← Back to App Terms of Service

Privacy Policy

This Privacy Policy describes how Report Shield ("Company," "We," "Us," or "Our") collects, uses, stores, and protects information in connection with the Report Shield platform and services ("Service") available at reportshield.app. This Policy applies to all users of the Service ("User," "You," or "Officer").

By accessing or using the Service, you acknowledge that you have read and understood this Privacy Policy and consent to the data practices described herein.

ZERO RETENTION COMMITMENT: Report Shield does not store, retain, log, or transmit report text or narrative content submitted by officers for analysis. Report content is processed in real time and is not written to any database, file, or persistent storage at any point. This is a core design principle of the Service.

1. Information We Collect

We collect only the minimum information necessary to operate and improve the Service. The following categories of information are collected:

Category	What We Collect	Why We Collect It
Account Information	Email address, full name, agency or department name	To create and manage your account and verify your identity
Authentication Data	Encrypted password credentials, MFA enrollment data, session tokens	To authenticate your identity and maintain session security
Subscription Data	Subscription plan, approval status, account creation date	To manage access to the Service and process billing
Payment Information	Payment processing is handled entirely by Stripe. We do not collect or store credit card numbers, bank account details, or other financial data.	To process subscription payments
Usage Data	Session activity, feature usage patterns, error logs	To maintain and improve the Service

2. Report Content — Zero Retention Policy

Report Shield is built on a zero retention architecture with respect to report content. Specifically:

Report text and narrative content submitted by officers for analysis is transmitted directly to an AI processing endpoint and is not stored, logged, or retained by Report Shield at any point.
AI analysis results are returned to the officer's browser session only and are not stored on our servers.
Session history displayed within the application exists only in the officer's browser memory for the duration of the active session and is permanently deleted when the browser is closed.
We do not create a record of what reports were submitted, what their content was, or what analysis was returned.
We do not sell, share, or transmit report content to any third party for any purpose.

IMPORTANT: While Report Shield does not retain report content, the AI processing service used to analyze reports (Anthropic) has its own data handling policies. Users should review Anthropic's privacy policy at anthropic.com. Report Shield has configured its API usage to request zero data retention from Anthropic where available.

3. How We Use Your Information

We use the information we collect for the following purposes only:

To create, authenticate, and manage your user account
To process and manage your subscription and payments through Stripe
To communicate with you regarding your account, including password resets and access notifications
To enforce these Terms of Service and our acceptable use policies
To maintain the security and integrity of the Service
To comply with applicable legal obligations

We do not use your information for advertising, do not sell your information to third parties, and do not use your information for any purpose beyond those listed above.

4. Third-Party Service Providers

We use the following third-party service providers to operate the Service. Each provider has been selected for reliability and appropriate data handling practices:

Provider	Purpose	Data Shared
Supabase	Authentication and user account database	Email address, encrypted credentials, account metadata
Anthropic	AI report analysis processing	Report text submitted for analysis (not retained per zero retention policy)
Stripe	Payment processing	Payment information (handled directly by Stripe — we do not receive or store card data)
Vercel	Application hosting and delivery	Standard web server logs including IP addresses
Resend	Transactional email delivery	Email address, for sending account-related emails only
hCaptcha	Bot protection on login	Browser interaction data for bot detection

5. Data Security

We implement the following security measures to protect your information:

All data is transmitted over encrypted HTTPS connections
Multi-factor authentication (MFA) is required for all user accounts
Authentication tokens are stored with appropriate security controls and expire after periods of inactivity
Row Level Security (RLS) policies prevent unauthorized access to user data
Content Security Policy (CSP) headers protect against cross-site scripting attacks
Automatic session timeout after 30 minutes of inactivity
Bot protection on all authentication endpoints via hCaptcha

While we implement industry-standard security measures, no system is completely immune to security risks. We encourage users to maintain strong passwords and to report any suspected security issues to support@reportshield.app immediately.

6. Data Retention

We retain account information for as long as your account remains active. Upon account deletion:

Your user profile and account metadata will be deleted from our systems
Your email address will be removed from our active user database
Payment history may be retained by Stripe in accordance with their data retention policies and applicable financial regulations

As stated in Section 2, report content is never stored and therefore there is no report content to delete upon account termination.

7. Your Rights

You have the following rights with respect to your personal information:

Access: You may request a copy of the personal information we hold about you
Correction: You may request correction of inaccurate personal information
Deletion: You may request deletion of your account and associated personal information
Portability: You may request your account information in a portable format

To exercise any of these rights, contact us at support@reportshield.app. We will respond to all requests within thirty (30) days.

8. Law Enforcement and Legal Requests

We may disclose user account information (not report content, which is not retained) in response to valid legal process, including court orders, subpoenas, or other legal requirements. We will notify affected users of any such request to the extent permitted by law. We do not voluntarily provide user information to law enforcement agencies absent legal compulsion.

9. Children's Privacy

The Service is intended solely for use by law enforcement professionals and is not directed at individuals under the age of 18. We do not knowingly collect personal information from minors. If we become aware that a minor has provided personal information, we will take steps to delete such information promptly.

10. Changes to This Policy

We reserve the right to update this Privacy Policy at any time. Updated policies will be posted at reportshield.app/privacy.html with an updated effective date. We will notify active users of material changes via email. Continued use of the Service following notification of changes constitutes acceptance of the updated Policy.

11. Contact Us

For questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Report Shield
reportshield.app
support@reportshield.app