ProposalAI Privacy Policy
Last Updated: June 25, 2025
Table of Contents
Introduction
Welcome to ProposalAI (“we,” “us,” “our”). ProposalAI is an AI enabled response management platform that helps businesses streamline their response to RFPs, security questionnaires, and other complex inquiries by transforming their internal documents into a secure, AI-powered knowledge base. We are committed to protecting the privacy and security of your information
This Privacy Policy explains how we collect, use, disclose, and safeguard your data when you use our website and services (the “Services”). By using our Services, you agree to the collection and use of information in accordance with this policy.
Definitions
Customer Data: The documents, content, and information that you or your organization uploads, creates, or submits to our Services, such as past proposals, security documentation, or technical manuals. This is your confidential information, which we process on your behalf.
Personal Data: Information that identifies you as an individual or relates to an identifiable individual. This includes data you provide when you create an account, such as your name, email address, and job title; billing information; technical information like your IP address; and usage data related to how you interact with our Services
Core Principles
Accountability
We are responsible for all Personal Data under our control and have designated a Privacy Officer to ensure our compliance with these principles.
Legal Bases for Processing
We process your Personal Data on the basis of our contract with you (to provide the Services) and for our legitimate interests to improve and secure our Services. This improvement process involves analyzing aggregated usage data and performance metrics to enhance functionality and security; it does not involve using your Customer Data for this purpose. For your Customer Data, we act as a “data processor” on your behalf, processing it to provide the core functionality of our Services.
Data Collection Purposes and Limits
We collect Personal Data only for the purposes of creating and managing user accounts, providing customer support, billing, and improving our Services. We only process your Customer Data for the sole purpose of providing the Services you have subscribed to, primarily to extract information, create your Intelligent Knowledge base, and generate contextually aware responses. To provide this functionality, we leverage trusted third-party Large Language Models (LLMs) for processing and response generation.
Limiting Use, Disclosure, and Retention
We do not sell your Personal Data or Customer Data. We will not disclose your information to third parties except to trusted sub-processors who are essential for core product functionality, such as cloud hosting providers and Large Language Model (LLM) providers (e.g., OpenAI, Google, Anthropic etc). Your data is processed solely by these LLM providers to generate a response for your specific request and is not retained or used for any other purpose.
Your Customer Data is retained for the duration of your contract and will be securely deleted upon termination at your direction.
Data Accuracy
We rely on you to provide accurate Personal Data for your account and to update it as necessary. The accuracy of the content within your Customer Data is your organization’s responsibility.
Data Security and Safeguards
We are committed to securing your data. We use industry-standard technical and organizational measures, including encryption of data in transit and at rest, access controls, and regular security assessments, to protect your Customer Data and Personal Data against unauthorized access, disclosure, or loss. Our process includes selecting sub-processors, including LLM providers, whose publicly available terms and data security policies align with our commitment to privacy and confidentiality
Data Subject Rights
You have rights concerning your Personal Data, subject to local laws.
Accessing Your Information
You have the right to request access to the Personal Data we hold about you.
Correcting Your Information
You have the right to correct any inaccurate or incomplete Personal Data we hold about you, which can typically be done through your account settings.
Other Data Subject Rights
Depending on your location (e.g., EU/UK), you may have other rights, such as the right to erasure, restriction of processing, and data portability.
Challenging Compliance
If you have any concerns about our compliance with this policy, please contact our Privacy Officer (see contact details in Section 4 below).
Please note that in responding to such communications, we may need to confirm the individual’s identity, request additional details about them, and/or work with other departments to respond to them fully, or to properly investigate their concern or complaint.
Data Residency
While your Customer Data may be stored in secure data centers in a specific geographic region (e.g., North America, Europe), the processing required for generating responses involves sending data to our LLM sub-processors, whose servers may be located in other countries, including the United States.
Contact Us
If you have any questions about this Privacy Policy or our privacy practices, please contact our Privacy Officer at: [email protected]
Revision History
We may update this Privacy Policy from time to time. If we make any updates, we will post them on this page and revise the ‘Last Updated Date’. We review this policy at least annually to ensure it remains current with regulations and best practices.
Cookie Policy
Our website uses cookies to improve your experience. Cookies are small data files stored on your device. We use them for
- Essential Operations: To operate our website and secure your login sessions.
- Performance and Analytics: To understand how our website is used and to improve its performance.
- Functionality: To remember your preferences and settings. You can control or refuse cookies through your web browser’s settings, but please note that some parts of our Services may not function properly without them.
