Privacy Policy

Last updated: February 18, 2026

This Privacy Policy ("Policy") describes how RED Atlas, Inc. ("RED Atlas," "we," "us," or "our"), a Puerto Rico corporation, collects, uses, discloses, and protects information in connection with the RED Atlas property intelligence API, developer portal, website, and related services (collectively, the "Services"). This Policy applies to: (a) individuals who access the RED Atlas developer portal or website; (b) API customers and their authorized users; and (c) individuals whose information may appear in property intelligence data accessed through the API.

RED Atlas operates across multiple jurisdictions. This Policy is designed to comply with applicable privacy and data protection laws including U.S. federal and Puerto Rico privacy statutes, Colombia's Habeas Data Law (Ley 1581 de 2012), and the EU General Data Protection Regulation (GDPR) where applicable. Where a section addresses jurisdiction-specific requirements, that section applies only to individuals in the relevant jurisdiction.

Do not provide information about others unless you are authorized to do so. By submitting information about others, you represent and warrant that you have authorization from the person about whom you are providing information and that such person has consented to the use and processing described in this Policy.

1. Information We Collect

1.1 Account and Registration Information

When a company or individual registers for API access, we collect: company name, primary contact name, email address, billing information, industry vertical, intended use case, and information provided in any Data Grant application. This information is used to create and manage accounts, process payments, evaluate grant applications, and provide support.

1.2 API Usage Data

We automatically collect data about API usage including: API call logs, endpoint access patterns, request timestamps, response codes, credit consumption, error rates, query parameters, and IP addresses of systems making API calls. This information is used to provide and improve the Services, enforce the Terms of Service and Acceptable Use Policy, detect fraud or abuse, generate usage reports, and identify unauthorized data redistribution through pattern analysis.

1.3 Property Intelligence Data

Our Services involve a database of property intelligence data aggregated from public records, commercial data sources, and licensed third-party data providers. This data includes property characteristics, assessed and estimated valuations, transaction history, ownership records, and contact information for property owners. We collect, process, and license access to this data as an independent data controller. The compilation, selection, and arrangement of this data constitutes original work protected by intellectual property law.

1.4 Communications

We collect information in correspondence including emails, support tickets, feedback submissions, and post-grant surveys. This information is used to respond to inquiries, improve our services, and maintain records of commercial relationships.

1.5 Cookies and Tracking

Our developer portal and website use cookies and similar tracking technologies for authentication, analytics, and service improvement. Users may manage cookie preferences through their browser settings, though disabling certain cookies may affect portal functionality. We use Google Analytics and similar tools to understand usage patterns; for information on Google's data practices, see support.google.com/analytics.

1.6 Technical Markers and Watermarks

RED Atlas may embed technical markers, watermarks, or canary records in RED Atlas Data and API Outputs for the purpose of detecting unauthorized redistribution. Collection of data about the distribution and appearance of such markers in third-party systems is part of our compliance monitoring program.

2. How We Use Information

We use the information we collect for the following purposes:

  • Providing, operating, and improving the API and related Services;
  • Processing registrations, activating accounts, managing subscriptions, and evaluating Data Grant applications;
  • Billing, invoicing, and collections;
  • Technical support and customer success activities;
  • Monitoring API usage for compliance with the Terms of Service and Acceptable Use Policy, including detection of unauthorized data redistribution;
  • Detecting, investigating, and preventing fraud, abuse, unauthorized access, and misappropriation of RED Atlas Data;
  • Communicating with customers about service updates, policy changes, and commercial opportunities;
  • Aggregating and anonymizing usage data for internal analytics, product development, and, in limited cases, marketing materials;
  • Satisfying regulatory and legal obligations, including responding to valid legal process as described in Section 7;
  • Enforcing RED Atlas's rights, including intellectual property rights, against unauthorized use of RED Atlas Data.

We do not sell customer account information or API usage data to third parties for advertising or marketing purposes. RED Atlas products and services are ad-free. RED Atlas does not allow advertisers to pay to have RED Atlas promote their products or services through the API or developer communications.

3. Property Intelligence Data and Third-Party Individuals

3.1 Sources

Property intelligence data is aggregated from publicly available government records (cadastral registries, tax records, property registries), licensed commercial data providers, and listing platforms. We process this data to build a unified property intelligence layer licensed to API customers.

3.2 Nature of the Data

Our data includes information about real property and, where available, property owner contact information. Property ownership is a matter of public record in all markets where we operate. Contact information is sourced from licensed commercial providers who represent that the data has been lawfully collected. We do not independently verify the accuracy of contact information sourced from third-party providers.

3.3 Purpose Limitation

Property intelligence data is licensed to API customers for lawful business purposes including real estate valuation, risk assessment, portfolio analysis, market research, and related uses. Our Acceptable Use Policy and Terms of Service prohibit customers from using this data to harass, stalk, discriminate against, or engage in unlawful conduct toward any individual. Customers using contact data for outreach are responsible for compliance with applicable anti-spam, telemarketing, and direct marketing laws.

3.4 Contact Data Opt-Out

Individuals who appear in our property intelligence database and wish to request removal of contact information (phone numbers and email addresses only — ownership records are public record and cannot be removed by RED Atlas) may submit a written request to legal@atlas.red with subject line "Contact Data Removal Request." We will: (a) acknowledge receipt within five (5) business days; (b) review the request within thirty (30) days; and (c) remove valid contact information from our active database within sixty (60) days of validation. Contact data removed from our database may persist in cached copies held by API customers who accessed it prior to removal. We will not restore removed contact data unless independently re-sourced through a licensed provider. Requests for removal from underlying public property records must be directed to the relevant government authority.

4. Information Sharing and Disclosure

We do not sell personal information. We may share information in the following circumstances:

  • Service Providers: We engage third-party service providers (including cloud hosting, data enrichment, payment processing, and support providers) who process information on our behalf under data protection agreements with obligations no less protective than this Policy.
  • API Customers: Account information is shared with the customer organization to which it belongs. API usage data is shared with authorized customer administrators.
  • Legal Requirements: We may disclose information where required by valid legal process including subpoenas, court orders, and search warrants. Our handling of law enforcement requests is governed by the Law Enforcement Data Request Statement incorporated into the Terms of Service. Where permitted, we will provide prior notice to the affected customer.
  • Business Transfers: In connection with a merger, acquisition, or asset sale, information may transfer to the acquiring entity subject to equivalent privacy protections.
  • Protection of Rights: We may disclose information to protect the rights, property, safety, or legal interests of RED Atlas, our customers, or the public, including in connection with enforcement of RED Atlas's intellectual property rights against unauthorized data redistribution.

5. Data Retention

  • Account and usage information: retained for the duration of the customer relationship and for up to three (3) years following termination, for legal, compliance, and business continuity purposes.
  • API call logs: retained for up to twelve (12) months for operational and compliance purposes.
  • Post-grant survey responses: retained for up to two (2) years.
  • Property intelligence data: retained in accordance with data licensing agreements and applicable law.
  • Technical marker and watermark detection logs: retained for up to five (5) years for intellectual property enforcement purposes.

We may retain anonymized or aggregated data for longer periods.

6. Security

We implement commercially reasonable technical and organizational security measures including encryption of data in transit (TLS 1.2+) and at rest, role-based access controls, multi-factor authentication for privileged access, audit logging, and regular security assessments. We are pursuing SOC 2 Type I certification. No security measure is perfect. In the event of a security incident affecting personal data, we will notify affected customers in accordance with applicable law and the Data Processing Agreement where applicable.

7. Law Enforcement Data Requests

RED Atlas will not disclose customer or user data in response to requests from law enforcement, governmental, or regulatory agencies except where required by valid and properly served legal process. RED Atlas reviews all such requests for legal sufficiency and challenges requests that exceed the relevant authority's legal powers. RED Atlas will attempt to notify affected customers before complying with legal process unless prohibited by law or where there are clear indications of unlawful conduct. In genuine emergencies involving imminent danger of death or serious physical injury, RED Atlas may disclose information without prior notice. For full details, see the Law Enforcement Data Request Statement in the Terms of Service.

8. Jurisdiction-Specific Rights

8.1 Colombia (Habeas Data — Ley 1581 de 2012)

Colombian data subjects have the following rights under Ley 1581: (a) to know, update, and rectify personal data held by RED Atlas; (b) to request proof of authorization for data processing; (c) to be informed about the use of personal data; (d) to file complaints with the Superintendencia de Industria y Comercio (SIC); and (e) to revoke authorization and request deletion where not required by law. RED Atlas acts as a data controller for its property intelligence database in Colombia. Requests should be directed to legal@atlas.red. RED Atlas will respond within fifteen (15) business days as required by Ley 1581. Requests for deletion of contact data will be processed per Section 3.4. Requests for deletion of property ownership records cannot be honored as such records are public record maintained by government authorities.

8.2 European Union and EEA (GDPR)

To the extent RED Atlas processes personal data of EU/EEA individuals, it does so under the GDPR. Legal bases: legitimate interests (Article 6(1)(f)) for processing property intelligence data from public records; contract performance (Article 6(1)(b)) for account and usage data; legal obligation (Article 6(1)(c)) where required. EU/EEA individuals have rights to access, rectify, erase, or restrict personal data; data portability; object to processing; and lodge complaints with a supervisory authority. Cross-border transfers are conducted pursuant to Standard Contractual Clauses or another approved mechanism. For EU-specific inquiries, contact legal@atlas.red.

8.3 United States

RED Atlas complies with applicable U.S. federal and Puerto Rico privacy laws. API Data and Outputs are not consumer reports under the FCRA. Customers using API data for outreach bear sole responsibility for compliance with TCPA, CAN-SPAM, and state telemarketing laws. We do not knowingly collect data from individuals under 18.

9. Customer Responsibilities

When API customers use our Services to access or process personal data, they act as independent data controllers for their own processing activities. Customers are responsible for: (a) having a valid legal basis for their processing; (b) providing required notices to individuals; (c) complying with applicable privacy law; (d) honoring data subject rights requests directed to them; and (e) ensuring their use of RED Atlas Data complies with the Acceptable Use Policy, including the prohibition on unauthorized redistribution and the contact data restrictions.

10. Changes to This Policy

We may update this Policy at any time. We will notify active API customers of material changes by email at least fourteen (14) days before they take effect. The current version is always at api.atlas.red. Continued use of the Services after the effective date constitutes acceptance.

11. Contact

RED Atlas, Inc.

Attn: Legal Department (Privacy)

legal@atlas.red

T-Mobile Center, B7 Cll Tabonuco Suite 1108, Guaynabo, PR 00968

api.atlas.red