Now Accepting Applications·Founding Cohort · Platform launches June 2026Apply

Privacy Policy

Last updated: May 2026

1. Information We Collect

We collect information you provide directly when you:

  • Create an account (name, email, company name, role)
  • Submit an application (company details, NAICS codes, technology summary, SAM/UEI identifiers)
  • Upload documents to the content library or proposal workspace
  • Interact with the platform (proposal content, comments, collaboration activity)
  • Make a purchase (billing details processed by Stripe; we do not store credit card numbers)

We automatically collect:

  • Log data (IP address, browser type, pages visited, timestamps)
  • Usage data (features used, proposal stages visited, search queries within the platform)
  • Session data (authentication tokens, last login timestamps)

2. How We Use Your Information

  • To provide, maintain, and improve the RFP Pipeline platform
  • To process your proposals using AI-assisted drafting (within your isolated tenant environment)
  • To match opportunities to your company profile
  • To process payments and manage subscriptions
  • To communicate with you about your account, platform updates, and support requests
  • To detect and prevent fraud, abuse, and security incidents

3. Data Isolation & AI Processing

Your company data is processed within an isolated tenant environment. AI agents provisioned for your workspace only access your data — never data from other tenants. AI-generated content is produced solely for your use and is not shared across customers.

De-identified, aggregated usage metrics (e.g., total proposals processed, average completion times) may be used to improve the platform. No individual customer data is identifiable in these aggregations.

4. Data Sharing

We do not sell your personal information. We may share data with:

  • Service providers: Stripe (payments), Railway (infrastructure), AWS (storage), Anthropic (AI processing) — each bound by data processing agreements
  • Your collaborators: When you invite team members or partners, they can see the content you grant them access to
  • Legal requirements: When required by law, court order, or governmental authority

5. Cookies & Tracking

We use essential cookies for authentication and session management. We do not use third-party advertising cookies or cross-site tracking. Analytics are collected server-side using our event system, not through third-party tracking scripts.

6. Data Security

We implement industry-standard security measures including encryption at rest and in transit, role-based access controls, tenant isolation at the database level, and regular security audits. All data is stored in the United States.

7. Data Retention

Your data is retained for the duration of your active subscription. Upon cancellation, your workspace enters a 30-day read-only period during which you may export your data. After this period, your data may be permanently deleted. Event logs and audit trails are retained for 12 months after account closure.

8. Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data (subject to legal retention requirements)
  • Export your data during the read-only period after cancellation
  • Withdraw consent for optional data processing

9. Children

RFP Pipeline is not directed at individuals under 18 years of age. We do not knowingly collect personal information from children.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email at least 30 days before taking effect. Continued use of the platform after the effective date constitutes acceptance.

11. Contact

For privacy-related inquiries, contact us at eric@rfppipeline.com.