Effective Date: October 23, 2025

Fortress Storm Defense LLC ("we," "us," or "our") is a flood prevention company dedicated to protecting homes and properties from storm damage through innovative barriers, installations, and consultations. We operate primarily in the United States, with a focus on hurricane-prone areas like Florida. This Privacy Policy explains how we collect, use, store, share, and protect personal information from our customers, website visitors, and service users. By accessing our website (fortressstormdefense.com), using our mobile app, requesting services, or otherwise interacting with us, you consent to the practices described here.

We are committed to safeguarding your privacy and complying with applicable laws, including the California Consumer Privacy Act (CCPA), the General Data Protection Regulation (GDPR) for EU/UK users, and other relevant U.S. state and federal regulations. If you are a California resident, you have specific rights under the CCPA; EU/UK residents have rights under GDPR. See sections below for details.

This policy does not apply to third-party sites linked from our website. We may update this policy periodically—check the effective date above for the latest version. Continued use after changes means acceptance.

We collect minimal personal information necessary to deliver our flood prevention services, process inquiries, and improve our offerings. We do not sell your personal information.

When you contact us for a free consultation, schedule an installation, submit a quote request, or create an account, we may collect:

• Contact details: Name, email address, phone number.
• Property and service-related data: Home address, property type (e.g., single-family home), flood risk details (e.g., elevation, previous damage history), and payment information (e.g., credit card for deposits).
• Communication preferences: Marketing opt-in status.

For example, to recommend custom flood barriers, we need your address to assess local storm risks.

Through our website, app, or during service interactions, we may automatically gather:

• Device and usage data: IP address, browser type, device ID, operating system, pages visited, time spent on site, and referral sources.
• Location data: Approximate geolocation (e.g., via IP or with consent) to tailor flood prevention advice for your area.
• Cookies and tracking: See Section 5 for details.

We collect this to analyze trends, prevent fraud, and enhance user experience, such as sending timely storm alerts.

We may collect limited sensitive data, like property damage photos you upload for assessments, but only with your explicit consent. We do not collect health, racial, or biometric data unless voluntarily provided (e.g., in emergency response notes).

We use collected information solely for legitimate business purposes:

• Service delivery: Scheduling flood barrier installations, processing payments, and providing post-service support.
• Communication: Responding to inquiries, sending service updates, or emergency alerts (e.g., "Hurricane approaching—check your barriers").
• Marketing: With your consent, emailing promotional offers like "If your home was damaged last year, call Fortress Storm Defense for resilient solutions."
• Analytics and improvement: Aggregating anonymized data to refine our flood prevention products.
• Legal compliance: Reporting to authorities if required (e.g., insurance claims related to storm damage).

Under GDPR, our legal bases include contract performance, legitimate interests (e.g., service enhancement), and consent for marketing. Under CCPA, we do not "sell" data but may share with service providers.

We do not sell, rent, or trade personal information for profit. Sharing occurs only when necessary:

• Service providers: Third parties like payment processors (e.g., Stripe), installers, or shipping companies for delivering flood barriers. They are contractually bound to protect data.
• Business partners: Insurers or affiliates for joint flood recovery programs, with your consent.
• Legal requirements: To comply with laws, respond to subpoenas, or protect rights/safety (e.g., during disaster response).
• Business transfers: In mergers, acquisitions, or asset sales, data may transfer to the new owner.

For international users, data may be transferred to the U.S. (our primary servers). EU/UK data transfers comply with GDPR adequacy decisions or standard contractual clauses.

We store data on secure U.S.-based servers (e.g., AWS) for as long as needed:

• Service records: Up to 7 years for tax/insurance purposes.
• Marketing contacts: Until you opt out or request deletion.
• Inactive accounts: Deleted after 2 years of inactivity.

We retain only what's necessary and anonymize where possible.

We implement reasonable safeguards:

• Encryption for sensitive data (e.g., payment info via HTTPS/TLS).
• Access controls, firewalls, and regular security audits.
• Employee training on data handling, especially for on-site flood assessments.

No system is foolproof—report suspected breaches to us immediately. In case of a breach, we'll notify affected users and authorities as required by law.

Our site uses cookies and similar technologies (e.g., pixels, local storage) for functionality, analytics, and ads:

• Essential cookies: For site navigation and secure logins.
• Performance cookies: To track usage (e.g., Google Analytics—see our Cookie Policy for opt-out).
• Marketing cookies: For personalized ads on partner sites (e.g., storm prep tips).

You can manage cookies via browser settings or our consent banner. Disabling may affect features like quote calculators.

For CCPA/GDPR, you can opt out of "sales" (sharing for targeted ads) or object to processing. Visit our Do Not Sell My Info page or use the opt-out link.

You control your data. To exercise rights, contact us (see Section 9). We'll respond within 45 days (extendable if needed).

• Access: Request a copy of your data.
• Correction: Update inaccurate info (e.g., wrong address for service routing).
• Deletion: Ask us to erase data (subject to legal holds, like ongoing contracts).
• Opt-out of sales/sharing: For CCPA, opt out of data sharing for ads.
• Do Not Track: We honor browser DNT signals where possible.
• GDPR rights: Withdrawal of consent, portability, objection to processing.

California residents: In the past 12 months, we've collected contact/property data from ~5,000 consumers and shared with 3 service providers (no sales). EU users: Our Data Protection Officer oversees compliance.

Verify identity via email/phone before processing requests. No fee unless requests are excessive.

Our services target adults managing home protection. We do not knowingly collect data from children under 13 (or 16 in some jurisdictions). If we learn of such data, we'll delete it. Parents: Contact us to review/remove child's info. We comply with COPPA.

If outside the U.S., your data may cross borders—see GDPR/CCPA notes above. Links to external sites (e.g., weather apps) have their own policies; we are not responsible.

Questions? Reach out:

Fortress Storm Defense LLC 25 52nd Street S St Petersburg, FL 33707 Email: sales@fortressstorm.com Phone: (727) 804-7617 Website: fortressstorm.com/privacy

For EU/UK: Data Protection Officer at the above email. For CCPA: Designated agent at the same.

If unsatisfied, contact regulators (e.g., California AG or EU Data Protection Authority).