Effective date: March 24, 2026
Short version: We collect only what we need to file your LL84 report. We don't sell your data. We don't share it beyond what's required to deliver the service. You can request deletion at any time.
To automate your compliance, we need a few categories of information:
Building information. Your property address, borough, block, and lot number, building type, and gross floor area. This is what gets entered into ENERGY STAR Portfolio Manager and shared with NYC DOB for LL84 compliance.
Utility data. Electricity, gas, and water consumption figures — either pulled directly from your utility provider via their API or extracted from bills you upload. This is the core of the LL84 report itself.
ENERGY STAR account information. Your Portfolio Manager account details, used to create or update your property's profile and generate the required reports.
Contact and account information. Your name, email address, and company name (if applicable). We use this to create your account, send compliance status updates and deadline reminders, and communicate about your subscription.
Payment information. Billing details are collected and processed by Stripe. We don't store your full card number — Stripe handles that. We keep a record of your subscription plan and transaction history.
Everything we collect has a specific purpose. We use your building and utility data to keep your ENERGY STAR Portfolio Manager profile current and maintain your property's data share with NYC DOB (NYCGOVLL84). We use your ENERGY STAR account to manage your property profile. We use your email to send compliance status updates, deadline reminders, and account-related notices. We use your payment information to manage billing.
We don't use your data to train AI models. We don't sell it to data brokers. We don't serve ads. The data exists to file your report — that's it.
BenchmarkIQ runs on Supabase, which provides SOC 2-compliant cloud infrastructure. Your data is encrypted in transit (TLS) and at rest. Portfolio Manager credentials used for automated data management are encrypted with a dedicated key before being stored, separate from your other account data.
We don't have employees browsing your credentials. Access to sensitive data is restricted, logged, and limited to what's necessary to run the filing automation.
Delivering the service requires interacting with a few external systems. Here's who we share data with and why:
We don't sell or license your data to any of these parties for their own use. They receive only what's needed for their specific role in delivering the service.
We keep your data as long as your account is active. This lets us show you historical filings, year-over-year comparisons, and compliance records — which are genuinely useful for multi-year compliance.
If you cancel your account, we'll retain your data for 90 days in case you change your mind or need to retrieve records. After that window, we delete it. You can also request immediate deletion — see the next section.
You have real control over your data. Specifically, you can:
To make any of these requests, email info@benchmarkiq.app. We'll respond within 5 business days.
If you're in the EU or California, additional rights may apply under GDPR or CCPA. We'll honor those requests in accordance with applicable law.
We don't sell, rent, or trade your personal information to third parties for their own marketing or commercial purposes. Full stop.
If we make material changes to how we handle your data, we'll notify you by email before the changes take effect. Minor clarifications may be updated without notice, but the effective date at the top of this page will always reflect the last substantive revision.
Questions, concerns, or data requests — email us at info@benchmarkiq.app. BenchmarkIQ operates out of New York, NY.