Afora Privacy Policy
Effective date: July 10, 2026 · Last updated: July 10, 2026
Afora LLC ("Afora," "we," "us") provides a back-office platform for residential real-estate brokerages: email triage and drafting, receipt and expense processing, bank-transaction feeds, and accounting exports. This policy explains what data we handle, how we use it, and the choices you have. It is written to be read; if anything is unclear, email privacy@aforademo.com and we will answer plainly.
This policy is incorporated into our Terms of Service. Our Security page describes how we protect data; our Subprocessor list names every vendor that touches customer data.
1. Who this policy covers, and our two roles
We handle personal information in two distinct roles:
- Data we collect directly (Afora as controller). Account and contact information for the people who sign up for and use Afora — brokerage staff, agents, and administrators.
- Data we process on behalf of brokerage customers (Afora as processor / service provider). When a brokerage connects its email, bank accounts, or accounting workflows, we process the data inside those systems — including email correspondents' information (for example, buyers, sellers, vendors, and other third parties), transaction records, and agent commission data — solely on the brokerage's instructions. For this data, the brokerage's own privacy policy governs. If you are a client or correspondent of a brokerage that uses Afora, direct privacy requests to that brokerage; we will assist it in responding.
2. Information we collect
| Category | Examples | Source |
|---|---|---|
| Account & contact data | Name, work email, role, brokerage affiliation, authentication identifiers | You, via signup (authentication is provided by Clerk) |
| Email data | The contents of emails and attachments, message metadata, folder/label structure, contact names and addresses appearing in mail | Your Gmail or Microsoft 365 account, only after you connect it via OAuth |
| Linked bank data | Transaction descriptions, amounts, dates, merchant details, account balances, and account/routing identifiers for accounts the brokerage connects | The brokerage's financial institutions, via our bank-connectivity provider (see Section 7) |
| Receipts & expense data | Receipt images you upload, extracted merchant/amount/date fields, expense coding, approval history | You / brokerage staff |
| Usage & log data | Pages viewed, actions taken, device/browser type, IP address, error logs | Automatic |
We do not collect: bank login credentials (we never see them — Section 7), biometric data, precise geolocation, or data about children. Afora is a business tool and is not directed at anyone under 18.
3. How we use information
We use data only to provide and secure the service. Each purpose maps to a feature you can see:
- Triage, summarize, and draft responses to email in your connected inbox.
- Extract data from receipts and code expenses for approval.
- Import and categorize bank transactions for the brokerage's expense workflow.
- Prepare accounting exports (for example, batch files for the brokerage's accounting system).
- Operate, secure, debug, and improve the service (rate limiting, fraud and abuse detection, error diagnosis).
- Communicate with you about the service.
We do not use your data for advertising of any kind, and we do not sell personal information — to anyone, for anything.
4. Artificial intelligence and machine learning
Afora uses large language models to power specific, visible features: email triage and summarization, email drafting, receipt data extraction, and expense-coding suggestions.
- Provider. AI processing is performed by Anthropic (Claude), under Anthropic's Commercial Terms of Service. Anthropic does not train its models on data submitted through Afora, and under its standard commercial terms deletes API inputs and outputs from its backend within 30 days (content flagged by Anthropic's automated safety systems may be retained longer under its terms).
- No training. We do not use your data — email content, receipts, transactions, or anything else — to train AI models, and our agreements with AI providers prohibit them from doing so.
- Human review. AI outputs in Afora are drafts and suggestions. Nothing is sent to a client or posted to an accounting system without review and approval by a person at your brokerage.
- Tenant isolation. AI processing for one brokerage uses only that brokerage's data. One customer's data is never used in another customer's AI features.
- Disclosure. Where AI-assisted content is presented to an individual (for example, a drafted email), Afora provides a mechanism to identify it as AI-assisted.
5. Email data — Google and Microsoft commitments
Connecting an inbox is optional and uses OAuth: you grant access from your Google or Microsoft account, and you (or your admin) can revoke it at any time from your provider's security settings or from within Afora.
Google. Afora's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. In particular:
- We use Gmail data only to provide and improve the user-facing features described in Section 4 — never for advertising, and never to determine creditworthiness or for lending purposes.
- We do not transfer Gmail data to third parties except to provide or improve those features (see our subprocessor list), for security purposes, to comply with applicable law, or as part of a merger or acquisition with notice to you.
- We do not use Gmail data to develop, improve, or train generalized (non-personalized) AI or machine-learning models.
- No human at Afora reads your email content, except: (a) with your explicit permission (for example, a support request where you share a specific message); (b) as necessary for security purposes such as investigating abuse; or (c) as required by law. Our AI provider applies equivalent restrictions, with reactive safety review limited to flagged abuse cases.
Microsoft. We apply the same commitments to Microsoft 365 / Outlook data accessed through Microsoft Graph: minimum necessary permissions, no advertising or marketing use, no use outside the permissions your organization granted, and retention and deletion per Section 9. Our privacy practices for Microsoft data are intended to be at least as protective as the Microsoft Privacy Statement requires of independent applications.
6. Receipt and expense data
Receipt images are processed with AI vision models (Section 4 terms apply) to extract merchant, amount, and date fields. Extracted entries enter the brokerage's approval queue; nothing posts to accounting without human approval. Content embedded in submitted documents is treated as data to be processed, never as instructions to our systems, and submissions that attempt to manipulate automated processing are flagged for human review.
7. Bank data and Plaid
Afora uses Plaid to connect brokerage bank and card accounts.
- We never receive or store your bank login credentials. Authentication happens directly between you and your financial institution (typically via the institution's own OAuth flow).
- Afora uses third parties like Plaid to gather your data from financial institutions. By using our service, you grant Afora and Plaid the right, power, and authority to act on your behalf to access and transmit your personal and financial information from the relevant financial institution. You agree to your personal and financial information being transferred, stored, and processed by Plaid in accordance with the Plaid End User Privacy Policy.
- Bank access is read-only in Afora today: we retrieve transactions and balances; we do not move money.
- Your authorization continues until you revoke it. You can disconnect a linked account at any time in Afora's settings or via my.plaid.com, and we will stop retrieving new data immediately.
- We use bank data solely for the expense-management features the brokerage signed up for; we do not sell it, rent it, or share it with marketers, and we do not use it for credit decisions.
8. When we share information
We share personal information only with:
- Service providers (subprocessors) that host and power Afora — currently Vercel (hosting), Supabase (database), Clerk (authentication), Anthropic (AI processing), and Plaid (bank connectivity). Each is bound by contract to use data only to provide its service to us. The current list, with purposes, is maintained at our Subprocessor list; we give customers at least 30 days' notice before adding or replacing a subprocessor that handles customer data.
- The brokerage you belong to. Admins at your brokerage can see workspace data consistent with their role (for example, expense approvals, connected accounts, audit logs).
- Professional advisors (lawyers, accountants) under confidentiality obligations.
- Authorities, when required by law, subpoena, or to protect rights and safety — and where lawful, we will notify the affected customer first.
- A successor entity in a merger, acquisition, or asset sale, with notice to you.
We never sell or rent personal information, and we never share it with data brokers or advertising platforms.
9. Retention and deletion
We retain data only as long as needed for the purposes above, with these specific rules:
- Transaction, expense, and commission records: retained for the life of the brokerage's subscription and made available for export for at least 4 years after the underlying transaction, supporting Colorado real-estate record-keeping requirements that apply to our customers.
- Email-derived working data (summaries, drafts, triage state): retained while your account is active; deleted within 30 days of disconnecting the mailbox or deleting your account, except drafts you have saved into workflows you control.
- AI provider retention: Anthropic deletes API inputs/outputs within 30 days (Section 4).
- On termination: the brokerage may export its data for 30 days after the subscription ends; we then delete customer data from production systems within 60 days of termination, except records we retain under the 4-year export commitment above (kept in restricted cold storage) and minimal records required for legal, tax, or audit purposes. Backups age out on a fixed schedule (see Security page).
10. Your rights and choices
- Disconnect at any time: email and bank connections can be revoked in-app, at your identity provider, or at my.plaid.com.
- Access, correction, export, deletion: email privacy@aforademo.com and we will honor reasonable requests to access, correct, export, or delete your personal information, regardless of whether a specific privacy statute requires it. Where the data belongs to a brokerage workspace (Section 1), we will route the request to the brokerage and assist it.
- Marketing: we send only service and account emails; there is no ad targeting to opt out of.
11. Security
Data is encrypted in transit (TLS 1.2+) and at rest (AES-256). Bank connection tokens are additionally encrypted at the application layer (AES-256-GCM) before storage. Access is role-scoped and logged. Payment-instruction changes that originate from email content are never applied automatically. Full details, including how to report a vulnerability, are on our Security page. No system is perfectly secure; if a breach affects your data, we will notify affected customers without undue delay (our Data Processing Addendum commits to notice within 48 hours of confirmation).
12. Changes to this policy
We will post changes here with an updated date. If a change materially expands how we use personal information, we will notify affected customers in advance and, where the change involves using existing data for a new purpose, obtain consent before applying it. We will never quietly repurpose your data through a policy edit.
13. Contact
Afora LLC · privacy@aforademo.com