Skip to main content

Privacy Policy

Last Updated: April 9, 2026

1. Introduction

Valzero Inc. ("Company," "we," "us," or "our") operates the RecordGuards platform ("Platform"). This Privacy Policy describes how we collect, use, store, share, and protect personal information when you use the Platform, visit our website at https://recordguards.com, or interact with our services.

RecordGuards is a compliance management platform for Florida community associations, including condominiums, homeowners associations (HOAs), and cooperative associations. This Privacy Policy applies to all users of the Platform, including association administrators, staff, owners, tenants, and guests.

By using the Platform, you consent to the data practices described in this Privacy Policy. If you do not agree, you must not use the Platform.

2. Information We Collect

2.1 Information You Provide

  • Account information — name, email address, phone number, unit number, role within your association
  • Association information — association name (legal entity name), address, entity type (condominium, HOA, cooperative), contact information
  • Documents — files you upload to the document vault, including governing documents, financial records, insurance certificates, contracts, meeting minutes, inspection reports, and other association records
  • Form submissions — data entered through custom forms, service request forms, and estoppel certificate requests
  • Communication preferences — your consent status for electronic communications
  • Payment information — billing details provided through Stripe for subscription and estoppel fees (credit card numbers are processed by Stripe and not stored on the Platform)
  • Electronic signatures — signatures captured through the Platform's e-signature feature
  • Correspondence — messages you send through the Platform or to legal@recordguards.com

2.2 Information Collected Automatically

  • Usage data — pages viewed, features used, timestamps, session duration
  • Device information — browser type and version, operating system, screen resolution
  • IP address — collected at login, during consent actions, and in audit log entries
  • Audit trail data — all actions taken on the Platform are logged for compliance purposes, including document access, uploads, downloads, classification actions, and administrative changes

2.3 Information from Third Parties

  • Association administrators — may provide your name, unit number, and contact information when adding you to the Platform
  • AI and OCR processing results — classification labels and extracted text generated by third-party AI providers when processing your uploaded documents (see Section 5)

2.4 Sensitive Information

The Platform may process documents containing sensitive personal information, including but not limited to: financial records, insurance information, legal correspondence, and resident personal details. This information is uploaded by authorized association personnel and is handled in accordance with this Privacy Policy and applicable law.

2.5 Prospective Customers and Website Inquiries

When you submit an inquiry, partner-application, demo request, or contact form on our website, we collect the information you provide — typically your name, email address, phone number, association name, association type, approximate unit count, mailing address, and your role within the association (e.g., board position). We use this information solely to evaluate and respond to your inquiry, to communicate with you about RecordGuards, and, if you proceed, to set up your account.

If you do not become a customer, we retain your inquiry information for up to twenty-four (24) months after our last contact with you, after which it is securely deleted, unless you ask us to delete it sooner or we are required to retain it by law. The 24-month window is anchored to the date of our last contact with you (the most recent interaction with your inquiry record), not to the date you first reached out. You may request deletion of your inquiry information at any time by emailing legal@recordguards.com with the subject line "Privacy Request."

We do not sell inquiry information, and we do not share it with third parties except the service providers listed in Section 6 that are necessary to operate our website and respond to you.

2.6 Linked Prospect Records

In some cases an inquiry record is associated with an existing RecordGuards portal user — for example, when a community-association manager or board member who already holds a portal login submits a feature request, partner-program inquiry, or other prospective-customer communication. When that linkage is recorded, the inquiry record is treated as part of that user's customer-side account data and is governed by the customer retention rules described in Section 7.1 (Platform Data) rather than the 24-month inquiry-retention rule in Section 2.5.

The 24-month automatic deletion described in Section 2.5 does not apply to inquiry records linked to an existing portal account. To request deletion of a linked prospect record, email legal@recordguards.com with the subject line "Privacy Request." Deletion is subject to the limitations described in Sections 7.1 and 9.3 (statutory retention, audit-log immutability, and active-subscription obligations).

3. How We Use Your Information

We use the information we collect to:

  • Provide the Platform — operate, maintain, and improve the Platform's features and services
  • Document management — store, categorize, and retrieve association documents
  • AI classification — process uploaded documents through AI classification and OCR services to assist with categorization (see Section 5)
  • Compliance tracking — monitor statutory deadlines, generate compliance scorecards, and send expiration alerts
  • Communication — send service notifications, compliance alerts, billing information, and (with consent) marketing communications
  • Account management — manage user accounts, roles, and permissions
  • Audit and compliance — maintain audit trails as required by Florida statute and for platform integrity
  • Payment processing — process subscription fees and per-transaction charges through Stripe
  • Managed services — enable our compliance specialists to perform services on behalf of your association
  • Platform improvement — analyze usage patterns to improve Platform features and user experience
  • Legal compliance — comply with applicable laws, regulations, and legal processes

4. Legal Basis for Processing

We process personal information on the following bases:

  • Contract performance — to provide the Platform services under our service agreement with your association
  • Legitimate interests — to maintain Platform security, prevent fraud, improve our services, and operate our business
  • Legal obligation — to comply with Florida statutory requirements for record-keeping, audit trails, and data retention
  • Consent — for electronic communications and marketing, which you may revoke at any time

5. AI Processing and Third-Party Data Sharing

5.1 AI Document Classification

When you upload documents to the Platform, document content may be transmitted to third-party AI service providers for automated classification. The Platform uses:

  • Anthropic (Claude) — primary AI classification provider
  • OpenAI — fallback AI classification provider
  • Google (Gemini) — experimental AI classification provider

AI providers process document content to generate classification suggestions (category, subcategory, issued-by entity, dates). AI classifications are advisory and subject to human review.

5.2 Optical Character Recognition (OCR)

All uploaded documents are processed through Google Cloud Vision for text extraction. OCR is always active and operates independently of the per-tenant AI classification toggle. Extracted text is used for classification, search indexing, and document metadata generation.

5.3 AI Provider Data Practices

Valzero Inc. selects AI providers that contractually commit to not using customer data for model training. However, data transmitted to AI providers is subject to each provider's data processing terms:

  • Anthropic: processes data per its commercial data processing agreement
  • OpenAI: processes data per its API data usage policy
  • Google: processes data per its Cloud data processing terms

Document content is transmitted to AI providers via encrypted connections. Valzero Inc. does not share your personal account information (name, email, etc.) with AI providers — only document content is transmitted for processing.

5.4 AI Processing Opt-Out

Association administrators may disable AI classification on a per-tenant basis through the Platform's settings. When disabled, all documents are routed to manual classification. OCR processing cannot be disabled as it is required for core Platform functionality.

6. Other Third-Party Service Providers

We use the following third-party services to operate the Platform:

Provider Purpose Data Shared
Stripe Payment processing Billing name, email, payment method
Amazon Web Services (S3) Document storage Uploaded files (encrypted at rest)
Google Cloud Vision OCR text extraction Document images/PDFs
Anthropic / OpenAI / Google AI document classification Document text content
Email service provider Transactional and notification emails Name, email address, notification content
Google Fonts Web typography on public pages IP address (per Google's privacy policy)

We require all third-party providers to handle your data in accordance with applicable law and to maintain appropriate security measures.

7. Data Retention

7.1 Platform Data

We retain your personal information for as long as your account is active or as needed to provide Platform services. When an association's subscription is cancelled:

  • A 45-day grace period applies during which all data remains accessible for export
  • After the grace period, association data is securely deleted unless retention is required by law

7.2 Florida Statutory Retention

The Platform tracks document retention periods based on Florida statute, including:

  • Permanent — governing documents, articles of incorporation, declarations, bylaws (FL §718.111(12)(a))
  • 15 years — structural integrity reserve studies, milestone inspection reports (FL §718.111(12))
  • 7 years — financial records, contracts, meeting minutes, insurance policies (FL §718.111(12)(b))
  • 7 years — board member certifications (FL §718.112(2)(d)) (or the duration of continuous tenure, whichever is longer)
  • 1 year — bids, ballots, voting proxies, video recordings (FL §718.111(12)(d))

These retention periods apply to association documents stored on the Platform. Your association is responsible for its own retention compliance.

7.3 Audit Logs

Audit log entries (including IP addresses, timestamps, and action descriptions) are retained for the duration of the association's subscription plus any legally required retention period. Audit logs are immutable and cannot be deleted while active.

7.4 Consent Records

Records of communication consent (including consent date, IP address, and language version presented) are retained for the duration of the user's account plus seven (7) years, to satisfy potential audit or legal requirements.

7.5 Inquiry and Lead Data

Information submitted through website inquiry, partner-application, demo request, and contact forms by individuals who do not become customers is retained for up to twenty-four (24) months after our last contact with you, after which it is securely deleted unless retention is required by law. See Section 2.5.

Inquiry records linked to an existing RecordGuards portal account (see Section 2.6 "Linked Prospect Records") are retained under the customer-data rules in Section 7.1 and are not subject to the 24-month inquiry-data purge.

8. Data Security

We implement reasonable administrative, technical, and physical safeguards to protect your personal information, including:

  • Encryption in transit — all data transmitted between your browser and the Platform is encrypted using TLS/SSL
  • Encryption at rest — documents stored in cloud storage are encrypted at rest
  • Access controls — role-based access controls limit data access to authorized users
  • Audit logging — all data access is logged with user identity, timestamp, and IP address
  • Document integrity — SHA-256 hashing ensures document integrity and detects tampering
  • Secure authentication — password hashing and session management follow industry standards

No method of transmission or storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

9. Your Rights

9.1 Access and Export

You may request a copy of the personal information we hold about you. Association administrators may export all association data through the Platform's data export feature.

9.2 Correction

You may update your account information through your profile settings or by contacting us at legal@recordguards.com.

9.3 Deletion

You may request deletion of your personal information by contacting legal@recordguards.com. Deletion requests are subject to:

  • Florida statutory retention requirements (we cannot delete records we are legally required to retain)
  • Audit log immutability (audit entries cannot be retroactively deleted)
  • Ongoing service obligations under an active subscription

9.4 Communication Opt-Out

You may revoke your consent to receive electronic communications at any time through your account settings or by contacting legal@recordguards.com. Revoking consent may limit your access to certain Platform features. Required legal notices may still be sent via postal mail.

9.5 AI Processing Opt-Out

Association administrators may disable AI classification for their association. Individual users should contact their association administrator to request this change.

10. Florida Information Protection Act (FIPA) Compliance

10.1 Breach Notification

In the event of a data breach involving your personal information, Valzero Inc. will comply with the Florida Information Protection Act (FL §501.171), including:

  • Notification to affected individuals within 30 days of breach discovery
  • Notification to the Florida Department of Legal Affairs if more than 500 individuals are affected
  • Description of the breach, types of information involved, and steps taken in response

10.2 Personal Information Definition

For purposes of FIPA compliance (FL §501.171(1)(g)), "personal information" includes: first name or first initial and last name in combination with any one or more of the following — social security number; driver license or identification card number, passport number, military identification number, or similar government-issued identifier; financial account number, credit card number, or debit card number in combination with any required security code, access code, or password; any information regarding an individual's medical history, mental or physical condition, or medical treatment or diagnosis by a health care professional; or health insurance policy number, subscriber identification number, or unique identifier used by a health insurer; biometric data; geolocation information. "Personal information" also includes a username or email address in combination with a password or security question and answer that would permit access to an online account.

11. Children's Privacy

The Platform is not directed to children under the age of 18. We do not knowingly collect personal information from children. If you believe a child has provided personal information through the Platform, contact us at legal@recordguards.com and we will delete it.

Association records may contain names of minor household members as part of occupant records. This information is provided by authorized association personnel and is handled as part of the association's record-keeping obligations.

12. Cookies and Tracking Technologies

12.1 Essential Cookies

The Platform uses essential cookies for session management, authentication, and security. These cookies are necessary for the Platform to function and cannot be disabled.

12.2 Third-Party Resources

The Platform's public pages load web fonts from Google Fonts, which may collect your IP address per Google's privacy policy. The Platform does not use third-party analytics services or third-party advertising trackers on any page.

12.3 First-Party Analytics

Our public marketing website uses a first-party, cookieless analytics measurement that we operate ourselves. It records anonymous, aggregate usage signals — such as pages viewed, referring page, anonymized visit grouping, and basic interaction events (for example, clicking an "Apply" button or submitting a contact form) — to help us understand which pages are useful and improve the site. This measurement does not set advertising cookies, does not build a profile of you, and does not share any data with third-party analytics or advertising networks. It runs only on our public marketing pages, not within the authenticated Platform.

12.4 Future Changes

If we add analytics or tracking technologies in the future, this Privacy Policy will be updated and, where required, a cookie consent mechanism will be implemented.

13. Cross-Border Data Transfers

Your data is processed in the United States by Valzero Inc. and its third-party service providers (including cloud storage and AI services), which operate U.S.-based processing infrastructure for Platform workloads. If Valzero Inc. engages a service provider that processes Platform data outside the United States in the future, this Privacy Policy will be updated and, where required by applicable law, you will be notified.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email or through a notice on the Platform. Your continued use of the Platform after the effective date of the revised Privacy Policy constitutes acceptance of the changes.

The "Last Updated" date at the top of this page indicates when this Privacy Policy was last revised.

15. Governing Law

This Privacy Policy is governed by and construed in accordance with the laws of the State of Florida. Any disputes arising from this Privacy Policy shall be resolved in the state or federal courts located in Miami-Dade County, Florida.

16. Contact Information

If you have questions about this Privacy Policy or our data practices, contact us at:

Valzero Inc. Brickell, Miami, FL Email: legal@recordguards.com

To exercise any of your rights described in Section 9, or to report a data concern, email legal@recordguards.com with the subject line "Privacy Request."

RecordGuards is a compliance management platform operated by Valzero Inc.. It is not a law firm and does not provide legal advice.