ClauseVault

Privacy Policy

Last updated: January 2025

Overview

ClauseVault is committed to protecting your privacy. This policy explains what information we collect, how we use it, and how we protect it.

Information We Collect

Account Information

When you create an account, we collect:

  • Email address
  • Password (stored as a secure hash, never in plain text)
  • Account creation date

Contract Data

When you upload contracts, we store:

  • The PDF file itself
  • Contract metadata (client name, project type)
  • Extracted terms and their categories
  • Tags you add to terms

Usage Data

We collect basic usage data to improve the service, including pages visited and features used. We do not track individual contract contents for analytics.

How We Use Your Information

  • To provide and maintain the service
  • To process your contracts and extract terms using AI
  • To communicate with you about your account
  • To process payments through Stripe
  • To improve the service based on usage patterns

AI Processing

Your contract text is sent to OpenAI for term extraction. This is necessary to provide the core functionality of ClauseVault.

OpenAI's data usage policies apply to this processing. According to OpenAI's current policies, data sent via their API is not used to train their models. We recommend reviewing OpenAI's privacy policy for the most current information.

Data Storage and Security

  • PDF files are stored securely using Vercel Blob Storage
  • Database is hosted on secure, encrypted servers
  • All data transmission uses HTTPS encryption
  • Passwords are hashed using bcrypt
  • We do not store credit card information (handled by Stripe)

Data Sharing

We do not sell your data. We share data only with:

  • OpenAI - for contract term extraction
  • Stripe - for payment processing
  • Vercel - for hosting and file storage

We may disclose information if required by law or to protect our rights.

Your Rights

You have the right to:

  • Access your data
  • Correct inaccurate data
  • Delete your account and associated data
  • Export your data
  • Opt out of marketing communications

Contact us at privacy@clausevault.app to exercise these rights.

Data Retention

We retain your data as long as your account is active. When you delete your account, we delete all associated data within 30 days, except as required by law or for legitimate business purposes (such as fraud prevention).

Cookies

We use essential cookies for authentication and session management. We do not use third-party tracking cookies or advertising cookies.

Children's Privacy

ClauseVault is not intended for users under 18. We do not knowingly collect information from children.

Changes to This Policy

We may update this policy from time to time. We will notify you of material changes via email. Continued use of the service after changes constitutes acceptance of the new policy.

Contact

For privacy questions or concerns, contact us at privacy@clausevault.app.