BidPacto

Legal

Privacy Policy

This Privacy Policy explains how BidPacto collects, uses, shares, retains, and protects account, workspace, proposal, AI-processing, and billing data.

Last updated

Scope

This Privacy Policy applies to BidPacto's website at https://www.bidpacto.com, workspace at https://bidpacto.com, account flows, RFP workspace, company profile, file processing, AI-assisted drafting, exports, support communications, and billing setup.

This policy does not cover third-party websites or services that we do not control. Polar, Firebase/Google, and AI providers may process data under their own terms and privacy notices when they provide their services.

Information We Collect

  • Account data, such as email address, display name, authentication identifiers, sign-in provider, and workspace user id.
  • Workspace data, such as company profile fields, uploaded company source files, extracted source text, RFP files, RFP text, generated answers, notes, review statuses, project metadata, and export content.
  • AI-processing data, such as prompts, extracted text, instructions, generated responses, retrieval snippets, and usage metadata needed to provide the requested AI workflow.
  • Billing data, such as selected plan, Polar customer identifiers, customer email, subscription/order identifiers, checkout metadata, and webhook events. We do not receive full card numbers.
  • Technical data, such as IP address, browser and device information, request logs, error logs, security events, local storage state, and cookie-like identifiers needed for sign-in or operation.
  • Support data, such as messages, attachments, diagnostics, and contact details you send to us.

How We Use Information

  • Provide, operate, secure, debug, and improve the service.
  • Authenticate users and keep workspaces associated with the right account.
  • Extract text from uploaded files, retrieve relevant company context, generate draft responses, and export proposal materials.
  • Process checkout, reconcile orders, verify webhooks, support subscriptions, handle refunds, and prevent fraud or chargebacks.
  • Respond to support requests, legal requests, security reports, and privacy requests.
  • Enforce legal terms, acceptable-use rules, payment obligations, and security requirements.

AI Providers

When you use AI features, Customer Content relevant to the request may be sent to the configured Gemini-compatible AI provider for extraction, retrieval, drafting, summarization, classification, or similar processing.

Do not upload regulated or highly sensitive data unless you have confirmed that your provider configuration, contract terms, and plan are appropriate for that data.

How We Share Information

  • With hosting, database, authentication, storage, logging, security, and infrastructure providers that help operate the service.
  • With AI providers to process the content you ask the service to analyze or draft from.
  • With Polar for checkout, customer management, tax, transaction, subscription, refund, dispute, and payment-support workflows.
  • With professional advisors, legal authorities, buyers, or third parties when required to comply with law, protect rights, prevent fraud or abuse, or respond to disputes.
  • With your direction, such as when you export, copy, upload, submit, or share proposal material outside BidPacto.

Cookies And Local Storage

BidPacto uses browser storage and similar technologies for sign-in, demo-mode state, pending RFP handoff, workspace continuity, user preferences, and security. Some third-party providers may also use cookies or similar technologies for authentication, checkout, fraud prevention, or service operation.

Retention

We retain account and workspace information for as long as needed to provide the service, support your account, comply with legal and tax obligations, resolve disputes, enforce terms, prevent fraud, and maintain backups.

Deletion requests can be sent to the privacy contact below. Some information may remain in backups, logs, billing records, fraud-prevention records, legal files, or records we are required or permitted to keep.

Security

We use reasonable safeguards designed to protect information based on its sensitivity and the current stage of the product. No internet service can guarantee absolute security.

If you believe your workspace or data has been exposed, contact the security address below promptly.

Your Choices And Rights

Depending on your location, you may have rights to access, correct, delete, export, restrict, or object to certain processing of personal data. You may also have rights to appeal or complain to a data protection authority.

Submit requests to privacy@bidpacto.com. We may need to verify your identity and account authority before acting on a request.

Children

BidPacto is a business software product and is not intended for children under 13 or for users below the minimum age required by local law. Do not use the service to collect children's personal data.

International Use

Information may be processed in the United States and other countries where BidPacto and its providers operate. Those countries may have different data protection laws than your location.

Contact

Questions about this document can be sent to support@bidpacto.com. Privacy requests can be sent to privacy@bidpacto.com. Security reports can be sent to security@bidpacto.com. Legal notices can be sent to legal@bidpacto.com.