
All providers are required to protect your information in accordance with applicable privacy law. Stripe is PCI-DSS Level 1 certified.
5. Email Communications
By creating an account, you consent to receive transactional emails (account confirmations, password resets, billing receipts). These cannot be opted out of while your account is active.
The daily permit digest email is optional. You may opt out at any time by:
- Clicking the one-click unsubscribe link at the bottom of any digest email
- Visiting Account → Preferences and disabling “Daily digest”
6. Data Retention
- Account data is retained while your account is active and for 90 days after deletion.
- Billing records are retained for 7 years as required by Canadian tax law.
- Error logs are retained for 30 days.
- Permit data is public government data and is retained indefinitely for historical analysis.
7. Data Security
We use industry-standard security practices: encrypted database connections (TLS), bcrypt password hashing, HTTPS-only access, and access controls limiting who on our team can view user data. No security system is perfect — if you discover a vulnerability, please report it to [email protected].
8. Your Rights Under PIPEDA
You have the right to:
- Access — request a copy of the personal information we hold about you
- Correction — request corrections to inaccurate information
- Withdrawal of consent — withdraw consent for non-essential uses of your data
- Deletion — request deletion of your account and personal data (subject to legal retention obligations)
To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.
9. Cookies
We use only essential session cookies required to keep you logged in. We do not use advertising cookies, tracking pixels, or third-party analytics cookies (e.g. Google Analytics).
10. Children
TradeHound is not directed at children under 18. We do not knowingly collect personal information from minors.
11. Changes to This Policy
We may update this policy from time to time. Material changes will be communicated by email at least 14 days before they take effect. The “Last updated” date at the top of this page always reflects the current version.
12. Contact
Privacy questions or requests: [email protected]