Last updated: April 18, 2026
This Privacy Policy describes how Hollow Draw, LLC, a Texas limited liability company doing business as IQ Locations (“IQ Locations,” “we,” “us,” or “our”), collects, uses, discloses, and retains personal information in connection with the iqlocations.com website, the site-intelligence reports we generate, and our related services (collectively, the “Services”).
This Privacy Policy is incorporated into our Terms of Service.
Hollow Draw, LLC
d/b/a IQ Locations
PO Box 163731
Austin, TX 78716
shane@iqlocations.com
We are the “business” under California law and the “controller” under the privacy laws of Virginia, Colorado, Connecticut, Utah, and Texas.
If you are a subscription account holder and invite teammates to your account, you represent and warrant that: (a) you have authority to share their names and email addresses with us; (b) you have informed them that their information will be shared with IQ Locations; and (c) their use of the Services is governed by our Terms of Service and this Privacy Policy. We contact invited teammates only to onboard them to the account and to support their use of the Services.
We may receive information about you from third-party sources, including:
The addresses you submit are used to pull publicly available demographic, traffic, competition, and economic data about the surrounding area, primarily from the U.S. Census Bureau, FHWA, HUD, and similar public sources. Reports contain only aggregate and statistical data. We do not attempt to identify individual residents of surrounding areas and do not build profiles of individual consumers who live or work near report addresses.
We collect only the personal information reasonably necessary to provide the Services, operate our business, and comply with legal obligations. We do not use personal information for purposes that are incompatible with those described in this Privacy Policy. If we intend to use personal information for a materially different purpose in the future, we will update this Privacy Policy and, where required, seek your consent.
We use personal information to:
We do not use personal information for automated decision-making that produces legal or similarly significant effects about you.
We process personal information under one or more of the following legal bases:
For users in the European Economic Area and United Kingdom, additional information about our legal bases is provided in Section 8.4.
We share personal information with third-party service providers that help us operate the Services. These providers are contractually required to use personal information only for the purposes we specify.
| Provider | Purpose | Categories of data shared |
|---|---|---|
| Stripe, Inc. | Payment processing | Name, email, billing address, payment card info, IP, transaction data |
| Resend | Transactional and marketing email delivery | Name, email, email content, PDF attachments |
| Anthropic | AI-generated narrative content in reports | Report input data including the submitted address and associated statistical summaries |
| Google (Places API) | Competitor location and review data | Submitted address (server-to-server request, no user identifier) |
| Mapbox | Mapping and geospatial visualization | Submitted address and coordinates (no user identifier) |
| Apollo.io | Business contact data for outreach | We receive data from Apollo; we do not share customer data with Apollo |
| DigitalOcean | Cloud hosting infrastructure | All data stored and processed by the Services |
We may disclose personal information if required by law, subpoena, court order, or to protect our rights, property, safety, or those of our users or the public; enforce our Terms of Service; or respond to claims that content violates third-party rights.
If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, personal information may be transferred as part of that transaction. We will notify you by email or a prominent site notice before personal information becomes subject to a different privacy policy.
We may share personal information in other ways with your consent or at your direction.
We do not sell personal information in exchange for monetary consideration, and we do not share personal information for cross-context behavioral advertising as defined under California law. We do not use advertising cookies, analytics cookies, retargeting pixels, or any third-party tracking technologies on the Services.
We only disclose personal information to the service providers listed in Section 5.1, under written agreements that restrict their use of the information to the purposes we specify and prohibit use of the information for their own commercial purposes.
We may create, use, and share aggregated or de-identified data derived from personal information for any purpose, including to build industry benchmarks, improve the Services, publish market insights, and conduct analytics. Aggregated or de-identified data does not identify any individual and is not subject to this Privacy Policy.
We enter into data processing agreements, confidentiality agreements, or equivalent contractual terms with our service providers where required by applicable law. These agreements require service providers to protect personal information consistent with this Privacy Policy and to use it only for the purposes we authorize.
We do not operate as a data broker. We do not sell, license, or rent personal information about individual consumers. Reports generated through the Services contain only aggregated and statistical data drawn from publicly available sources; reports do not identify individual residents or build profiles of individual consumers.
We retain personal information only as long as reasonably necessary to provide the Services, comply with legal obligations, resolve disputes, and enforce our agreements. Specific practices:
You are responsible for downloading and retaining copies of any reports or data you wish to preserve beyond these retention periods.
We use technical and organizational measures to protect personal information against unauthorized access, disclosure, alteration, and destruction, including:
No method of transmission or storage is completely secure. We cannot guarantee absolute security.
Breach Notification. If we become aware of a data breach that affects your personal information, we will notify you without undue delay and as required by applicable law.
Regardless of location, you may:
To exercise any of these rights, email shane@iqlocations.com with the subject “Privacy Request,” or mail a written request to the address in Section 1. We will respond within 30 days (or 45 days where permitted by applicable state law).
Effect of Account Deletion. Deleting your account will remove your access to stored reports and may result in permanent deletion of associated data, subject to the retention requirements described in Section 6. Deletion is governed by our Terms of Service, which describes the operational consequences of termination. You are responsible for downloading any reports or data you wish to retain before requesting deletion.
Global Privacy Control (GPC) Signals. Some browsers and browser extensions transmit a Global Privacy Control signal indicating that the user wishes to opt out of the sale or sharing of personal information. Because we do not sell or share personal information as those terms are defined under California law, GPC signals do not change how we handle your information. We honor GPC signals as a valid opt-out request under California law, even though we do not engage in activities that would trigger such a right.
Do Not Track. Some browsers send “Do Not Track” signals. We do not currently respond to these signals because there is no industry-standard interpretation. However, because we do not use advertising or analytics cookies, Do Not Track signals do not affect your experience on the Services.
California residents have the right to:
Categories collected in the last 12 months: identifiers (name, email, IP, account identifiers), commercial information (purchase history, subscription records), internet or electronic activity (site usage, landing page hits), professional information (company name, title), geolocation (approximate, derived from IP address — we do not collect precise GPS location), and payment information (processed by Stripe).
Authorized Agents. You may designate an authorized agent to make a request on your behalf. We may require verification of the agent’s authority and of your identity.
If you are a resident of Virginia, Colorado, Connecticut, Utah, or Texas, you have the following rights under your state’s privacy law:
To exercise these rights, contact us as described in Section 8.1.
Right to Appeal. Virginia, Colorado, Connecticut, and Texas residents may appeal our denial of a privacy request by emailing shane@iqlocations.com with the subject “Privacy Appeal.” We will respond to appeals within 60 days.
If you are located in the EEA or UK, our legal bases for processing personal information are those described in Section 4 (Legal Basis for Processing).
You have the rights of access, rectification, erasure, restriction, portability, and objection under the General Data Protection Regulation and UK GDPR. You may lodge a complaint with your local data protection authority.
International Transfers. The Services are operated from the United States, and personal information may be transferred to, stored, and processed in the United States. We do not currently target or actively market to users in the EEA or UK. If we expand our operations to regularly process personal information of EEA or UK residents, we will implement appropriate safeguards for international transfers — such as Standard Contractual Clauses or equivalent mechanisms — as required by applicable law.
The Services are not directed to individuals under 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, email shane@iqlocations.com and we will delete it promptly.
We may send marketing communications about our Services, including cold outreach emails to business contacts identified through public business data providers (such as Apollo.io). We limit outreach to business contacts and rely on legitimate interest as our legal basis where permitted by law. All such communications include clear identification of the sender, our business address, and an opt-out mechanism, as required by the CAN-SPAM Act and equivalent state laws.
Effective January 2023, the California Consumer Privacy Act’s exemption for business-to-business communications expired. Business contacts in California receive the full set of privacy rights described in Section 8.2.
You may opt out of marketing communications at any time by replying “unsubscribe” to any email or by emailing shane@iqlocations.com. Opting out of marketing does not affect transactional communications (such as receipts, subscription notices, or service updates).
The Services include AI-generated narrative content in reports, produced using large language models provided by our AI service provider. When we use AI services, we share report input data (including the submitted address and associated statistical summaries) with the AI provider solely for the purpose of generating narrative content for that specific report.
We do not use customer personal information to train, fine-tune, or develop our own AI or machine learning models. Our AI service providers are contractually prohibited from using customer data to train their models. AI-generated content in reports is clearly labeled within each report, and is subject to the accuracy limitations described in our Terms of Service.
The Services may contain links to third-party websites. This Privacy Policy does not apply to those sites. We encourage you to review the privacy policies of any third-party sites you visit.
The Services are operated from the United States. If you access the Services from outside the United States, your information will be transferred to, stored, and processed in the United States, where privacy laws may differ from those in your jurisdiction. By using the Services, you consent to this transfer.
We may update this Privacy Policy from time to time. The “Last updated” date at the top reflects the most recent revision. Material changes will be communicated by email to account holders or by prominent notice on the site at least 14 days before taking effect. Continued use of the Services after changes take effect constitutes acceptance.
For privacy questions, requests, or complaints:
Email: shane@iqlocations.com
Subject line: “Privacy Request” or “Privacy Appeal”
Mail:
Hollow Draw, LLC
d/b/a IQ Locations
PO Box 163731
Austin, TX 78716
We will respond to all requests within 30 days (or 45 days where permitted by applicable law).