Privacy (draft beta)
This page describes how VendorPilot handles information during the private beta. It is not a final, lawyer-reviewed privacy policy. For questions: hello@usevendorpilot.com.
What we process
- Account & workspace data: email, authentication data held by Supabase Auth, workspace (organization) name, memberships, and roles.
- Early access requests: information you submit on the marketing site (name, email, company, etc.) is stored to follow up on beta interest.
- Operational data you enter: vendors, contracts, compliance items, document metadata, and files you upload to your workspace.
- AI-assisted features: when you explicitly run Contract Review or Savings Opportunities, text you choose (e.g. TXT contract excerpts) may be sent to our AI provider for processing. Outputs are stored in your workspace; we do not use your data to train public models (see your AI provider's terms).
- Audit logs: security-relevant events (uploads, AI runs, rejections) with redacted metadata — not raw document bodies.
What we do not provide
VendorPilot is not legal advice and not a substitute for counsel, procurement, or compliance professionals. Human review is required for contractual and regulatory decisions.
Retention & deletion
Data is retained according to your Supabase project and workspace usage. Destructive export/delete flows for entire workspaces are limited in this beta — contact us if you need assistance.