The #1 Enterprise A.I. Platform For Residential Home Service Professionals ⚡

Security Incident Disclosure Policy

Effective:  January 4, 2024

Our Commitment to Security and Excellence

As a commitment to transparency and integrity to our stakeholders, in the unlikely event of a security incident or data breach, the following policy will govern our response plan and disclosure of the incident when necessary.  While we certainly take every precaution necessary to prevent any incidents and hope they will never occur, we have a written response plan in place should it be necessary to utilize as part of our commitment to strong IT governance practices to safeguard our systems and data while ensuring the integrity of our products and services.

1. Immediate Response and Assessment

  • Act Promptly: Initiate this incident response plan immediately upon discovering a breach or security incident.
  • Assess the Impact: Assess the extent and impact of the breach, including the type of data involved and number of individuals affected and formally document the findings.

2. Legal and Regulatory Compliance

  • Understand Obligations: RemodelAI continues to monitor changing regulations at the state and federal level and will comply with all relevant data breach notification laws and regulations, both locally and internationally if applicable.

Alabama

Ala. Code § 8-38-1 et seq.

Alaska

Alaska Stat. § 45.48.010 et seq.

Arizona

Ariz. Rev. Stat. § 18-551 to -552

Arkansas

Ark. Code §§ 4-110-101 et seq.

California

Cal. Civ. Code § 1798.82

Colorado

Colo. Rev. Stat. § 6-1-716

Connecticut

Conn. Gen Stat. §§ 36a-701b4e-70

Delaware

Del. Code tit. 6, § 12B-101 et seq.

Florida

Fla. Stat. § 501.171

Georgia

Ga. Code §§ 10-1-910 to -91246-5-214

Hawaii

Haw. Rev. Stat. § 487N-1 et seq.

Idaho

Idaho Stat. §§ 28-51-104 to -107

Illinois

815 ILCS §§ 530/1 to 530/25815 ILCS 530/

Indiana

Ind. Code § 24-4.9 et seq.

Iowa

Iowa Code §§ 715C.1, 715C.2

Kansas

Kan. Stat. § 50-7a01 et seq.

Kentucky

KRS § 365.732

Louisiana

La. Rev. Stat. §§ 51:3071 et seq.

Maine

Me. Rev. Stat. tit. 10 § 1346 et seq.

Maryland

Md. Code Com. Law § 14-3504

Massachusetts

Mass. Gen. Laws § 93H-1 et seq.

Michigan

Mich. Comp. Laws §§ 445.63445.72

Minnesota

Minn. Stat. §§ 325E.61325E.64

Mississippi

Miss. Code § 75-24-29

Missouri

Mo. Rev. Stat. § 407.1500

Montana

Mont. Code §§ 30-14-170433-19-321

Nebraska

Neb. Rev. Stat. §§ 87-801 et seq.

Nevada

Nev. Rev. Stat. §§ 603A.010 et seq.

New Hampshire

N.H. Rev. Stat. §§ 359-C:19, 359-C:20359-C:21

New Jersey

N.J. Stat. § 56:8-161, 163

New Mexico

N.M. Stat. §§ 57-12C-1

New York

N.Y. Gen. Bus. Law § 899-AA

North Carolina

N.C. Gen. Stat § 75-61, § 75-65

North Dakota

N.D. Cent. Code §§ 51-30-01 et seq.

Ohio

Ohio Rev. Code §§ 1349.191349.1911345.01 et seq.

Oklahoma

Okla. Stat. §§ 24-161 to -166

Oregon

Oregon Rev. Stat. §§ 646A.600 to .628

Pennsylvania

73 Pa. Stat. §§ 2301 et seq.

Rhode Island

R.I. Gen. Laws §§ 11-49.3-1 et seq.

South Carolina

S.C. Code § 39-1-90

South Dakota

S.D. Cod. Laws §§ 20-40-19 to -26

Tennessee

Tenn. Code §§ 47-18-2107

Texas

Tex. Bus. & Com. Code §§ 521.002521.053

Utah

Utah Code §§ 13-44-101 et seq.80 78B-4-701 et seq.

Vermont

Vt. Stat. tit. 9 §§ 2430, 2435

Virginia

Va. Code §§ 18.2-186.632.1-127.1:05

Washington

Wash. Rev. Code §§ 19.255.010

West Virginia

W.V. Code §§ 46A-2A-101 et seq.

Wisconsin

Wis. Stat. § 134/98

Wyoming

Wyo. Stat. §§ 40-12-501 to -502

District of Columbia

D.C. Code §§ 28-3851 et seq.

Guam

9 GCA §§ 48-10 et seq.

Puerto Rico

10 LRPA §§ 4051 et seq.

Virgin Islands

V.I. Code tit. 14 § 2209

  • Reporting Deadlines: All affected individuals will be notified without unreasonable delay but within 30 days of discovery of a breach as RemodelAI’s standard policy. If any specific state law requires notification sooner then 30 days, state law and requirements will supersede our governance policy and we will do everything we reasonably can to meet state guidelines.

3. Internal Communication and Coordination

  • Response Team: RemodelAI’s incident response team consisting of a team legal, IT, public relations, and executive leadership will converge to manage and appropriately respond to any security related issues or data breeches.
  • Clear Internal Communication: Our communication plans ensure that all relevant internal stakeholders are informed and understand their roles in the response.

4. External Breach Notification

  • Timeliness: Notify affected parties without unnecessary delay as per all reporting deadlines discussed in prior section 2 of this policy.
  • Clarity and Transparency: Provide a clear, concise explanation of what occurred, the type of data involved, and the potential impact on those affected from the documented investigation conducted as described in section 1 of this policy.

5. Contact Methods

  • Appropriate Channels: RemodelAI’s response team will determine the most effective communication channels for notifications of any security incident or breech, which could include, but is not limited to or emails, letters, phone calls, or public announcements, depending on the nature and scope of the breach. The RemodelAI’s response team will determine an appropriate and measured course of action for communication and contact methods at the time of the incident.

6. Actions, Support, & Guidance

  • Assistance to Affected Individuals: Depending on the cause, scope and impact of breach RemodelAI will try to offer appropriate support services to affected parties when necessary or reasonable.
  • Actionable Steps & Guidance: Depending on the results of the security incident investigation, policy changes may take effect to mitigate any future risk. Advice may also be given on steps the affected individuals can take to protect themselves, such as changing passwords or monitoring their accounts for unusual activity if the scope and impact of the incident warrants these further steps to be taken to protect our customers and consumers.

7. Ongoing Communication

  • Updates: RemodelAI will keep affected parties informed about the ongoing investigation, remediation efforts, and any changes that might impact them until all issues are resolved. All communications will be transmitted through our response team.
  • Availability for Queries: If an incident should occur, both during and after the incident open channels for questions and concerns from affected individuals and other stakeholders will remain open to ensure we continue to serve all that might be impacted.

8. Documentation and Record Keeping

  • Detailed Records: Maintain comprehensive records of the breach, the response actions taken, and communications for accountability and audit purposes.

9. Continuous Enhancement and Future Risk Mitigation

  • Post-Incident Analysis: Conduct a thorough analysis of the breach to determine its cause and the effectiveness of the response.
  • Policy Improvement: Update security policies, practices, and response plans based on lessons learned to prevent future breaches.

This policy serves as a framework and plan to manage all risks associated with any security incident or data breach should it occur.  Our Privacy Policy, Terms of Service, and Acceptable Use Policies will supersede any policy framework written here.