Effective Date: February 16, 2026
Last Updated: February 16, 2026
Everre LLC (“Everre,” “we,” “us,” or “our”), an Illinois limited liability company, operates the Everre platform located at everre.co (the “Service”). This Privacy Policy describes how we collect, use, disclose, and protect your information when you use the Service.
By accessing or using the Service, you consent to the practices described in this Privacy Policy. If you do not agree with this Privacy Policy, please do not use the Service.
| Category | Data Elements |
|---|---|
| Account Information | Full name, email address, password (hashed), company name, job title |
| Organization Data | Organization name, team structure, user roles and permissions |
| Contact Records | Names, phone numbers, email addresses, business addresses, LinkedIn profiles, company affiliations, and other contact details for individuals and companies you add to the CRM |
| Property Data | Property addresses, identification numbers (PINs), ownership records, valuations, tax information, financial metrics, rent rolls, and transaction details |
| Financial Information | Deal pricing, underwriting models, financing scenarios, cap rates, and comparable analyses |
| Documents & Files | Uploaded documents (PDF, Word, Excel, PowerPoint, images), presentations, contracts, and other files (up to 100 MB per file) |
| Email Content | Email messages, templates, and campaign content that you compose within or sync to the Service |
| Digital Signatures | Signature images, signer names, email addresses, IP addresses, timestamps, and cryptographic audit trails |
| AI Training Materials | Brand reference documents, presentations, and images uploaded for AI brand training |
| Website Content | Property descriptions, images, layouts, and custom domain information for websites you publish through the Service |
| Payment Information | Billing address and payment method details (processed and stored by Stripe; we do not directly store credit card numbers) |
| Category | Data Elements |
|---|---|
| Usage Data | Features accessed, actions taken, timestamps, frequency of use, and interaction patterns |
| Device Information | Browser type, operating system, device type, screen resolution |
| Log Data | IP addresses, access timestamps, referring URLs, error logs |
| Email Tracking Data | Email open timestamps, link click events, and approximate geolocation derived from IP addresses of email recipients |
| Source | Data |
|---|---|
| Google OAuth | Name, email address, profile picture (when you sign in with Google) |
| Gmail / Outlook | Email messages, headers, attachments, and metadata from connected email accounts (with your authorization) |
| Public Records | Property ownership records, tax assessments, and transaction data from public county and government sources |
We use the information we collect for the following purposes:
| Purpose | Legal Basis |
|---|---|
| Provide, operate, and maintain the Service | Contract performance |
| Process subscription payments and billing | Contract performance |
| Sync and manage email communications on your behalf | Contract performance; your consent |
| Process and store electronic signature transactions | Contract performance |
| Generate AI-powered content, analyses, and recommendations | Contract performance |
| Train AI models on your brand materials (for your organization only) | Contract performance; your consent |
| Publish property websites on your behalf | Contract performance |
| Send transactional emails (account verification, password resets, notifications) | Contract performance |
| Improve, personalize, and develop new features | Legitimate interest |
| Monitor for security threats and enforce our Terms of Service | Legitimate interest |
| Comply with legal obligations | Legal obligation |
| Generate aggregate, de-identified analytics about Service usage | Legitimate interest |
We do not sell your personal information. We do not use your data for targeted advertising. We do not share your data with data brokers.
We share your information only in the following circumstances:
We engage third-party companies to perform services on our behalf. These providers are contractually obligated to use your data only as necessary to provide their services to us and are bound by confidentiality obligations.
| Provider | Service | Data Shared |
|---|---|---|
| Supabase | Database hosting, authentication, file storage | All application data (encrypted at rest and in transit) |
| Vercel | Frontend application hosting | Server logs, IP addresses |
| Stripe | Payment processing | Billing details, payment method information |
| Google (Gemini AI) | AI content generation, document analysis | User prompts, document contents submitted to AI features |
| Anthropic (Claude) | AI content generation, document analysis | User prompts, document contents submitted to AI features |
| OpenAI (GPT) | AI content generation | User prompts, document contents submitted to AI features |
| Google (Gmail API) | Email integration | Email content, headers, attachments (with your OAuth authorization) |
| Microsoft (Outlook API) | Email integration | Email content, headers, attachments (with your OAuth authorization) |
| Resend | Transactional email delivery | Recipient email addresses, email content for system notifications |
| Cloudflare | Website hosting, DNS, CDN | Published website content, custom domain DNS records |
| Mapbox | Map services | Property coordinates and addresses |
Data you enter into the Service is accessible to other authorized users within your organization based on their role and permissions. Organization Administrators have broad access to organizational data.
When you invite external parties to your client portal, they may access deal-specific information that you have chosen to share, including documents, financials, and contact information related to that deal.
Content you publish on property websites through the Service is publicly accessible on the internet. This includes property descriptions, photos, contact forms, and any other content you choose to include.
We may disclose your information if required to do so by law, regulation, legal process, or governmental request, or when we believe in good faith that disclosure is necessary to: (a) comply with a legal obligation; (b) protect our rights, property, or safety, or the rights, property, or safety of others; (c) investigate fraud or respond to a government request; or (d) enforce our Terms of Service.
In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you via email or a prominent notice on the Service of any change in ownership or uses of your personal information.
When you use AI-powered features, your data may be processed by third-party AI providers as described in Section 3.1. Important details about AI data processing:
| Cookie / Technology | Type | Purpose | Duration |
|---|---|---|---|
| Supabase auth tokens | Essential | User authentication and session management | Session / 30 days |
| Theme preference | Functional | Remember your light/dark mode preference | Persistent |
| Google OAuth | Essential | Single sign-on authentication flow | Session |
| Stripe | Essential | Secure payment processing | Session |
We do not use advertising or marketing cookies. We do not use third-party analytics services such as Google Analytics. All usage analytics are collected internally through our own systems.
When our users send emails through the Service, those emails may contain a small transparent image (a “tracking pixel”) that records when the email is opened and links that track click activity. This tracking is initiated by our users, not by Everre directly. If you receive an email from an Everre user and wish to avoid tracking, you may disable image loading in your email client.
| Data Type | Retention Period |
|---|---|
| Account information | Duration of account + 30 days after deletion |
| User Content (files, documents, presentations) | Duration of account; deleted within 30 days of account closure |
| Email data (synced emails) | Duration of email account connection + 30 days after disconnection |
| Signature audit trails | 7 years (for legal compliance purposes) |
| Payment records | As required by tax and financial regulations (typically 7 years) |
| Server logs | 90 days |
| Backup copies | Up to 30 days after source data deletion |
When you delete data within the Service, it is marked for deletion and removed from active systems promptly. Backup copies may persist for up to 30 additional days before being permanently purged.
We implement industry-standard technical and organizational measures to protect your data, including:
While we strive to protect your information, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security.
Regardless of your location, you have the right to:
To exercise these rights, contact us at privacy@everre.co. We will respond to verifiable requests within 45 days.
If you are a California resident, you have additional rights under the California Consumer Privacy Act (“CCPA”) as amended by the California Privacy Rights Act (“CPRA”):
To submit a CCPA/CPRA request, contact us at privacy@everre.co or call us at the number listed in Section 14. We will verify your identity before processing your request. You may designate an authorized agent to make a request on your behalf.
Residents of Colorado, Connecticut, Virginia, Utah, Texas, Oregon, Montana, and other states with consumer privacy laws may have similar rights to those described in Section 8.2. To exercise your rights under applicable state privacy law, contact us at privacy@everre.co.
If you are located outside the United States, please note that your data is transferred to and processed in the United States, where our servers and service providers are located. By using the Service, you consent to this transfer. If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, data transfers are conducted in accordance with applicable data protection laws.
The Service is a business-to-business platform designed for commercial real estate professionals. It is not directed to individuals under the age of 18. We do not knowingly collect personal information from anyone under 18. If we become aware that we have collected personal information from a minor, we will take steps to delete that information promptly. If you believe that a child has provided us with personal information, please contact us at privacy@everre.co.
The Service may contain links to third-party websites or services that are not owned or controlled by Everre. We are not responsible for the privacy practices of third-party websites. We encourage you to review the privacy policies of any third-party service you access through or in connection with the Service.
In the event of a data breach that compromises the security, confidentiality, or integrity of your personal data, we will notify affected users and applicable regulatory authorities as required by law. Notification will be provided via email and/or a prominent notice on the Service without unreasonable delay.
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on the Service with a revised “Last Updated” date and, for significant changes, by sending an email notification to the address associated with your account at least 30 days before the changes take effect. Your continued use of the Service after the updated Privacy Policy becomes effective constitutes your acceptance of the changes.
Some browsers transmit “Do Not Track” (DNT) signals. Because there is no industry standard for how to respond to DNT signals, we do not currently respond to them. However, as stated above, we do not use third-party advertising or marketing tracking technologies.
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Everre LLC
Email: privacy@everre.co
For CCPA/CPRA requests or formal privacy complaints, you may also contact us at the email address above with the subject line “Privacy Request.”