Privacy Policy

Last updated: December 5, 2025

🔒 Your Privacy Matters

We are committed to protecting your privacy and handling your data responsibly. This policy explains how we collect, use, and protect your information.

1. Information We Collect

1.1 Account Information

When you create an account, we collect your email address and password (encrypted). We may also collect your name and organization if provided.

1.2 Uploaded Documents

Uploaded documents are processed automatically by software. No human reviews or monitors user documents unless explicitly requested for support.

Documents and analysis results are stored securely and may be retained to improve functionality unless deleted by the user.

1.3 Usage Data

We collect information about how you use the Service, including pages visited, features used, and time spent on the platform.

2. How We Use Your Information

We use your information to:

  • Provide and improve the Service
  • Process and analyze uploaded contracts
  • Send service-related communications
  • Ensure security and prevent fraud
  • Comply with legal obligations

3. Data Storage and Security

3.1 All data is stored securely using industry-standard encryption (AES-256) both in transit and at rest.

3.2 We use Supabase for data storage, which complies with SOC 2 Type II and other security certifications.

3.3 Access to user data is restricted to authorized personnel only and is logged for audit purposes.

4. Document Confidentiality

Important: Users should not upload confidential information they are not authorized to share. By uploading a document, you represent that you have the right to share that document with our Service.

5. AI Processing

5.1 Documents are analyzed using AI/ML models to extract information and provide insights.

5.2 We may use anonymized and aggregated data to improve our AI models, but individual documents are not shared with third parties for model training.

5.3 Our AI processing is automated. Human review only occurs if you explicitly request support or report an issue.

6. Data Retention

6.1 Your account data is retained as long as your account is active.

6.2 Uploaded documents and analysis results are retained until you delete them or close your account.

6.3 Upon account deletion, your data will be removed within 30 days, except where required by law.

7. Your Rights

You have the right to:

  • Access: Request a copy of your personal data
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your data
  • Portability: Receive your data in a portable format
  • Objection: Object to certain processing of your data

8. Third-Party Services

We use the following third-party services:

  • Supabase: Database and authentication
  • OpenAI/Anthropic: AI analysis (documents are processed per their privacy policies)
  • Vercel: Hosting and deployment

9. Cookies

We use essential cookies for authentication and session management. We do not use tracking cookies for advertising purposes.

10. Children's Privacy

The Service is not intended for children under 18. We do not knowingly collect personal information from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through the Service.

12. Contact Us

For privacy-related inquiries, please contact us at privacy@contractai.com.

Terms of ServiceDisclaimerBack to Home