PitchMint

Privacy Policy

Last Updated: June 12, 2025

1. Introduction

PitchMint ("we," "us," or "our") is a service owned and operated by DQ Digital LLC, a limited liability company registered in Kentucky, United States. We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered proposal generation service.

2. Information We Collect

2.1 Account Information

  • Registration Data: Email address, full name, password (encrypted)
  • Profile Information: Display name, account preferences
  • Authentication Data: Login credentials, session tokens

2.2 Proposal Content

  • Project Details: Client names, project descriptions, budgets, timelines
  • Generated Proposals: AI-created content, user modifications
  • Proposal Metadata: Creation dates, status, revision history

2.3 Usage Information

  • Activity Logs: Login times, feature usage, proposal creation events
  • Analytics Data: Page views, click patterns, feature adoption
  • Performance Metrics: API response times, error rates

2.4 Payment Information

  • Billing Data: Subscription status, plan type, billing history
  • Stripe Data: Customer ID, payment methods (stored by Stripe, not us)
  • Transaction Records: Payment confirmations, refund records

2.5 Technical Information

  • Device Data: IP address, browser type, operating system
  • Session Data: Authentication tokens, session duration
  • Error Logs: System errors, debugging information

2.6 Communications

  • Support Interactions: Help desk tickets, email correspondence
  • Marketing Communications: Newsletter subscriptions, promotional emails

3. How We Use Your Information

3.1 Service Provision

  • Core Functionality: Generate AI proposals, manage user accounts
  • Proposal Management: Save, edit, and organize your proposals
  • PDF Generation: Create downloadable proposal documents
  • Subscription Management: Process payments, manage plan limits

3.2 Service Improvement

  • Analytics: Understand usage patterns to improve features
  • Performance Monitoring: Optimize system performance and reliability
  • Feature Development: Develop new capabilities based on user needs

3.3 Communications

  • Service Notifications: Account updates, security alerts
  • Marketing: Product updates, feature announcements (with consent)
  • Support: Respond to inquiries and provide assistance

3.4 Legal and Security

  • Fraud Prevention: Detect and prevent unauthorized access
  • Compliance: Meet legal and regulatory requirements
  • Dispute Resolution: Handle billing disputes and account issues

4. Information Sharing and Disclosure

4.1 Third-Party Services

We share data with trusted service providers:

  • Supabase: Database hosting and user authentication
  • OpenAI: AI proposal generation (project details only)
  • Stripe: Payment processing and subscription management
  • Vercel: Application hosting and performance monitoring
  • Redis: Caching and session management

4.2 Legal Requirements

We may disclose information when required by:

  • Legal Process: Court orders, subpoenas, government requests
  • Safety: Protect rights, property, or safety of users or others
  • Compliance: Meet regulatory obligations

4.3 Business Transfers

In case of merger, acquisition, or sale, user data may be transferred as part of business assets.

4.4 Consent

We may share information with your explicit consent for specific purposes.

5. Data Security

5.1 Security Measures

  • Encryption: Data encrypted in transit and at rest
  • Access Controls: Role-based access with admin restrictions
  • Authentication: Secure login with Supabase Auth
  • Monitoring: Continuous security monitoring and logging

5.2 Data Storage

  • Infrastructure: Secure cloud hosting via Supabase/AWS
  • Backups: Regular automated backups with encryption
  • Retention: Data retained as long as account is active

5.3 Incident Response

  • Breach Notification: Users notified within 72 hours of confirmed breaches
  • Investigation: Thorough investigation of security incidents
  • Remediation: Immediate steps to secure affected systems

6. Your Privacy Rights

6.1 Access and Control

  • Account Access: View and edit profile information in settings
  • Data Download: Export your proposals and account data
  • Account Deletion: Delete your account and associated data

6.2 Communication Preferences

  • Email Settings: Unsubscribe from marketing communications
  • Notification Control: Manage service notifications
  • Marketing Opt-out: Opt out of promotional emails

6.3 Data Portability

  • Export: Download your proposals in standard formats
  • Migration: Transfer data to other services upon request

6.4 Regional Rights

EU/UK Users (GDPR):

At this time, PitchMint does not offer services to residents of the European Union or the United Kingdom. Should this change, we will appoint a regional representative and update this policy accordingly.

California Users (CCPA):

  • Right to know what data is collected and how it's used
  • Right to delete personal information
  • Right to opt-out of sale of personal information (we don't sell data)

12. Contact Information

12.1 Privacy Inquiries

For privacy-related questions or requests:

  • Email: privacy@pitchmint.com
  • Website: https://pitchmint.com/contact

12.2 Data Protection Officer

For inquiries related to data protection:

  • Email: dontrequarles871@gmail.com

16. Corporate Identity

PitchMint is a registered product of DQ Digital LLC, a Kentucky-based software company.

  • Activity Logs: Login times, feature usage, proposal creation events
  • Analytics Data: Page views, click patterns, feature adoption
  • Performance Metrics: API response times, error rates

2.4 Payment Information

  • Billing Data: Subscription status, plan type, billing history
  • Stripe Data: Customer ID, payment methods (stored by Stripe, not us)
  • Transaction Records: Payment confirmations, refund records

2.5 Technical Information

  • Device Data: IP address, browser type, operating system
  • Session Data: Authentication tokens, session duration
  • Error Logs: System errors, debugging information

2.6 Communications

  • Support Interactions: Help desk tickets, email correspondence
  • Marketing Communications: Newsletter subscriptions, promotional emails

3. How We Use Your Information

3.1 Service Provision

  • Core Functionality: Generate AI proposals, manage user accounts
  • Proposal Management: Save, edit, and organize your proposals
  • PDF Generation: Create downloadable proposal documents
  • Subscription Management: Process payments, manage plan limits

3.2 Service Improvement

  • Analytics: Understand usage patterns to improve features
  • Performance Monitoring: Optimize system performance and reliability
  • Feature Development: Develop new capabilities based on user needs

3.3 Communications

  • Service Notifications: Account updates, security alerts
  • Marketing: Product updates, feature announcements (with consent)
  • Support: Respond to inquiries and provide assistance

3.4 Legal and Security

  • Fraud Prevention: Detect and prevent unauthorized access
  • Compliance: Meet legal and regulatory requirements
  • Dispute Resolution: Handle billing disputes and account issues

4. Information Sharing and Disclosure

4.1 Third-Party Services

We share data with trusted service providers:

  • Supabase: Database hosting and user authentication
  • OpenAI: AI proposal generation (project details only)
  • Stripe: Payment processing and subscription management
  • Vercel: Application hosting and performance monitoring
  • Redis: Caching and session management

4.2 Legal Requirements

We may disclose information when required by:

  • Legal Process: Court orders, subpoenas, government requests
  • Safety: Protect rights, property, or safety of users or others
  • Compliance: Meet regulatory obligations

4.3 Business Transfers

In case of merger, acquisition, or sale, user data may be transferred as part of business assets.

4.4 Consent

We may share information with your explicit consent for specific purposes.

5. Data Security

5.1 Security Measures

  • Encryption: Data encrypted in transit and at rest
  • Access Controls: Role-based access with admin restrictions
  • Authentication: Secure login with Supabase Auth
  • Monitoring: Continuous security monitoring and logging

5.2 Data Storage

  • Infrastructure: Secure cloud hosting via Supabase/AWS
  • Backups: Regular automated backups with encryption
  • Retention: Data retained as long as account is active

5.3 Incident Response

  • Breach Notification: Users notified within 72 hours of confirmed breaches
  • Investigation: Thorough investigation of security incidents
  • Remediation: Immediate steps to secure affected systems

6. Your Privacy Rights

6.1 Access and Control

  • Account Access: View and edit profile information in settings
  • Data Download: Export your proposals and account data
  • Account Deletion: Delete your account and associated data

6.2 Communication Preferences

  • Email Settings: Unsubscribe from marketing communications
  • Notification Control: Manage service notifications
  • Marketing Opt-out: Opt out of promotional emails

6.3 Data Portability

  • Export: Download your proposals in standard formats
  • Migration: Transfer data to other services upon request

6.4 Regional Rights

EU/UK Users (GDPR):

At this time, PitchMint does not offer services to residents of the European Union or the United Kingdom. Should this change, we will appoint a regional representative and update this policy accordingly.

California Users (CCPA):

  • Right to know what data is collected and how it's used
  • Right to delete personal information
  • Right to opt-out of sale of personal information (we don't sell data)

7. Cookies and Tracking

7.1 Essential Cookies

  • Authentication: Session management and login state
  • Security: CSRF protection and security tokens
  • Functionality: User preferences and settings

7.2 Analytics Cookies

  • Usage Analytics: Understand how users interact with our service
  • Performance: Monitor system performance and errors

7.3 Cookie Control

  • Browser Settings: Disable cookies through browser preferences
  • Opt-out: Contact us to opt out of non-essential tracking

8. Children's Privacy

Our Service is not intended for users under 18. We do not knowingly collect personal information from children under 18. If we learn we have collected such information, we will delete it immediately.

9. International Data Transfers

Your data may be transferred to and processed in countries other than your residence. We ensure appropriate safeguards are in place for international transfers.

10. Data Retention

10.1 Account Data

  • Active Accounts: Data retained while account is active
  • Deleted Accounts: Data deleted within 30 days of account deletion
  • Legal Requirements: Some data may be retained longer for legal compliance

10.2 Activity Logs

  • System Logs: Retained for 90 days for security and debugging
  • Analytics Data: Aggregated data retained for service improvement

10.3 Payment Records

  • Billing History: Retained for 7 years for tax and legal requirements
  • Payment Methods: Stored by Stripe according to their retention policies

11. Changes to Privacy Policy

  • Updates: We may update this policy to reflect service changes
  • Notification: Material changes communicated via email and website notice
  • Effective Date: Changes take effect on the date posted
  • Continued Use: Using the service after changes constitutes acceptance

12. Contact Information

12.1 Privacy Inquiries

For privacy-related questions or requests:

  • Email: privacy@pitchmint.com
  • Website: https://pitchmint.com/contact

12.2 Data Protection Officer

For inquiries related to data protection:

  • Email: dontrequarles871@gmail.com

13. Compliance and Certifications

We comply with applicable privacy laws including:

  • GDPR: European General Data Protection Regulation
  • CCPA: California Consumer Privacy Act
  • SOC 2: Security and availability standards (through our infrastructure providers)

14. Third-Party Links

Our Service may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to read their privacy policies.

15. Automated Decision Making

Our AI proposal generation involves automated processing. You have the right to:

  • Human Review: Request human review of AI-generated content
  • Explanation: Understand how AI decisions are made
  • Opt-out: Use the service without AI features (where technically feasible)

16. Corporate Identity

PitchMint is a registered product of DQ Digital LLC, a Kentucky-based software company.

This Privacy Policy is effective as of the date stated above and governs our privacy practices going forward.