Privacy Policy

1. Information we collect

• Account information: your name, email, and profile details when you sign up (including via Google sign-in).
• Your Content: the workspaces, activity and decisions ledger entries, files, and other data you and your team create in the Service.
• Usage and device data: how you interact with the Service, plus technical data such as browser, device, and IP address, collected through analytics and error-monitoring tools.
• Communications: messages you send us, including support requests and feedback.

2. How we use your information

We use your information to provide, secure, maintain, and improve the Service; to operate core features including cross-member harmonization and semantic search; to communicate with you; and to comply with legal obligations.

3. AI processing

To provide features like harmonization and search, your content may be processed by trusted AI providers. Your content is not used to train AI models. It is processed only to provide the Service to you.

4. How we share information

We do not sell your personal information. To run the Service we rely on a small set of trusted third-party providers, including Supabase, Vercel, Anthropic, Voyage AI, Paddle, Resend, Sentry, PostHog, Aptabase, and Google. Each is bound to protect your data and use it only to provide its service to us. We may also disclose information when required by law or in connection with a business transfer.

5. Cookies and analytics

We use a small number of cookies and similar technologies, including product analytics and error monitoring, to operate and improve the Service. Where required, we ask for your consent before setting non-essential cookies. You can manage your preferences through our cookie notice or your browser settings. See section 9 for more.

6. Data retention

We keep your information for as long as your account is active or as needed to provide the Service. Ledger history may be subject to plan limits; data beyond a Free plan's history window is locked, not deleted, and is restored if you upgrade. You can request deletion of your account and associated data (see Your rights). Because the Service is in beta, please keep your own backups.

7. Security

We protect your data with measures including encryption in transit and at rest, role-based access controls, and row-level security. No system is perfectly secure, and we cannot guarantee absolute security, particularly during beta.

8. Your rights

Depending on where you live (including under GDPR and CCPA), you may have rights to access, correct, export, or delete your personal information, and to object to or restrict certain processing. We do not sell personal information. To exercise any right, contact us.

9. Cookie details

Essential cookies are required for the Service to function (such as keeping you signed in). Analytics and monitoring cookies help us understand usage and fix problems; where required, these are set only with your consent. You can withdraw consent at any time.

10. International transfers

We and our subprocessors may process your data in countries other than yours, including the United States. Where required, we rely on appropriate safeguards for such transfers.

11. Children

The Service is not directed to anyone under 18, and we do not knowingly collect data from children under 13.

12. Changes

We may update this Policy. If we make material changes, we will take reasonable steps to notify you. The "Last updated" date reflects the latest version.

13. Contact

Privacy questions or requests: contact us.