Summit REIntelligence

Privacy Policy

Last updated: February 2026  |  Summit Capital Investors LLC  |  Summit REIntelligence™

Summit Capital Investors LLC ("Summit Capital," "we," "us," or "our") operates the Summit REIntelligence™ web application (the "Service"). This Privacy Policy explains what information we collect, how we use it, and your rights regarding that information. By using the Service, you agree to the practices described here.

1. Information We Collect

We collect the following categories of information:

CategoryExamplesSource
Account informationName, email address, user IDManus OAuth login
Payment informationBilling name, last 4 digits of card, subscription statusStripe (we never see full card numbers)
Usage dataPages visited, features used, session durationAutomatically collected
Deal input dataProperty addresses, financial figures you enterYou (stored only in your browser session)
Device & browser dataIP address, browser type, operating systemAutomatically collected

2. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service
  • Authenticate your identity and manage your account session
  • Process subscription payments and manage billing through Stripe
  • Send transactional emails (receipts, subscription confirmations)
  • Analyze usage patterns to improve features and fix bugs
  • Comply with legal obligations

We do not sell your personal information to third parties. We do not use your deal input data (property addresses, financial figures) for any purpose other than performing calculations within your session.

3. Deal Input Data

Property addresses, ARV figures, repair costs, and other deal inputs you enter into the analyzer are processed entirely within your browser session and are not stored on our servers. When you close your browser or clear your session, this data is gone. We do not have access to the specific deals you analyze.

The exception is when you use the Bricked.ai comp lookup feature: your property address is sent to Bricked.ai's servers via our API proxy to retrieve comparable sales data. Please review Bricked.ai's privacy policy for how they handle that data.

4. Cookies and Session Tokens

We use a single HTTP-only session cookie (summit_session) to keep you logged in. This cookie is signed with a secure JWT secret and contains only your user ID, name, and email. It is set to expire after 365 days or when you sign out.

We also use Umami Analytics, a privacy-respecting analytics tool that does not use cookies and does not collect personally identifiable information. It tracks aggregate page views and feature usage only.

5. Payment Processing (Stripe)

All payment processing is handled by Stripe, Inc., a PCI-DSS Level 1 certified payment processor. We never see, store, or have access to your full credit card number, CVV, or expiration date. Stripe stores your payment method and billing information on their secure servers. We store only your Stripe Customer ID and Subscription ID to manage your access.

By subscribing, you also agree to Stripe's Privacy Policy.

6. Data Sharing

We share your information only in the following limited circumstances:

  • Stripe — for payment processing and subscription management
  • Manus (OAuth provider) — for authentication
  • Bricked.ai — for property comp lookups (address only, when you use that feature)
  • Legal requirements — if required by law, court order, or government authority

7. Data Retention

Account information (name, email, user ID) is retained for as long as your account is active. If you cancel your subscription and request account deletion, we will delete your account data within 30 days, except where retention is required by law (e.g., financial records for tax purposes, which are retained for 7 years).

8. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access — request a copy of the personal data we hold about you
  • Correction — request correction of inaccurate data
  • Deletion — request deletion of your account and associated data
  • Portability — request your data in a machine-readable format
  • Opt-out of marketing — unsubscribe from any marketing emails at any time

To exercise any of these rights, email us at [email protected]. We will respond within 30 days.

9. Security

We implement industry-standard security measures including HTTPS encryption for all data in transit, HTTP-only signed session cookies, and server-side API key management (no API keys are exposed to the browser). Payment data is handled entirely by Stripe's PCI-compliant infrastructure.

No system is 100% secure. If you discover a security vulnerability, please report it to [email protected].

10. Children's Privacy

Summit REIntelligence™ is intended for use by adults (18+) engaged in real estate investment activities. We do not knowingly collect personal information from children under 13. If we become aware that we have collected such information, we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page with a new "Last updated" date. Continued use of the Service after changes are posted constitutes acceptance of the revised policy.

Contact Us

Summit Capital Investors LLC  |  [email protected]