← Back to home

Privacy Notice

This notice is maintained by Ai proposals pro.

This Privacy Notice explains how Ai proposals pro ("we", "us", "our") collects, uses, shares, and protects personal data when you use our website and service (the "Service"). Ai proposals pro is the data controller responsible for the personal data processed through the Service, except where our payment provider Paddle acts as controller for payment-related processing.

1. Personal data we collect

  • Account data: name, email address, password (hashed), company name, and profile information you provide.
  • Content data: the proposals, client details, project descriptions, measurements, materials, and other information you enter to generate documents.
  • Support data: messages, attachments, and information you send when you contact us.
  • Usage and telemetry data: pages visited, features used, error logs, and performance metrics.
  • Device and connection data: IP address, browser type, operating system, device identifiers, and approximate location derived from IP.
  • Payment data: processed directly by Paddle (see "Sharing" below). We receive a limited record of the transaction (plan, status, dates) but do not receive or store full card details.

2. How we use personal data

  • To create and manage your account and authenticate you.
  • To provide the Service, including generating and storing proposals you create.
  • To operate, maintain, secure, and improve the Service.
  • To prevent fraud, abuse, and violations of our Terms.
  • To communicate with you about the Service, updates, and support requests.
  • To comply with legal obligations and enforce our agreements.

3. Legal bases for processing

Where GDPR or similar laws apply, we rely on the following legal bases:

  • Contract performance — to provide the Service you have signed up for.
  • Legitimate interests — to secure and improve the Service, prevent fraud, and understand how the Service is used.
  • Consent — where required, for example for non-essential cookies or marketing communications.
  • Legal obligation — to comply with tax, accounting, and other legal requirements.

4. How we share personal data

  • Service providers and subprocessors — hosting, database, storage, analytics, error monitoring, email delivery, and AI model providers who process data on our behalf under written agreements.
  • Merchant of Record (Paddle) — Paddle.com Market Limited acts as the Merchant of Record for all purchases. Paddle processes your payment data, manages subscriptions, calculates and remits taxes, and issues invoices. See Paddle's Privacy Notice for details.
  • Professional advisers — such as legal, accounting, and insurance advisers, where necessary.
  • Authorities — where required by law, court order, or to protect rights, property, or safety.
  • Business transfers — in connection with a merger, acquisition, or sale of assets, subject to appropriate safeguards.

We do not sell your personal data.

5. International transfers

Personal data may be processed in countries other than the one in which you reside, including outside the UK and EEA. Where such transfers occur, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses, the UK International Data Transfer Addendum, or adequacy decisions.

6. Data retention

We retain personal data for as long as your account is active and as needed to provide the Service. When you delete your account or the data is no longer needed, we will delete or anonymise it, except where we are required to retain it for legal, tax, accounting, or fraud-prevention purposes.

7. Security

We use appropriate technical and organisational measures to protect personal data, including encryption in transit, access controls, and secure hosting. No system is completely secure, and we cannot guarantee absolute security.

8. Your rights

Depending on where you live, you may have the right to:

  • access the personal data we hold about you;
  • request correction of inaccurate data;
  • request deletion of your data;
  • request restriction of, or object to, processing;
  • request a copy of your data in a portable format;
  • withdraw consent where processing is based on consent;
  • lodge a complaint with your local data protection authority.

We will respond to verified requests within the time frame required by applicable law (typically one month under GDPR). To exercise a right, contact us using the details below.

9. Cookies

We use essential cookies and similar technologies to keep you signed in, remember your preferences, and secure the Service. We may also use analytics cookies to understand how the Service is used. You can control cookies through your browser settings; disabling essential cookies may prevent parts of the Service from functioning.

10. Children

The Service is not directed to children under 16, and we do not knowingly collect personal data from children. If you believe a child has provided us personal data, contact us and we will take steps to delete it.

11. Changes to this notice

We may update this Privacy Notice from time to time. Material changes will be communicated by posting the updated notice on this page and updating the effective date.

12. Contact us

For privacy questions or to exercise your rights, contact us through the support channels provided in the Service. For payment-related privacy questions, contact Paddle at paddle.net.