Privacy · Your rights

Your rights over your information

Tibly caches third-party business contact information sourced from public construction records and licensed enrichment providers. If you are referenced in that data — or you simply want to confirm we are not holding any — use this form to exercise your rights under California's CCPA / CPRA, Colorado's CPA, Connecticut's CTDPA, Virginia's CDPA, the EU / UK GDPR, and other equivalent privacy laws.

What right would you like to exercise?

Access — show me what you haveGet a summary of every record we hold about your email, plus the sources we got each record from and the business purpose for keeping it.Delete — remove my recordsWipe every record we hold about your email and add your email to our internal do-not-resurface list so future enrichment does not re-introduce a record about you.Opt out of sale / sharingStop us from selling or sharing your personal information. We will not enrich, refresh, or surface new contact information about you going forward. Existing records (if any) remain — submit a deletion request to remove them as well.Correct a recordTell us about information we hold that is inaccurate. We will queue the request for human review and respond within the deadline set by your jurisdiction (45 days under CCPA / CPRA, one month under GDPR).

Email we may hold a record aboutThis is the email address we will sweep our caches for and send the confirmation link to. If you have multiple work emails, you may need to submit one request per address.Additional context (optional)

We confirm every request from the inbox first to make sure we are honoring a request from the actual person. Confirmation link expires in 14 days. Questions: privacy@tibly.ai.

What happens after you submit

1. You submit the form
We record the request in our audit log and send a verification link to the email you provided. The submission alone does nothing — we deliberately do not act before identity verification, to protect the data subject from a malicious deletion.
2. You click the verification link
The link is valid for 14 days. Clicking it runs the requested action immediately: delete sweeps every cache row keyed to your email and plants an opt-out marker; access counts the rows we hold and queues a human-compiled export; opt-out plants the suppression marker; correction queues for human review.
3. You get a confirmation email
We email you the result of the action with the row counts we found and what we did with them. Delete and opt-out are usually complete in seconds. Access and correction requests are completed within 45 days under CCPA / CPRA, or one month under GDPR (with a one-time extension allowed for complex cases).

What we hold about people who never signed up for Tibly

Tibly reads construction permits and similar public records to identify active projects. Where a permit lists a contractor or owner name, we may resolve that name to a business contact (job title, work email, work phone, LinkedIn URL, location) through a licensed enrichment provider — Apollo or Lusha. We cache the result so the same lookup performed by another customer does not require a second paid call. The cache lives in a table called revealed_contacts and is keyed by the normalized contractor / owner name.

We do not hold consumer-level information. The data we cache is the kind of business-card information you publish on a corporate biography page or LinkedIn profile.
We do not sell this data in the everyday sense of the word — we do not run an external API or list directory. Customers see it only after clicking 'Reveal contact' on a specific project in the product, and only the contacts we cached for that project's parties.
We are nonetheless registered, or in the process of registering, as a data broker in jurisdictions that require it (California, Vermont, Texas, Oregon). Public registrations are linked from our footer.
If you exercised a deletion right here and later see a Tibly customer contact you with information we previously held, please email us — we cannot un-cache copies a customer downloaded before the deletion, but we will follow up.

If we get this wrong

Email privacy@tibly.ai (or privacy@tibly.ai for EU / UK requests) with the request ID from your confirmation email. You can also lodge a complaint directly with the regulator in your jurisdiction — in California that's the California Privacy Protection Agency, in the EU / UK it's your local data protection authority.