Back to Home

Privacy Policy

Last updated: December 6, 2024

1. Introduction

SpendBear ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our contract management platform.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address, and authentication credentials when you create an account
  • Contract Documents: Files you upload for processing and management
  • Payment Information: Billing details processed securely through Stripe
  • Communications: Messages you send to our support team

2.2 Information Collected Automatically

  • Usage Data: How you interact with our platform
  • Device Information: Browser type, operating system, and device identifiers
  • Log Data: IP addresses, access times, and pages viewed

2.3 Information from Third Parties

  • Email Integrations: When you connect Gmail or Outlook, we access email metadata and attachments to import contracts
  • OAuth Providers: Basic profile information from Google or Microsoft when you sign in

3. How We Use Your Information

We use the information we collect to:

  • Provide and maintain our contract management services
  • Process and analyze your contracts using AI technology
  • Send renewal reminders and alerts
  • Process payments and manage your subscription
  • Improve our services and develop new features
  • Communicate with you about updates and support
  • Ensure the security of our platform

4. Data Storage and Security

We implement industry-standard security measures to protect your data:

  • All data is encrypted in transit (TLS 1.3) and at rest (AES-256)
  • Contract files are stored in secure, encrypted cloud storage
  • We perform regular security audits and penetration testing
  • Access to your data is restricted to authorized personnel only

5. Data Sharing

We do not sell your personal information. We may share data with:

  • Service Providers: Third parties that help us operate our platform (hosting, payment processing)
  • AI Processing: OpenRouter for contract analysis (data is processed but not stored for training)
  • Legal Requirements: When required by law or to protect our rights

6. Your Rights

You have the right to:

  • Access and download your personal data
  • Correct inaccurate information
  • Delete your account and associated data
  • Withdraw consent for email communications
  • Request data portability

7. Data Retention

We retain your data for as long as your account is active or as needed to provide services. Upon account deletion, we will delete your data within 30 days, except where we are required to retain it for legal purposes.

8. Cookies

We use essential cookies for authentication and session management. We do not use third-party advertising cookies. You can control cookies through your browser settings.

9. International Transfers

Your data may be processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers in compliance with applicable data protection laws.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through a notice on our platform.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at:

Email: vamsi.iiita@gmail.com