Policy

Privacy policy

Last updated · April 2026v 1.0

This policy explains what CREFI collects, how we use it, and the choices you have. We write it the way we'd want to read it — short, specific, and without lawyer theater.

§ 01

Who this applies to

This policy applies to the crefi.ai website, the CREFI web application, and any related services (together, the “Service”) operated by CREFI AI, Inc. (“CREFI,” “we,” “us”).

If you’re a buyer, seller, or party to a transaction our customer is closing, please see the section titled Transaction participants below.

§ 02

What we collect

We collect three buckets of information:

  • Account & contact data — name, work email, company, role, and anything you share in a demo request.
  • Customer data — files and records our customers upload or generate in the Service (e.g., title commitments, curative letters, CPLs, order metadata).
  • Usage & device data — browser, IP, pages viewed, and diagnostic logs used to keep the Service fast and secure.
§ 03

How we use it

We use your information to:

  • Provide, secure, and improve the Service.
  • Respond to support requests and communicate about your account.
  • Develop new features and diagnose bugs using aggregated, de-identified signals.
  • Meet legal and regulatory obligations.

We do not sell personal information. We do not use customer data to train third-party foundation models.

§ 04

Sharing & subprocessors

We share information only with vendors that help us run the Service — cloud hosting, error monitoring, analytics, and email delivery. Each is bound by contract to protect the data and use it only for the service they provide to us.

We may disclose information when required by law, to enforce our agreements, or to protect the rights and safety of users and the public.

§ 05

Transaction participants

If our customer (a title company, escrow agent, or closing attorney) uses the Service to prepare documents for a transaction you’re a party to, they are the controller of that information. We process it on their instructions.

Direct privacy requests to our customer in the first instance. We will reasonably assist them in fulfilling your request.

§ 06

Security

We use encryption in transit and at rest, role-based access controls, least-privilege service accounts, and audit logging. Production access is limited to personnel with a documented business need.

No system is perfect. If you believe your account has been compromised, email hello@crefi.ai and we’ll respond within one business day.

§ 07

Retention

We keep account data while your account is active and for a reasonable period after to meet legal, accounting, and audit obligations. Customer data is retained under the terms of the customer’s agreement with us; deletion requests are honored in accordance with that agreement.

§ 08

Your choices

Depending on where you live, you may have rights to access, correct, delete, or export your personal information, and to object to certain processing. To exercise these rights, email hello@crefi.ai. We will verify your identity before acting on a request.

§ 09

Cookies

We use a small number of cookies and similar technologies for session management, security, and privacy-preserving analytics. You can control cookies through your browser settings.

§ 10

Changes to this policy

We’ll update this page when the Service or the law meaningfully changes. If the change is material, we’ll let account holders know by email or in-product notice before it takes effect.