SoundSignal
← Back to SoundSignal

Privacy Policy

Last updated: February 21, 2026

What We Collect

When you sign in with Google, we receive your name and email address from your Google account. We use this solely to authenticate you and associate your account with your saved reports.

Data Collected Automatically

  • Server logs: IP addresses, timestamps, and user agents are retained for operational and security purposes.
  • Authentication tokens: Stored in browser session storage and are not persisted to disk.

How We Use Your Data

  • Authentication: Your email identifies your account so you can access your reports.
  • Property Reports: Addresses you search are used to query public building permit records. Reports are stored in our database and linked to your account.
  • Newsletter: If you subscribe, we store your email to send periodic updates. You can unsubscribe at any time.

Chrome Extension

The SoundSignal Chrome extension analyzes building permits for properties you view on Zillow. Here is what it does and what permissions it requires:

Permissions

  • activeTab: Reads the current Zillow listing page to extract property details.
  • storage: Saves authentication tokens in session storage.
  • identity: Handles the OAuth sign-in flow.
  • Host permissions: Communicates with the soundsignal.ai API and AWS Cognito for authentication.

Data Collected from Zillow Pages

When you activate the extension on a Zillow listing, it extracts the following publicly visible information from the page: property address, listing price, bedroom/bathroom/square footage counts, listing status, and price history. This data is sent to the SoundSignal API to generate a building permit analysis report.

Third-Party Services

  • Google OAuth: Used for sign-in. We do not access your Google data beyond your basic profile.
  • AWS (Cognito, S3, SES): Hosts our authentication, file storage, and email delivery.
  • Anthropic (Claude): Processes publicly available building permit documents to generate reports. No personal data is sent to the AI model.

Security Practices

  • All data is transmitted over HTTPS/TLS.
  • Authentication tokens in the Chrome extension are stored in chrome.storage.session (encrypted, session-only — cleared when the browser closes).
  • OAuth uses the PKCE flow — no client secrets are stored in the extension.

Data Retention

Your account data and reports are retained as long as your account is active. You can request deletion of your account and all associated data by contacting us.

Cookies

We use a session cookie to keep you signed in. We do not use tracking cookies or third-party analytics.

Limited Use Disclosure

SoundSignal's use and transfer of information received from Google APIs adheres to the Chrome Web Store User Data Policy, including the Limited Use requirements. Specifically:

  • We do not use user data for advertising or sell it to third parties.
  • We do not use user data to determine creditworthiness or for lending purposes.
  • We do not transfer user data to third parties unless necessary to provide the service, comply with applicable laws, or as part of a merger/acquisition with adequate data protection.
  • Human access to user data is limited to security investigations, compliance with applicable law, or with your explicit consent.

Legal and Law Enforcement

We may disclose your information if required to do so by law or in response to valid legal process (e.g., a subpoena, court order, or government request). We will attempt to notify you before disclosing your information unless prohibited by law.

Contact

Questions about this policy? Reach out at privacy@soundsignal.ai.

© 2026 SoundSignal. Bainbridge Island, WA.