Registry/Security & Access

Trust model

Private by design.

Crawlspace records are not public listings. Access is permissioned, logged, and limited to the purpose of the request. The owner controls the record — not the contractor, and not the platform.

The trust model

Six controls. One owner.

The registry stores property records — so the trust model has to be visible, not buried. Every control here exists because someone outside the homeowner relationship will, eventually, want access.

01 — Owner control

The owner controls access.

Unless another legal owner or authorized property manager is designated, the homeowner alone decides who sees the record and what they can do with it.

02 — Permissioned sharing

Contractors see only what they're given.

Members access specific records for specific purposes — not a directory of everyone in their service area. Permissions are scoped, time-bounded, and revocable.

03 — Record provenance

Every entry is signed and dated.

Every record identifies who added it, when, and what type of evidence supports it. The registry preserves the chain — it does not let one contributor bury another.

04 — Version history

Old records are preserved, not overwritten.

The registry tracks change — moisture readings over years, condition photos before and after correction, drainage and RH upgrades. The trend is the story.

05 — Access log

Every view is logged.

Viewers, dates, purposes, permission type, exports — visible to the owner. If someone has the record, the owner knows.

06 — Transfer protocol

The record moves with the property.

Ownership transfer requires explicit authorization and a clean chain of custody. The next owner inherits the history — with privacy preserved.

Owner · full controlContributor · authorizedViewer · time-boundedNo-access · default

Permission types

Four roles. Four scopes.

Every relationship to the record fits one of four roles. Each carries a defined scope of what the holder can see, add, or export.

Owner

Full control. Invite contributors, grant viewer access, export the transfer packet, revoke any prior permission. Default for the property owner.

Default · permanent

Contributor

Read access plus permission to add correction records and maintenance events. Scoped to specific zones or the whole record. Revocable.

By invite · audited

Viewer

Read-only access. Time-bounded by default (14 days), or single-export. Cannot add records. Used for inspectors, agents, and buyers.

Time-bounded · revocable

No access

The default for everyone else. Including Crawl-Space Connect staff outside support workflows, and including contractors who are not invited to the record.

Default · everyone else

Transfer protocol

A record that can change hands cleanly.

When the property sells, the record can travel with it — preserving the chain of evidence while resetting access. Both parties have to opt in. Neither party can erase prior history. About the transfer packet →

01 — INITIATEListing or sale

Owner authorizes transfer-eligible export.

The seller can generate a transfer packet at any time — blueprint, corrections, last 12 months of events, document vault — for inspectors, agents, and prospective buyers (viewer access, time-bounded).

02 — REVIEWUnder contract

Buyer reviews the record under viewer scope.

The buyer reads the prior history before closing. Inspectors can add a viewer-scoped pre-purchase report to the timeline. No edits to prior records are possible.

03 — AUTHORIZEAt closing

Both parties opt into the record handoff.

Seller signs the transfer authorization. Buyer creates (or links) their Crawl-Space Connect account. The platform validates ownership change against the property's identifying fields.

04 — HANDOFFPost-closing

Record transfers · prior owner's PII redacted.

The buyer becomes the new owner of the record. Prior owner identity is redacted. All prior contributors (verified contractors) remain attached for accountability — but their access is reset until re-invited.

05 — CONTINUEOngoing

The new owner inherits the history.

The blueprint, corrections, conditions, and events stay. The new owner can re-invite contributors, schedule new events, and continue the record — without the silence of a fresh start.

Data handling

What we hold, and why.

The registry holds property documentation. Everything else is the minimum we need to operate the account — and nothing is sold.

01 — Property data

Documentation, by design.

Property profile fields, Crawlspace Blueprints™, conditions, corrections, events, documents, and access logs. This is the record — held as long as the owner keeps the account active.

02 — Account data

Minimum viable identity.

Name, email, phone (optional), authentication credentials. Used to operate the account. Not sold, not used for advertising.

03 — Telemetry

Operational only.

Aggregate, anonymized signals for platform reliability — page errors, performance, uptime. No behavioral tracking, no third-party ad pixels.

04 — Encryption

At rest and in transit.

TLS in transit. AES-256 at rest. Per-record access scoping enforced server-side — not in the client.

05 — Retention

Owner-controlled.

Records are held while the account is active. Owners can export the full record at any time, and request account deletion — which redacts PII and severs the property's link to the prior owner.

Operating, disclosed

Your record. Your call.

Records are private until you share them. Shared records remain logged. Transferred records leave a clean chain. That's the whole model.

Create My Crawlspace Record View a Sample Property Record