Privacy Policy

Last Updated and Effective Date: November 23, 2025

1. Introduction and Scope

This Privacy Policy explains how Upresilience, Inc. (“Upresilience”, “we”, “us”, “our”) collects, uses, and shares personal information from users ("you") of the www.upresilience.com website (the "Site") and the services we provide, including wildfire risk assessment and mitigation services.

This policy applies to information collected through the Site, email, and any other interactions you may have with us.

2. Information We Collect and How We Use It

We collect information necessary to provide our services, manage our Site, and communicate with you. We collect this information through two main methods:

A. Information You Provide Directly to Us

We collect personal information that you voluntarily submit to us, which may include:

• Contact Information: Your name, email address, phone number, and physical address.
• Property Details: Information related to your property necessary for risk assessment and mitigation services.
• Account Information: Username and credentials used to access your account.
• Communications: Content of emails or messages you send us when seeking support or information.

We use this information to:

• Provide the services you requested.
• Manage your account and keep you logged in.
• Communicate with you, respond to inquiries, and provide customer support.
• Comply with our legal and regulatory obligations.

B. Information Collected Automatically

When you visit the Site, we automatically collect certain information necessary for the Site's operation, security, and authentication.

Unlike many websites, we do not use analytics tools (like Google Analytics) or advertising tracking technologies.

The information we collect automatically includes:

• Log and Device Data: Standard internet log information, such as your IP address, browser type, operating system, and the dates/times of your visits. This is used for security monitoring and troubleshooting.
• Necessary Cookies: We use a minimal set of strictly necessary cookies required for login and security (such as protecting against Cross-Site Request Forgery).

For complete details on our use of cookies, please see Section 4 below and our Cookie Policy.

3. How We Share Your Information

Upresilience does not sell your personal information, nor do we share it with third parties for their own marketing purposes or for cross-context behavioral advertising.

We disclose personal information only in the following limited circumstances:

• Service Providers: We share information with trusted third-party companies that perform services on our behalf, such as web hosting, authentication services, and payment processing. These providers are contractually obligated to protect your information and use it only for the purposes for which it was disclosed.
• Legal Compliance and Protection: We may disclose information if required by law, regulation, legal process (such as a subpoena or court order), or government request. We may also disclose information to protect the rights, property, or safety of Upresilience, our users, or the public.
• Business Transfers: In the event of a merger, acquisition, reorganization, or sale of assets, your personal information may be transferred as part of that transaction.

4. Cookies and Similar Technologies

Our Site uses cookies strictly for essential functionality and security.

• What We Use: We utilize first-party cookies managed by our authentication middleware (NextAuth) to manage your login session and protect the Site from security threats (e.g., CSRF attacks).
• What We Do Not Use: We do not use cookies for analytics, advertising, retargeting, or social media tracking. We also do not use tracking pixels or web beacons on our Site or in our emails.
• Managing Cookies: Because we only use strictly necessary cookies, we do not provide an on-site cookie preference banner. While you can block these cookies using your browser settings, doing so may prevent you from logging in or using the Site effectively.

For a detailed inventory of the cookies in use, please review our Cookie Policy.

5. Your Privacy Rights and Choices

We respect your control over your personal information. Depending on where you reside (such as California, Virginia, Colorado, Connecticut, Utah, or other U.S. states with comprehensive privacy laws), you may have specific rights regarding your personal information.

A. Rights Available to U.S. Residents

You may have the right to:

• Access/Know: Request information about the categories and specific pieces of personal information we have collected about you, the sources of the information, the purposes for collecting it, and the types of third parties with whom we share it.
• Deletion: Request that we delete personal information we have collected from you, subject to certain legal exceptions (e.g., if the information is necessary to complete a transaction or comply with a legal obligation).
• Correction: Request that we correct inaccuracies in your personal information.
• Non-Discrimination: You will not receive discriminatory treatment for exercising your privacy rights.

B. Sale, Sharing, and Targeted Advertising

Certain privacy laws define "sale" broadly, and "sharing" or "targeted advertising" often includes using cookies to track users across different websites for advertising purposes.

• Our Practices: Upresilience does not sell your personal information. We also do not "share" your information for cross-context behavioral advertising or engage in "targeted advertising" as defined by these laws.
• Opt-Out Mechanisms: Because we do not engage in selling or sharing, we do not provide a "Do Not Sell or Share My Personal Information" or "Your Privacy Choices" link on our Site. However, we commit to honoring recognized browser-level opt-out preference signals, such as Global Privacy Control (GPC), should our practices ever change.

C. How to Exercise Your Rights

To exercise your rights to Access, Deletion, or Correction, please contact us using the following methods. We do not require a specific form for these requests.

• Email: questions@upresilience.com
• Toll-free (US): +1‑855‑423‑2781

We will verify your request by matching the information you provide with the information we have on file. We will respond to your request within the timeframes required by applicable law (typically 45 days).

If you use an authorized agent to submit a request, we may require the agent to provide proof of authorization and may also require you to verify your identity directly with us.

6. Data Security

We implement robust technical, administrative, and physical security measures designed to protect your personal information from unauthorized access, use, disclosure, alteration, or destruction. We regularly review and update our security practices. However, no method of transmission over the Internet or electronic storage is 100% secure.

7. Data Retention

We retain personal information for as long as necessary to fulfill the purposes for which it was collected, provide our services, resolve disputes, enforce our agreements, and comply with legal obligations.

8. Children’s Privacy

Our Site and services are not directed to children under the age of 13 (or 16 in certain jurisdictions), and we do not knowingly collect personal information from children. If we become aware that we have inadvertently collected personal information from a child, we will take steps to delete it promptly.

9. Changes to this Policy

We will review and update this policy annually or as required by changes in our practices or legal requirements. When we make changes, we will update the “Last Updated” date at the top of this policy and communicate significant changes via our Site or directly to users if required by law.

10. Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us at:

Upresilience, Inc. 8831 Wonderland Park Avenue Los Angeles, CA, USA

Email: questions@upresilience.com Toll‑free (US): +1‑855‑423‑2781