Privacy Policy

Data We Collect

Dunvale aggregates publicly available government and institutional data. For customer and operator workflows we may collect the contact and account information you intentionally provide, including email address, name, account session data, subscribed feeds, calculator lead submissions, and webhook contact details. API keys are stored as hashes; plaintext keys are not retained.

Government Data Sources

All source data is published by US and international government agencies in the public domain. Dunvale does not scrape private websites or access restricted databases. Our value is in the aggregation, enrichment, and delivery of this publicly available information.

API Authentication

Access to the Dunvale API may require an API key or account session depending on the surface. We store account identifiers, hashed credentials or session tokens, scoped key metadata, billing and usage records, and related operational metadata needed to deliver and secure the service.

Border Pulse Commercial Coverage

Border Pulse commercial pages describe 4 coverage options with 1 listed service, 2 custom quote options, and 1 planned coverage lane. Public pages do not collect contact details or start account delivery.

Account delivery, billing, access keys, alerts, and automated workflows require approved setup.

Cookies & Tracking

The Dunvale website uses Google Analytics to understand aggregate site traffic and page performance. We do not use advertising pixels. We may use essential cookies for session management if you access authenticated areas of the platform.

Data Retention

We retain account, key, billing, webhook, and subscriber records for as long as needed to operate the service and satisfy legal, fraud, abuse-prevention, or accounting requirements. Operational logs and request metadata may be retained for debugging, rate limiting, security review, and capacity planning. We aim not to store full response bodies as part of normal delivery outside the product records a user explicitly creates.

Third-Party Sharing

We do not sell customer personal data. We may share limited data with service providers that help us deliver billing, email, infrastructure, logging, analytics, and security operations, subject to contractual and operational controls.

Security

All API traffic is encrypted in transit. Credentials are stored using industry-standard practices and never logged. We follow defense-in-depth principles across our infrastructure.

Contact

For privacy inquiries, contact us at [email protected].

Changes to This Policy

We may update this privacy policy from time to time. Changes will be posted on this page with an updated effective date. Continued use of the Dunvale API or website after changes constitutes acceptance of the updated policy.