Statura Intelligence
Privacy Policy
Last updated: May 25, 2026 · Effective date: June 5, 2026
1. Introduction
This Privacy Policy explains how LegisTrack LLC, a Florida limited liability company doing business as "Statura" ("Statura," "we," "us," or "our"), collects, uses, shares, and protects information in connection with the Statura platform, websites, and related services (the "Service").
Statura is a business-to-business legislative, lobbying, and budget intelligence platform built for organizations in Florida and beyond. The Service is intended for organizations and the professionals who use it on their behalf. This Policy applies to information we process about our customers, the individuals who use the Service on a customer's behalf ("Users"), and visitors to our websites.
This Policy is incorporated into our Terms of Service. Capitalized terms not defined here have the meaning given in the Terms.
A note on roles. For most of the information inside a customer's workspace ("Customer Data"), Statura acts as a service provider / processor that handles data on the customer's behalf and under its instructions; the customer is the controller. For account, billing, security, and usage information, Statura acts as a controller. Where Statura is a processor, the customer's own privacy notices also govern how that customer handles the data.
2. Information We Collect
2.1 Account and identity information. When you register and set up an Account, we collect your name, business email address, business phone number (including a mobile number if you opt in to SMS notifications), business affiliation, role and seniority, and a hashed password or authentication identifiers.
2.2 Workspace configuration. The Service personalizes itself to each organization through a guided onboarding process. Depending on what you choose to provide, this can include your organization's legal name and any DBA, geographic footprint, headquarters and other operating addresses, organization size and revenue range, the industries and policy issues you care about, keywords you want monitored, bills and regulatory dockets you track, lobbyists you retain, PACs you contribute to, competitors and stakeholders you watch, your notification preferences, time zone, and quiet hours. It also includes the AI-personalization inputs you provide: a free-text description of the government activity that affects your organization, optional samples of your past communications (used to match your tone), concerns you want flagged, positions you want avoided, and any names or entities you want excluded from alerts.
2.3 Usage data. We automatically collect technical and usage information when you use the Service, including IP address, device and browser type, pages and features used, actions taken, and timestamps, together with log and diagnostic data used to operate and secure the Service.
2.4 Payment information. Payments are processed by Stripe, Inc. Statura does not collect or store your full payment-card number. We receive limited billing metadata from Stripe (such as the card brand, last four digits, billing contact, and transaction status) to manage your Subscription.
2.5 Communications. We process the emails and SMS messages we send to you, and your support and sales communications with us.
2.6 Public records and public-source data. The Service ingests information from government and other public sources: legislative, budget, contract, lobbying, regulatory, and news data ("Public Records Data"). This information originates with third parties and government bodies and is not personal information that we collect about you. It may, however, include the names and official activities of public officials, lobbyists, and others as they appear in public records.
2.7 Cookies and similar technologies. We use a limited set of essential and functional cookies and similar technologies, as described in Section 9.
3. How We Use Information
We use the information described above to:
- Provide and operate the Service: create and maintain your Account and Workspaces, authenticate Users, and deliver the features you subscribe to;
- Personalize AI generations: use your workspace configuration and AI-personalization inputs as context so that the briefs, summaries, scores, and alerts generated within your Workspace are relevant to your organization;
- Process payments: bill your Subscription and manage trials, renewals, taxes, and any applicable processing fees through Stripe;
- Send notifications and communications: deliver the email digests and alerts you configure (via Resend) and the SMS alerts you opt in to (via Twilio), respond to support requests, and send service and, where permitted, marketing messages;
- Maintain, secure, and improve the Service: monitor performance, prevent fraud and abuse, debug, and develop new features (using aggregated or de-identified data where feasible); and
- Comply with law and enforce our agreements: meet legal obligations, respond to lawful requests, and protect the rights, safety, and property of Statura, our customers, and the public.
Data retention. We retain personal information for as long as your Account is active and as needed to provide the Service. After your Account closes, we retain personal information only as needed to comply with legal, tax, accounting, and regulatory obligations, to resolve disputes, and to enforce our agreements; routine backups are overwritten on our normal cycle. We may keep aggregated or de-identified data indefinitely. See Section 8 for deletion rights.
4. What We Will Never Do
4.1 We will never sell your data. Statura will never sell your personal information or your Customer Data to third parties. We do not participate in advertising networks, we do not work with data brokers, and we do not engage in any sale or "sharing" of personal information for cross-context behavioral advertising. We have no advertising business.
4.2 We do not train third-party AI models on your data. We do not use your AI-personalization inputs or your Customer Data to train third-party or foundation AI models. Your personalization inputs are used only as context to generate output within your own Workspace.
4.3 We do not expose your data to other customers. We do not share customer-identified data with other Statura customers. Workspaces are logically isolated from one another (see Section 6).
5. How We Share Information
We share information only as described below.
5.1 Service providers (subprocessors). We share information with vetted vendors who process data on our behalf to operate the Service. Each is engaged under terms that require appropriate confidentiality and security and limit use of the data to providing services to us.
| Subprocessor | Purpose | Data involved |
|---|---|---|
| Supabase | Database, authentication, and file storage | Account data, Customer Data, uploaded files |
| Vercel | Application hosting, serverless functions, scheduled jobs | Usage and log data, data in transit |
| Anthropic, PBC | AI text generation, summarization, and extraction | Workspace context and content submitted to AI features |
| Resend | Transactional and notification email delivery | Email addresses, message content |
| Twilio | SMS notification delivery | Mobile numbers (opt-in), message content |
| Stripe, Inc. | Payment processing | Billing and payment-method data |
| OpenFreeMap + U.S. Census Bureau | Basemap tiles and address geocoding | Map viewport and address/location data used for lookups |
| Firecrawl | Collection of public web/government data | Public-source data (not your personal data) |
| Railway | Document/PDF text extraction compute | Public documents and extracted text |
We maintain a current list of subprocessors and will update it as our vendors change. You may request the current list at privacy@statura.app.
5.2 SMS data. Mobile phone numbers you provide for SMS alerts are used only to deliver the notifications you opt in to. We do not share mobile numbers with third parties for their marketing, and your SMS consent is not shared with third parties. You can opt out at any time by replying STOP or adjusting your settings. Message and data rates may apply.
5.3 Legal and safety disclosures. We may disclose information if we believe in good faith that it is necessary to comply with a law, regulation, subpoena, court order, or other lawful request; to enforce our agreements; or to protect the rights, property, or safety of Statura, our customers, or others. Where permitted by law, we will give the affected customer notice of a legal demand for its Customer Data.
5.4 Government-customer public-records obligations. Statura is a private company and is not itself a public agency subject to Chapter 119, Florida Statutes. However, a government-entity customer may itself be subject to public-records law, and information that such a customer places in the Service may be subject to disclosure by that customer under the laws that apply to it. Government-entity customers remain responsible for their own public-records compliance.
5.5 Business transfers. If Statura is involved in a merger, acquisition, financing, or sale of assets, information may be transferred as part of that transaction, subject to this Policy or a successor policy with comparable protections. We will provide notice of any material change in how your information is handled.
5.6 Aggregated or de-identified data. We may create and use aggregated or de-identified data that does not identify you or any individual for analytics, benchmarking, and Service improvement.
6. Data Security
We maintain administrative, technical, and physical safeguards designed to protect information, consistent with the Florida Information Protection Act (Section 501.171, Florida Statutes). These include:
- Encryption in transit and at rest for data we store and transmit;
- Workspace isolation using row-level security so that each Workspace's data is segregated and accessible only to authorized Users of that Workspace;
- Access controls and least-privilege practices for our personnel, with audit logging of sensitive operations; and
- Subprocessor security commitments, with vendors selected in part for their security posture.
No method of transmission or storage is completely secure, and we cannot guarantee absolute security. You are responsible for keeping your credentials confidential and for configuring User access appropriately.
7. Data Breach Notification
Consistent with the Florida Information Protection Act (Section 501.171, Florida Statutes), if we determine that a breach of security has compromised personal information, we will:
- Notify affected individuals without unreasonable delay and no later than 30 days after determining that a reportable breach has occurred, except where a delay is permitted to determine scope, restore integrity, or at the request of law enforcement;
- Notify the Florida Department of Legal Affairs if a breach affects 500 or more Florida residents, within 30 days of determination (with up to a 15-day extension for good cause provided in writing, as the statute allows); and
- Where Statura acts as a third-party agent on behalf of a covered entity, notify that covered entity as expeditiously as practicable and no later than 10 days after determination, so the covered entity can meet its own obligations.
Notices will include the information required by applicable law. These are real commitments and obligations under Florida law.
8. Your Privacy Rights
We extend the following rights to all of our customers and Users as a matter of practice, modeled on the Florida Digital Bill of Rights and comparable laws, regardless of whether a particular law applies to your situation:
- Access: request a copy of the personal information we hold about you;
- Correction: request that we correct inaccurate information;
- Deletion: request that we delete your personal information (subject to the legal-retention carve-outs below);
- Portability: request an export of your data in a commonly used, machine-readable format; and
- Opt out of marketing: unsubscribe from marketing emails (via the link in each message) and opt out of SMS (by replying STOP).
How to exercise. Many of these controls are available directly in your account settings. You may also contact us at privacy@statura.app. We will respond within the time required by applicable law (generally within 30 to 45 days) and may need to verify your identity first. We will not discriminate against you for exercising these rights.
Deletion carve-outs. We may retain information as needed to comply with legal, tax, or regulatory obligations; to resolve disputes and enforce agreements; in routine backups overwritten on our normal cycle; and as aggregated or de-identified data. Where Statura processes data on behalf of a customer, requests from that customer's individuals may be directed to the customer as the controller.
9. Cookies and Tracking
We use only essential and functional cookies and similar technologies: for authentication and session management, security, load balancing, and remembering your preferences. We do not use third-party advertising cookies, and we do not sell data to ad networks. We use privacy-respecting, aggregate analytics to understand and improve Service performance.
Do Not Track and opt-out preference signals. Because we do not sell or share personal information, our practices do not change in response to "Do Not Track" or Global Privacy Control signals; where a law requires us to honor a recognized opt-out preference signal, we will do so. You can control cookies through your browser settings; disabling essential cookies may impair the Service.
10. California Resident Rights
If you are a California resident, the California Consumer Privacy Act, as amended by the California Privacy Rights Act (CCPA/CPRA), gives you rights to know, access, correct, and delete your personal information, to opt out of the "sale" or "sharing" of personal information, and to limit the use of sensitive personal information, along with a right to non-discrimination for exercising these rights. We extend these rights to California residents regardless of whether we meet the statute's "business" thresholds.
We do not sell or share your personal information as those terms are defined under the CCPA/CPRA, and we have not done so in the preceding 12 months. We do not use or disclose sensitive personal information for purposes that would require a "limit the use" option, and we honor recognized opt-out preference signals where the law requires.
To exercise your rights, contact privacy@statura.app. You may use an authorized agent, and we will verify requests as permitted by law.
11. International Users
The Service is intended for use by organizations in the United States, with a primary focus on Florida. We store and process information in the United States. The Service is not directed to individuals in the European Economic Area, the United Kingdom, or other jurisdictions outside the United States, and availability outside the United States is limited.
If you access the Service from outside the United States, you understand that your information will be processed in the United States, where data-protection laws may differ from those in your location, and you consent to that processing. Where the EU/UK General Data Protection Regulation applies to a specific engagement, we will process personal data on the legal bases of performance of a contract, our legitimate interests in operating the Service, and consent where required, and we will honor the access, correction, deletion, portability, and objection rights those laws provide.
12. Children's Privacy
The Service is a business product intended for users who are at least 18 years old. It is not directed to children, and we do not knowingly collect personal information from anyone under 13 in violation of the Children's Online Privacy Protection Act (COPPA). If you believe a child has provided us personal information, contact us at privacy@statura.app and we will delete it.
13. Changes to This Policy
We may update this Policy from time to time. For material changes, we will provide at least 30 days' notice by email to the address associated with your Account or by an in-product notice, and we will update the "Last updated" date above. Your continued use of the Service after the change takes effect constitutes acceptance of the updated Policy.
14. Contact Us
Questions, requests, or privacy concerns:
LegisTrack LLC d/b/a Statura
Privacy: privacy@statura.app
Legal: legal@statura.app
Mailing address available on request at privacy@statura.app.
© 2026 LegisTrack LLC d/b/a Statura. All rights reserved.