Privacy Policy

Effective Date: April 2026

1. Introduction to Izoah's Privacy Practices

Welcome to Izoah ("we," "our," or "us"). We are an impact window and door contractor operating in Florida. We respect your privacy and are committed to protecting it through our compliance with this policy. This policy describes the types of information we may collect from you or that you may provide when you visit our website, client portal, or use our enterprise Artificial Intelligence (AI) and Customer Relationship Management (CRM) services.

2. Information We Collect

We collect several types of information from and about users of our Website and Platform, including:

• Personal Identification Information: Name, postal address, e-mail address, telephone number, and secure JWT session identifiers.
• Project and Permitting Information: Property details, architectural blueprints, Notice of Acceptance (NOA) documents, and photographs of the installation site (Takeoffs).
• AI Chat Interactions: Transcripts of conversations you hold with our AI Agents (Lyra, Nova) and internal swarm interactions, which are securely stored via Socket.io and our PostgreSQL databases to maintain context and ensure quality.

3. Data Processing and Cloud Orchestration

To provide highly accurate quotes and automate our workflows, Izoah leverages cutting-edge cloud infrastructure. When you upload documents to our portal (such as factory quotes or driver's licenses), those files may be securely passed through third-party Optical Character Recognition (OCR) and Machine Learning pipelines (such as Google Document AI or Vertex AI) purely for the purpose of data extraction and structured analysis. We do not use your documents to globally train public AI models.

4. Third-Party Marketing, Subdealers, and Meta CAPI

In addition to our internal data flows, we engage in digital marketing. We leverage platforms like Meta (Facebook/Instagram) and Google for Lead Generation. When you fill out a form via Meta Lead Ads, your data is directed to our CRM. To optimize these campaigns securely, we utilize server-side tracking via the Meta Conversions API (CAPI). This involves hashing specific contact details (like your email) using secure SHA-256 encryption before transmitting it to Meta.

Additionally, if you are working with an authorized Izoah Subdealer through a dedicated brand portal, your information will be shared with that explicit dealer to facilitate your project.

5. Data Security and Retention

Your files are stored statelessly in our S3-compatible, secure Object Storage (MinIO). All backend databases utilize rigorous Role-Based Access Control (RBAC). We will only retain your personal information for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, municipal permitting, accounting, or reporting requirements under Florida Law.