Privacy Policy

At Contract Box, your privacy is our priority. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform, including our website, applications, and integrations (e.g., Zapier, Make, API access).

By using Contract Box, you agree to the terms outlined here. If you do not agree, please refrain from using the platform.

1. Information We Collect

• a. Account Information: Name, email address, organization name, authentication credentials (OAuth via Google or email/password)
• b. Contract & Metadata: Uploaded documents (PDFs, DOCX, etc.), extracted metadata (e.g., parties, dates, values), AI-generated contract content
• c. Usage Data: Pages visited, actions taken, feature usage, device and browser info (IP address, OS, browser type)
• d. Communication Logs: Emails, support tickets, feedback, and messages

2. How We Use Your Information

• Provide and maintain contract lifecycle features
• Improve platform performance and experience
• Deliver reminders, alerts, and AI suggestions
• Send notifications and updates
• Ensure secure agreement workflows
• Respond to support requests

3. Sharing and Disclosure

We do not sell or rent your personal data. We may share limited information with:

• Service providers (cloud, email delivery, AI infrastructure)
• Legal authorities, when required
• Third-party integrations (e.g., Zapier, Make) only when explicitly enabled by you

4. Data Security

We use end-to-end encryption, role-based access control, and audit trails. All data is securely stored using Supabase (PostgreSQL & Storage).

5. International Data Transfers

We comply with GDPR for international transfers. Data may be processed in regions outside your country depending on infrastructure.

6. Your Rights

• Access and export your data
• Request corrections or deletions
• Object to processing
• Withdraw consent for marketing

7. Cookies & Tracking

• Maintain login sessions
• Analyze feature usage
• Improve performance and personalization

You can manage cookies through your browser settings.

8. Data Retention

Contract data is kept as long as your account is active. Upon request or account termination, data is deleted within 30 days unless legally required otherwise.

9. Subprocessors

We use subprocessors (e.g., Supabase, Postmark, Google) who adhere to privacy/security standards. A full list is available upon request.

Contact Us

For questions, email us at support@contractbox.in.