How we handle your data.

The short version

We collect what we need to run the product and nothing else. Your sales activity, account list, prospect notes, and AI conversations are yours. We store them so the app works across your devices, but we don't sell them, share them with advertisers, or use them to train models outside your account.

What we collect

• Account identity. Your email address, and the unique account ID Google returns when you sign in with Google. We store these in our user database so we can recognise you next time.
• Your work in the product. Accounts, prospects, opportunities, conversations, meeting notes, AI chat history — everything you create or that flows in from a connected tool.
• Integration data. When you connect Gmail, Calendar, Salesforce, Outreach, etc., we receive the events from those tools that fall within the scopes you authorised, and store them so the brain can use them. We never request scopes beyond what's listed on each provider's consent screen.
• Operational metadata. Session cookies (one HttpOnly cookie per signed-in browser), the user-agent and IP address of each session for security, and standard request logs (URL, status code, latency) to keep the service healthy.
• Billing. Stripe processes payments. We receive Stripe's metadata (customer ID, subscription status, plan, period dates). We never see your card number.

What we do with it

• Run the product — render the dashboard, answer brain questions, send the integrations engine after fresh activity.
• Keep your data in sync across the devices where you've signed in.
• Generate AI responses against the Claude API (Anthropic). The prompts include the relevant subset of your data needed to answer your question; Anthropic does not retain it for training.
• Bill you, via Stripe.
• Send a tiny number of transactional emails (subscription receipts, password-reset confirmations). No marketing without your opt-in.

Subprocessors

We rely on the following third parties to operate. Each has its own privacy practices linked.

• Google — sign-in (OpenID Connect) and, if you connect them, Gmail / Calendar data.
• Anthropic — runs the Claude models that power the brain.
• Neon — Postgres database hosting.
• Vercel — application and serverless function hosting.
• Stripe — subscription billing.
• Resend — transactional email delivery.

Your rights

• Access. Everything we have on you is visible inside the product. Open any account, prospect, or brain entry to see it.
• Export. Settings → Data → Export to download your data as JSON.
• Delete. Settings → Data → Delete account. We hard-delete your user row, sessions, integrations, and all associated records within 7 days. Stripe subscription history is retained per Stripe's standard policy for tax/accounting purposes.
• Disconnect integrations. Settings → Connections → Disconnect on any provider. Future polling stops immediately. Past synced events stay until you delete your account.

Cookies

One HttpOnly session cookie (si_session) and a short-lived state cookie during OAuth handshakes. No third-party tracking cookies, no advertising cookies, no fingerprinting scripts. We don't use Google Analytics or equivalent.

Where your data lives

Primary database: Neon (Postgres) in their default U.S. region. Application servers: Vercel, distributed globally. AI inference: Anthropic, U.S. region. If you're outside the U.S., your data is processed in the U.S.

Security

OAuth tokens are encrypted at rest with AES-256-GCM. Sessions are HttpOnly, SameSite=Lax, and Secure in production. The API key you provide for direct AI access (Settings → API) is stored only in your browser's localStorage — it never reaches our servers.

Changes

If we materially change this policy, we'll surface a notice inside the product the next time you sign in. The "Last updated" date at the top always reflects the current version.

Contact

Questions, requests, or concerns: admin@salesascode.com.