Privacy Policy

Visit Proof LLC ("Visit Proof," "we," "us," or "our") operates the VisitProof platform, accessible via our website at visitproof.com, our web application at app.visitproof.com, and our mobile applications for iOS and Android (collectively, the "Service"). The Service is a software-as-a-service (SaaS) platform designed for supervised visitation agencies and professionals operating in the family law and child welfare space.

This Privacy Policy describes how we collect, use, disclose, retain, and protect information when you access or use our Service, visit our website, or otherwise interact with us. Because our platform handles sensitive data related to family court proceedings, child welfare cases, and supervised visitation, we take our data protection responsibilities seriously.

By accessing or using the Service, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you are using the Service on behalf of a supervised visitation agency or other organization (an "Agency"), you represent that you have the authority to bind that organization to this Privacy Policy.

If you do not agree with this Privacy Policy, you must not access or use the Service.

We collect several categories of information in connection with the Service. The types of information we collect depend on your role (Agency administrator, supervisor, parent, or case worker) and how you interact with the Service.

2.1 Account and Identity Information We collect personal information you provide when creating an account or that is provided on your behalf by an Agency. This includes: full name, email address, phone number, mailing address, professional credentials (for supervisors), and organizational information (for Agencies). For parent users, this information is typically provided by the Agency managing their case.

2.2 Case and Visit Information The Service is designed to manage supervised visitation cases. In connection with this purpose, the following information may be stored on our platform: court case numbers and references, names and identifying information of parents involved in cases, names, ages, and identifying information of children who are subjects of supervised visitation cases, visit schedules, dates, times, and locations, visit progress notes and observations recorded by supervisors, visit status and outcome records, and case worker assignments and contact information.

2.3 Photographs and Videos Supervisors may capture and upload photographs and videos during supervised visits as part of their documentation responsibilities. These images and recordings may contain depictions of parents, children, and visit environments. All photographs and videos are associated with specific visit records and cases.

2.4 Location Data The Service collects precise GPS location data from supervisors and, in some cases, parents during supervised visits. This location data is used to verify attendance at designated visit locations, facilitate check-in and check-out processes, document the location of visits for reporting purposes, and provide location-based features within the Service.

2.5 Communications Data The Service includes messaging and communication features. We collect and store the content of chat messages exchanged between users through the platform, voice call metadata (call duration, participants, timestamps), and email communications sent through the platform.

2.6 Financial and Billing Information We collect information necessary to process payments, including billing contact information and invoice details. Payment card information is collected and processed directly by our payment processor, Stripe, and is not stored on our servers.

2.7 Usage and Device Information We automatically collect certain information when you use the Service, including: device type, operating system, and version; browser type and version (for web access); IP address; app version; pages and features accessed; dates and times of access; referring URLs; and crash reports and performance data.

2.8 Information About Minors Our platform stores information about children who are subjects of supervised visitation cases. This information is provided by Agencies and supervisors as part of case management and may include children's names, dates of birth, and other identifying information relevant to the case. This data is collected and maintained as part of the Agency's professional obligations in managing supervised visitation cases. Please see Section 8 (Children's Privacy) for additional information.

We collect information through the following methods:

3.1 Information You Provide Directly We collect information that you voluntarily provide to us when you register for an account, complete your profile, input case information, record visit notes, upload photos or videos, send messages through the platform, contact our support team, or respond to surveys or communications from us.

3.2 Information Collected Automatically When you use the Service, we automatically collect certain technical and usage information through cookies, log files, device identifiers, and similar technologies. This includes the usage and device information described in Section 2.7 above. Our mobile applications may also collect location data as described in Section 2.5 and Section 11.

3.3 Information from Agencies and Other Users If you are a supervisor or parent user, your Agency may provide us with your personal information when setting up your account and adding you to cases. Agencies are responsible for ensuring they have the appropriate legal basis and, where required, consent to provide this information to us.

3.4 Information from Third-Party Services We may receive information from third-party services that are integrated with our platform, including calendar information from connected calendar services (via Nylas), payment confirmation and billing information from Stripe, and communication delivery status from Twilio and SendGrid.

3.5 Information from Public Sources We may supplement the information we collect with information from publicly available sources, such as public court records, to the extent relevant to the Service.

We use the information we collect for the following purposes:

4.1 Providing and Operating the Service To create and manage user accounts, facilitate supervised visitation scheduling and management, enable check-in/check-out and location verification during visits, support documentation of visits through notes, photos, and videos, generate visit reports and court-required documentation (including FL-324P forms), process invoices and payments, facilitate communication between authorized parties, and provide calendar integration and scheduling features.

4.2 Improving and Developing the Service To understand how our Service is used and identify areas for improvement, develop new features and functionality, conduct analytics and research, troubleshoot technical issues and bugs, and monitor and improve Service performance and reliability.

4.3 Communications To send transactional notifications (visit reminders, schedule changes, payment confirmations), respond to your inquiries and support requests, send service announcements and updates, and communicate about account or billing matters.

4.4 Safety and Security To protect the security and integrity of the Service, detect and prevent fraud, abuse, or other harmful activity, verify user identity and location during visits, enforce our Terms of Service, and comply with legal obligations.

4.5 Legal and Compliance To comply with applicable laws, regulations, and legal processes, respond to lawful requests from courts, government agencies, or law enforcement, establish, exercise, or defend legal claims, and fulfill our contractual obligations to Agencies.

We do not sell your personal information. We share information only in the following circumstances:

5.1 With Your Agency If you are a supervisor or parent user, the Agency that manages your case or employment has access to information related to your use of the Service, including visit records, notes, photos, communications, and location data. Agencies act as the data controllers for case-related information, and their access to this data is governed by their own policies, applicable laws, and court orders.

5.2 With Other Authorized Users Information is shared between users within the same case as authorized by the Agency and consistent with the purpose of the Service. For example, supervisors can access case information for visits they are assigned to, and parents may access limited visit information as configured by the Agency.

5.3 With Service Providers We share information with third-party service providers who assist us in operating the Service, including:

- Google Cloud Platform: Cloud hosting, data storage, and infrastructure services. - Stripe: Payment processing for subscription billing and invoicing. - Twilio: In-app messaging and voice communication services. - SendGrid: Transactional and notification email delivery. - Nylas: Calendar synchronization and scheduling integration. - Sentry: Application error tracking and performance monitoring (limited technical data only).

These service providers are contractually obligated to use your information only as necessary to provide their services to us and in accordance with this Privacy Policy.

5.4 For Legal Reasons We may disclose information if we believe in good faith that disclosure is necessary to comply with a court order, subpoena, or other legal process, protect the rights, property, or safety of Visit Proof, our users, or the public, prevent or address fraud, security, or technical issues, or enforce our Terms of Service or other agreements.

Given the nature of supervised visitation, we recognize that case information may be subject to court orders, and we will cooperate with Agencies in responding to legitimate legal requests related to their cases.

5.5 Business Transfers If Visit Proof is involved in a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of its assets, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our Service of any such change in ownership or control of your information.

5.6 With Your Consent We may share your information with other parties when you have given us explicit consent to do so.

5.7 Aggregated or De-Identified Data We may share aggregated or de-identified information that cannot reasonably be used to identify you for analytics, research, or other business purposes.

We retain your information for as long as necessary to fulfill the purposes for which it was collected, comply with our legal and contractual obligations, and resolve disputes.

6.1 Active Accounts We retain account information and associated data for as long as your account remains active or as needed to provide the Service.

6.2 Case Records Given the sensitive nature of supervised visitation cases and the potential for case records to be required in ongoing or future legal proceedings, case-related data (including visit records, notes, photos, videos, and reports) is retained for a minimum of seven (7) years after the last activity on a case, unless a longer retention period is required by applicable law, court order, or the Agency's instructions.

6.3 Billing Records Financial and billing records are retained for a minimum of seven (7) years in accordance with tax and accounting requirements.

6.4 Account Deletion If you or your Agency requests deletion of your account, we will delete or de-identify your personal information within a reasonable timeframe, subject to the following exceptions: we may retain information as required by law, regulation, or court order; case records may be retained as described in Section 6.2; we may retain limited information as necessary to prevent fraud, enforce our agreements, or protect our legitimate business interests; and backup copies may persist for a limited period in accordance with our standard backup retention schedule.

6.5 Agency Data Portability Upon termination of an Agency's subscription, we will make the Agency's data available for export for a period of thirty (30) days, after which the data will be scheduled for deletion in accordance with our standard retention practices.

We implement and maintain reasonable administrative, technical, and physical safeguards designed to protect the information we collect from unauthorized access, use, alteration, and disclosure. Our security measures include:

Encryption of data in transit using TLS/SSL protocols. Encryption of data at rest using industry-standard encryption. Access controls and authentication requirements, including role-based access controls within the Service. Regular security assessments and monitoring. Secure cloud infrastructure hosted on Google Cloud Platform. Employee access controls and confidentiality obligations. Incident response procedures for potential data breaches.

While we strive to protect your information, no method of transmission over the Internet or method of electronic storage is completely secure. We cannot guarantee the absolute security of your information. In the event of a data breach that affects your personal information, we will notify affected users and relevant authorities as required by applicable law.

We recognize that the data on our platform includes sensitive information related to family court proceedings and child welfare. We take this responsibility seriously and continually evaluate and improve our security practices.

Agencies are responsible for maintaining the security of their own accounts, including ensuring that their supervisors and other users follow appropriate security practices such as using strong, unique passwords and not sharing account credentials.

8.1 Platform Not Directed at Children The VisitProof Service is not directed at children under the age of 13 (or under 16 in certain jurisdictions). We do not knowingly allow children to create accounts on, log into, or directly use the Service. All user accounts are created by or on behalf of adults, including Agency administrators, supervisors, parents, and case workers.

8.2 Information About Minors in Case Records While our platform is not directed at children as users, we recognize that the nature of supervised visitation inherently involves children. Our platform stores information about minors as part of case records managed by Agencies. This information may include children's names, dates of birth, photographs or videos taken during supervised visits, and other information relevant to supervised visitation cases.

This information about minors is provided by and at the direction of Agencies, which are the data controllers for case-related information. Agencies are responsible for ensuring that their collection and use of children's information through the Service complies with all applicable laws, court orders, and professional obligations.

8.3 COPPA Compliance The Children's Online Privacy Protection Act (COPPA) applies to the online collection of personal information from children under 13. Because our Service is not directed at children and we do not knowingly collect information directly from children, COPPA's consent requirements for child-directed online services are not directly applicable to our Service. However, we take the protection of children's information seriously and have implemented the following safeguards:

Children's information is accessible only to authorized users within the relevant case. Access to children's information is controlled by the Agency and limited based on user roles. Children's information is subject to the same security measures as all other data on our platform. We do not use children's information for marketing, advertising, or any purpose unrelated to supervised visitation case management.

8.4 Requests Regarding Children's Information If you are a parent or legal guardian and believe that information about your child has been collected through our Service without proper authorization, please contact us at info@visitproof.com. Please note that case-related information is managed by the relevant Agency, and requests regarding such information should be directed to the Agency in the first instance. We will work with the Agency to address any concerns.

If we learn that we have collected personal information from a child under 13 through means other than authorized Agency case management, we will take steps to delete that information promptly.

Depending on your jurisdiction, you may have certain rights regarding your personal information. We are committed to honoring these rights as required by applicable law.

9.1 Rights for All Users Regardless of your location, you may request access to the personal information we hold about you, request correction of inaccurate personal information, request deletion of your personal information (subject to the exceptions described in Section 6), and opt out of non-essential communications.

To exercise these rights, please contact us at info@visitproof.com. We will respond to your request within a reasonable timeframe and in accordance with applicable law.

Please note that for supervisor and parent users, much of the information on the platform is managed by your Agency. We may need to coordinate with your Agency to fulfill your request, and certain requests may be subject to the Agency's policies, applicable laws, and court orders.

9.2 California Privacy Rights (CCPA/CPRA) If you are a California resident, the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), provides you with additional rights regarding your personal information:

Right to Know: You have the right to request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources from which we collected personal information, the business or commercial purpose for collecting your personal information, the categories of third parties with whom we share your personal information, and the specific pieces of personal information we have collected about you.

Right to Delete: You have the right to request that we delete personal information we collected from you, subject to certain exceptions.

Right to Correct: You have the right to request that we correct inaccurate personal information that we maintain about you.

Right to Opt-Out of Sale or Sharing: We do not sell your personal information, and we do not share your personal information for cross-context behavioral advertising purposes.

Right to Limit Use of Sensitive Personal Information: To the extent we process sensitive personal information (such as precise geolocation data) for purposes beyond what is necessary to provide the Service, you have the right to limit such use.

Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights.

To exercise your California privacy rights, please contact us at info@visitproof.com or submit a request through the Service. We will verify your identity before processing your request. You may designate an authorized agent to make a request on your behalf.

Categories of Personal Information Collected: In the preceding 12 months, we may have collected the following categories of personal information as defined by the CCPA: identifiers (name, email, phone number, IP address); personal information under Cal. Civ. Code 1798.80 (name, address, phone number); protected classification characteristics (age, gender, as part of case records); commercial information (billing records, subscription history); internet or network activity (usage data, browsing history within the Service); geolocation data (GPS location during visits); audio, electronic, or visual information (photos, videos, voice calls during visits); professional or employment-related information (supervisor credentials); and sensitive personal information (precise geolocation, communications content).

9.3 Other State Privacy Rights Several other US states have enacted comprehensive privacy laws, including Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA), and others. If you are a resident of one of these states, you may have similar rights to those described above, including the right to access, correct, and delete your personal information, the right to data portability, and the right to opt out of certain processing activities.

Please contact us at info@visitproof.com to exercise your rights under any applicable state privacy law.

9.4 Verification of Requests For your protection, we will verify your identity before fulfilling any privacy rights request. This may require you to provide additional information, such as confirming the email address associated with your account. For requests related to case information, we may need to coordinate with the relevant Agency to verify authorization.

9.5 Response Timing We will acknowledge receipt of your request within ten (10) business days and will provide a substantive response within forty-five (45) days. If we need additional time, we will notify you of the extension and the reason for it.

Our Service integrates with and relies on several third-party services. Each of these services has its own privacy policy governing their collection and use of data:

Google Cloud Platform: We use Google Cloud to host our Service and store data. Google Cloud's privacy practices are governed by Google's Privacy Policy (https://policies.google.com/privacy) and their Data Processing Terms.

Stripe: We use Stripe to process subscription payments and invoicing. When you provide payment information, it is collected directly by Stripe. Stripe's privacy practices are governed by Stripe's Privacy Policy (https://stripe.com/privacy).

Twilio: We use Twilio to provide in-app messaging and voice communication features. Message content and call metadata are processed through Twilio's infrastructure. Twilio's privacy practices are governed by Twilio's Privacy Policy (https://www.twilio.com/legal/privacy).

SendGrid: We use SendGrid (a Twilio company) to send transactional emails such as visit reminders, notifications, and account communications. SendGrid's privacy practices are governed by Twilio's Privacy Policy.

Nylas: We use Nylas to provide calendar synchronization and scheduling features. Calendar data accessed through Nylas integration is subject to Nylas's Privacy Policy (https://www.nylas.com/legal/privacy-policy/).

Sentry: We use Sentry for application error tracking and performance monitoring. Sentry receives limited technical data such as error logs, device information, and performance metrics. Sentry's privacy practices are governed by Sentry's Privacy Policy (https://sentry.io/privacy/).

Apple App Store and Google Play Store: Our mobile applications are distributed through the Apple App Store and Google Play Store, each of which has its own privacy practices.

We encourage you to review the privacy policies of these third-party services. We are not responsible for the privacy practices of third-party services, although we require our service providers to handle your information in a manner consistent with this Privacy Policy through appropriate contractual arrangements.

Location data is an important component of the supervised visitation process, used to verify attendance and document visit locations.

11.1 Collection of Location Data Our mobile applications collect precise GPS location data from users during supervised visits. Location data is collected when a supervisor or parent checks in to or out of a visit, during active visits to verify ongoing presence at the designated location (if enabled by the Agency), and when photos or videos are captured during visits (geotagging).

11.2 Permission and Consent Our mobile applications request permission to access your device's location services. You can control location permissions through your device's operating system settings. However, disabling location services may prevent you from using certain features of the Service, such as visit check-in/check-out.

11.3 Use of Location Data Location data is used to verify that visits are taking place at designated locations, provide check-in and check-out functionality, document visit locations in reports and court filings, and support the safety and integrity of the supervised visitation process.

11.4 Sharing of Location Data Location data is accessible to Agency administrators and authorized supervisors within the relevant case. Location data may be included in visit reports generated through the Service. We do not sell location data or use it for advertising purposes.

11.5 Retention of Location Data Location data associated with visit records is retained in accordance with our case data retention practices described in Section 6.2.

12.1 Cookies Our web application and website use cookies and similar technologies to provide and improve the Service. Cookies are small text files placed on your device when you access a website. We use the following types of cookies:

Strictly Necessary Cookies: These cookies are essential for the operation of the Service, including authentication, session management, and security features. These cookies cannot be disabled.

Performance and Analytics Cookies: These cookies help us understand how users interact with the Service, allowing us to improve functionality and user experience.

Functional Cookies: These cookies enable enhanced functionality and personalization, such as remembering your preferences and settings.

12.2 Managing Cookies Most web browsers allow you to manage cookie preferences through browser settings. You can typically set your browser to refuse all or some cookies, or to alert you when cookies are being sent. However, disabling certain cookies may affect the functionality of the Service.

12.3 Do Not Track Some web browsers transmit "Do Not Track" (DNT) signals. Because there is no universally accepted standard for how to respond to DNT signals, we do not currently respond to DNT signals. However, we do not engage in cross-site tracking of our users.

12.4 Analytics We may use analytics services to help us understand usage patterns and improve the Service. These services may collect information about your use of the Service, including pages visited, features used, and time spent on the Service.

Visit Proof is based in the United States, and our Service is hosted on Google Cloud Platform infrastructure located in the United States. If you access the Service from outside the United States, please be aware that your information will be transferred to, stored, and processed in the United States.

By using the Service, you consent to the transfer of your information to the United States and acknowledge that the data protection laws in the United States may differ from those in your jurisdiction.

We take steps to ensure that your information receives an adequate level of protection in the jurisdictions in which we process it, including through appropriate contractual arrangements with our service providers.

For Agencies that serve clients across multiple US states, we comply with applicable state privacy and data protection laws, including but not limited to the California Consumer Privacy Act (CCPA/CPRA) and other state privacy laws described in Section 9.

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes to this Privacy Policy, we will notify you by posting the updated policy on our website with a new effective date, sending you an email notification at the address associated with your account (for material changes), and providing an in-app notification when you next access the Service.

We encourage you to review this Privacy Policy periodically to stay informed about our information practices. Your continued use of the Service after the effective date of any changes constitutes your acceptance of the updated Privacy Policy.

If you do not agree with any changes to this Privacy Policy, you must stop using the Service and contact us to discuss your options, including account deletion.

If you have any questions, concerns, or complaints about this Privacy Policy or our privacy practices, please contact us at:

Visit Proof LLC Email: info@visitproof.com Website: visitproof.com

We will endeavor to respond to your inquiry within a reasonable timeframe.

If you are a California resident and wish to exercise your CCPA/CPRA rights, you may contact us using the information above or submit a request through your account settings in the Service.

If you have a complaint about our privacy practices that we have not adequately addressed, you may have the right to lodge a complaint with your state attorney general or other applicable regulatory authority.