Privacy Policy

Effective: March 30, 2026

1. Introduction

ValiFit, Inc. ("ValiFit," "we," "our," or "us") operates the ValiFit platform at valifit.com. This Privacy Policy explains what information we collect, how we use it, who we share it with, and your rights regarding your data. By using our Service, you agree to the collection and use of information as described in this policy.

We are committed to protecting your privacy and handling your data responsibly. We do not sell your personal data. We do not use data for discriminatory purposes. Our scoring methodology measures infrastructure investment, not demographics, in full compliance with the Fair Housing Act (FHA).

2. Information We Collect

2.1 Information You Provide Directly

  • Account information: Name, email address, phone number when you create an account or sign in.
  • Property search queries: Addresses, cities, and ZIP codes you search for.
  • Intake preferences: Budget range (minimum and maximum), desired bedrooms and bathrooms, property types, commute destinations and maximum commute time, community setting preference (urban/suburban/rural), timeline for purchase or rental, deal breakers (e.g., no flood zone, no HOA), and lifestyle priorities ranked by importance (affordability, commute, schools, safety, healthcare, livability, appreciation, environment).
  • Financial readiness indicators: Pre-approval status (pre-approved, pre-qualified, cash buyer, or not yet), mortgage type preference (conventional, FHA, VA, USDA), and down payment percentage. These are collected as behavioral readiness signals to help agents understand where you are in the buying process. We label this "Buyer Preparedness" — it measures process completion, not financial profile.
  • Household information: Household type (solo, couple, family, roommates, multi-generational), household members (age and role), pets, and household income. Important: This data is collected for your own property reports only. It is firewalled from the lead matching engine and is never shared with agents, used in matching algorithms, or visible to any third party before you explicitly approve a connection.
  • Payment information: Processed securely by Stripe. We do not store full credit card numbers.
  • Agent profile information: For real estate professionals: license number and state, brokerage name and address, years of experience, specialties, service area declarations (municipalities and counties), bio, certifications, and profile photo.

2.2 Information Collected Automatically

  • Device information (browser type, operating system, screen resolution)
  • Usage data (pages visited, features used, search frequency)
  • IP address and approximate geographic location
  • Cookies and session identifiers (see Section 9)
  • Intake completeness percentage (calculated from the number of preference fields you have filled out)
  • Last activity date (used to determine if your profile is stale — see Section 5.2)

3. How We Use Your Information

3.1 Property Intelligence Reports

We use your search queries and intake preferences to generate personalized property intelligence reports containing 696+ data points per address from 32 federal and state sources. Your Fit Score (0-100) is calculated based on how well a property or town matches the priorities you ranked in your intake.

3.2 Two-Sided Lead Matching

ValiFit operates a two-sided matching system. Buyers provide their preferences through our intake process. Real estate agents list their properties and declare their service markets. Our algorithm scores every buyer-listing combination based on objective, preference-weighted criteria (budget alignment, bedroom/bathroom match, property type, location, timeline, and buyer preparedness). This is described below in detail.

3.3 What Agents See Before You Approve

When an agent runs a match against their listing, they see an anonymized summary of your preferences:

  • Budget range (rounded to nearest $50,000)
  • Bedroom and bathroom requirements
  • Timeline (e.g., "1-3 months")
  • Buyer Preparedness status (e.g., "Pre-Approved")
  • Top 3 ranked priorities (e.g., "Schools, Safety, Commute")
  • Activity status (active, recent, or stale)
  • Fit Score for the listing

Agents do NOT see: Your name, email, phone number, household composition, household income, credit score range, or any personally identifiable information until you explicitly approve a connection.

3.4 What Happens When You Approve a Connection

When an agent sends you an introduction and you approve it, the following occurs:

  • The agent receives your name, email address, and phone number.
  • The agent receives your full (non-household) preference profile: budget, bedrooms, bathrooms, property types, commute details, deal breakers, top priorities, and setting preference.
  • A connection is established. The agent has 4 hours to send their first message or the connection expires automatically.
  • You may decline or block an agent at any time. Declinations are invisible to the agent — they are never notified that you declined.

Household data (household type, members, income, pets) is never shared with agents, even after you approve a connection.

3.5 Credit Economy

Agents use a credit-based system to access buyer profiles. Credits are spent to reveal anonymized preferences (2 credits) and to send introductions (5 credits). Credits buy access to your anonymized profile — they do not buy priority placement. The order in which agents appear in your daily digest is determined solely by match score. No agent can pay to appear first.

3.6 Automated Decision-Making

ValiFit uses automated scoring to match buyers with listings and agents. Specifically:

  • Match Score (0-125): Calculated from budget alignment (40 points), bedroom match (20), bathroom match (15), property type (15), location (10), timeline urgency (0-10), buyer preparedness (0-10), and recency (0-5). All factors are derived from your self-reported intake preferences.
  • Hot Lead designation: Based on behavioral signals only — ASAP timeline, pre-approved or cash status, active within 7 days, and intake at least 80% complete. Budget size, income, and credit score are never used in the hot lead calculation.
  • Buyer Responsiveness Score: Measures your binary response rate (did you respond to introductions within 24 hours, yes or no). Used to ensure agents are matched with engaged buyers. If your response rate falls below 30% after 5+ introductions, your profile may be deprioritized in distribution.
  • Agent Quality Score: Measures agent responsiveness, buyer acceptance rate, follow-through, listing activity, tenure, and buyer feedback. Used to determine distribution priority within a market. Scores are relative to each agent's market cohort, not global.
  • Intake Completeness Gate: Buyers must complete at least 80% of intake fields to enter the matching pool. Partial profiles are not shared with agents.

You may request a human review of any automated decision that significantly affects your access to agents or listings by contacting us at [email protected].

3.7 Distribution Caps and Buyer Protection

  • A maximum of 3 agents may connect with any one buyer per calendar month.
  • A maximum of 2 agents from the same brokerage may connect with any one buyer per calendar month.
  • Connections that fail (agent does not respond within SLA windows) do not count against your monthly cap.
  • You may pause matching at any time (hidden for 30 days) or permanently close your profile ("I found a home").
  • You may block any agent permanently.

3.8 Notifications

We send the following email notifications:

  • Daily digest (buyers): Sent at 9 AM local time, containing pending agent introductions. Maximum 5 per week (configurable).
  • Connection alerts (agents): Sent when a buyer approves an introduction.
  • Re-engagement emails: Sent at 75 days if your intake has not been updated, asking if you are still looking.
  • Transactional emails: Account creation, subscription confirmation, payment receipts.

All marketing and digest emails include an unsubscribe link. We do not send SMS notifications without your prior express written consent.

3.9 Other Uses

  • Process payments and manage subscriptions
  • Improve our scoring methodology and platform features
  • Ensure platform security and prevent fraud
  • Detect and prevent template-based spam outreach by agents
  • Enforce SLA (service level agreement) clocks on agent-buyer connections

4. Information Sharing and Third-Party Services

4.1 Sharing with Agents

Your data is shared with real estate agents only after you explicitly approve an introduction. Before approval, agents see anonymized preference summaries with no personally identifiable information. After approval, agents receive your name, email, phone, and non-household preference data. Household composition, income, and credit score range are never shared with agents.

4.2 Agent Codes and Attribution

If you visit ValiFit through an agent's referral code (e.g., VF-XXXX), we record which agent referred you for analytics purposes only. The referring agent does not receive any economic benefit in the matching pipeline (no free reveals, no priority distribution). Agent codes are used strictly for attribution tracking.

4.3 Third-Party Service Providers

  • Stripe: Payment processing. Stripe receives your payment information directly and is governed by their own Privacy Policy.
  • Resend: Email delivery. Receives your email address to deliver transactional and marketing emails on our behalf.
  • Vercel: Hosting, analytics, and infrastructure. Our platform runs on Vercel's servers. Vercel Analytics collects anonymized page view data.
  • Google Cloud Platform: Database hosting. Your data is stored in a PostgreSQL database hosted on Google Cloud SQL in the United States.
  • Cloudflare: CDN and DDoS protection. Cloudflare may process your IP address for security purposes.

4.4 Government Data Sources

Our reports aggregate publicly available data from federal and state agencies including the U.S. Census Bureau, NCES, FBI UCR, FEMA, EPA, HUD, HRSA, Redfin, USGS, and county assessor records. No personal data is shared with these agencies.

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

5. Data Retention

5.1 Retention Periods

  • Account data: Retained for the duration of your account plus 30 days after deletion.
  • Property search history: Retained for 24 months from the date of search.
  • Intake preferences: Retained for 24 months or until you request deletion.
  • Payment records: Retained for 7 years as required by tax and financial regulations.
  • Connection records: Agent-buyer connection history retained for 24 months.
  • Credit transaction ledger: Retained for 24 months from the billing cycle.
  • Usage analytics: Aggregated and anonymized after 12 months.

5.2 Stale Intake Decay

If your intake has not been updated or confirmed in 90 days, your profile is automatically hidden from the matching pool. You will receive a "still looking?" email at 75 days. If you do not respond within 14 days, your profile becomes dormant. Dormant profiles reactivate immediately upon login and confirmation. Your data is not deleted — only your visibility in the matching pool is suspended.

6. Your Rights

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate or incomplete data.
  • Deletion: Request deletion of your personal data, subject to legal retention requirements.
  • Opt-out of matching: Set your matching visibility to "hidden" at any time from your settings. You may also permanently close your profile.
  • Block agents: Permanently block any agent from contacting you.
  • Opt-out of emails: Unsubscribe from marketing and digest emails at any time via the link in any email.
  • Data portability: Request your data in a structured, machine-readable format.
  • Withdraw consent: Where processing is based on consent, you may withdraw it at any time.
  • Human review: Request human review of any automated decision affecting your access to agents or listings.

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days (45 days for complex requests, with notice).

7. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):

  • Right to know: You may request details about the categories and specific pieces of personal information we have collected about you in the past 12 months, the sources of that information, the business purposes for collection, and the categories of third parties with whom we share it.
  • Right to delete: You may request deletion of your personal information, with certain exceptions (e.g., legal compliance, completing transactions).
  • Right to correct: You may request correction of inaccurate personal information.
  • Right to opt-out of sale/sharing: We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising. If this changes, we will provide a "Do Not Sell or Share My Personal Information" link.
  • Right to limit use of sensitive personal information: To the extent we process sensitive personal information (financial information, precise geolocation), we use it only for the purposes disclosed in this policy.
  • Right to non-discrimination: We will not discriminate against you for exercising your CCPA/CPRA rights.
  • Automated decision-making: You have the right to opt out of automated decision-making technology that produces legal or similarly significant effects. Our matching algorithm determines which agents can see your anonymized profile. You may opt out by setting your visibility to "hidden."

To make a CCPA/CPRA request, email [email protected] with the subject line "CCPA Request." We may verify your identity before processing your request. You may also designate an authorized agent to make a request on your behalf.

8. Additional State Privacy Rights

If you are a resident of Colorado, Connecticut, Delaware, Indiana, Iowa, Kentucky, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, or Virginia, you may have additional privacy rights under your state's comprehensive privacy law. These generally include rights to access, correct, delete, and port your data, and to opt out of targeted advertising and profiling.

We apply California-level protections to all users nationwide. To exercise any state-specific privacy rights, contact us at [email protected].

9. Cookies and Tracking

  • vf_session: Authentication session cookie. Essential for keeping you signed in. HMAC-signed for security. Expires after 30 days or when you log out.
  • Stripe cookies: Set by Stripe during payment processing for fraud prevention.
  • Vercel Analytics: Collects anonymized, privacy-friendly page view data. No personally identifiable information is transmitted.
  • Vercel Speed Insights: Collects anonymized Core Web Vitals performance data (page load times).

We do not use third-party advertising cookies, tracking pixels, or behavioral advertising networks. We do not participate in cross-site tracking.

10. Data Security

  • Encryption in transit (TLS/HTTPS) for all data transmission.
  • Encryption at rest for stored personal data (Google Cloud SQL).
  • Content Security Policy (CSP) headers with per-request nonces to prevent XSS attacks.
  • HMAC-SHA256 signed session tokens to prevent cookie tampering.
  • Rate limiting on all API endpoints to prevent abuse.
  • Transactional database operations with row-level locking for credit system integrity.
  • Match tokens (used to reveal buyer profiles) are cryptographically signed and expire after 24 hours.

No method of electronic storage or transmission is 100% secure. While we strive to protect your data, we cannot guarantee absolute security. If you become aware of a security vulnerability, please contact us immediately at [email protected].

11. Fair Housing Act Compliance

ValiFit is designed in full compliance with the Fair Housing Act (FHA). Our data practices include:

  • Scoring methodology: All composite scores (school investment, safety infrastructure, environmental safety, healthcare access, livability, appreciation, commute, affordability) measure publicly available infrastructure investment data, not demographic outcomes. School scores use per-pupil spending and student-teacher ratios from NCES, not test scores or school ratings that correlate with racial composition. Safety scores use police/fire/EMS staffing ratios, not crime statistics.
  • Household data firewall: Household type, household members (age/role), household income, and pets are collected for the buyer's own property reports only. This data is never passed to the matching algorithm, never visible to agents before or after connection, and never used in scoring or lead distribution. Matching uses functional equivalents: bedroom count and bathroom count.
  • No protected characteristics: Race, color, religion, sex (including gender identity and sexual orientation), national origin, familial status, and disability are never collected, inferred, proxied, or used anywhere in our matching, scoring, or distribution systems.
  • Buyer Preparedness: We use pre-approval and pre-qualification status as a behavioral readiness signal (measuring process completion), not as a financial profile or proxy for protected characteristics. This is labeled "Buyer Preparedness," not "financial readiness."
  • Hot lead designation: Determined by behavioral signals only (ASAP timeline, pre-approved/cash status, active within 7 days, intake 80%+ complete). Budget size, income, and credit score are explicitly excluded from the hot lead calculation.
  • Agent Quality Score: Scored relative to each agent's market cohort, not globally, to prevent systematic disadvantage for agents serving lower-volume markets.
  • Neutral ordering: Agent introductions in buyer digests are ordered by match score. No agent can pay for priority placement. Credits buy access to profiles, never position.

12. Real Estate Settlement Procedures Act (RESPA)

ValiFit charges a flat monthly subscription fee ($99.99/month at launch, $149.99/month standard) for access to our lead matching platform. This fee is not conditioned on the volume of referrals, the number of closed transactions, or any transaction outcome. We do not collect referral fees, commission splits, or success-based fees. We do not require a real estate broker's license under this model because we provide a marketing and lead generation service for a flat fee, not a referral arrangement.

Agent referral codes (VF-XXXX) are used for attribution tracking only and provide no economic benefit in the matching pipeline. Credits buy access to buyer profiles — they do not buy priority placement or favorable ordering in buyer-facing communications.

13. NAR Settlement Compliance

ValiFit does not display, aggregate, or use MLS data to show offers of compensation from multiple brokers. Our matching is based on buyer preferences and agent specializations, not commission rates. Our platform does not trigger the written buyer agency agreement requirement — that obligation applies when an agent shows a buyer a home, not when a platform facilitates an introduction. We remind agents after each approved connection: "You must obtain a signed buyer agency agreement before showing properties to this buyer."

14. International Users (GDPR)

ValiFit is based in the United States and primarily serves U.S. users. If you access our Service from outside the United States, your data will be transferred to and processed in the United States. We respect international privacy standards, including the principles of the GDPR. If you are located in the EU/EEA, you have the right to access, rectify, port, and erase your data, and to restrict and object to certain processing. Contact us at [email protected] to exercise these rights.

15. Children's Privacy

ValiFit is not intended for use by anyone under the age of 18. We do not knowingly collect personal information from children. If we learn that we have collected data from a child under 18, we will delete it promptly.

16. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or in-app notice at least 14 days before taking effect. The "Effective" date at the top of this page indicates when the policy was last revised. Continued use of the Service after changes constitutes acceptance of the updated policy.

17. Contact Us

If you have questions about this Privacy Policy, wish to exercise your data rights, or need to report a privacy concern, contact us at:

Email: [email protected]

ValiFit, Inc.

ValiFit, Inc. · Terms of Service · Contact

ValiFit - Know Before You Go | Real Estate Intelligence