Skip to main content

Legal

Privacy Policy

Last updated: April 16, 2026

1. Who we are

FolioCraft ("we", "our", "us") operates the website foliocraft.app and the FolioCraft application. We are committed to protecting your personal data in accordance with GDPR, CCPA, and other applicable privacy regulations.

2. Data we collect

We collect the following categories of personal data:

  • Account data: name, email address, company name (optional), and authentication credentials
  • Usage data: pages visited, features used, time spent, and device information
  • Document data: proposals, invoices, and contracts you create within the platform
  • Payment data: processed securely by Stripe. We never store your full card number.
  • Integration data: CRM contacts and deal data from connected services (HubSpot, Pipedrive) — read-only access

3. How we use your data

  • To provide and maintain the FolioCraft service
  • To process payments and manage your subscription
  • To send transactional emails (proposal viewed, signature requested, invoices)
  • To improve our product based on anonymized usage patterns
  • To provide AI-powered features (proposal drafting, intelligence recommendations)

We do not sell your personal data. We do not use your document content to train AI models. Your proposals and business data remain yours.

4. Data storage and security

Your data is stored on Supabase infrastructure in the EU (eu-west-1 region). All data is encrypted in transit (TLS 1.3) and at rest (AES-256). We use row-level security to ensure strict tenant isolation — your data is never accessible to other organizations.

5. Third-party services

We use the following sub-processors:

  • Supabase — database and authentication (EU)
  • Vercel — application hosting
  • Stripe — payment processing (PCI DSS Level 1)
  • Resend — transactional emails
  • Anthropic — AI features (no document data stored by Anthropic)

6. Your rights

Under GDPR and CCPA, you have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Delete your data ("right to be forgotten")
  • Export your data in a portable format
  • Withdraw consent at any time
  • Object to data processing

To exercise any of these rights, email us at privacy@foliocraft.app. We will respond within 30 days.

7. Cookies

We use essential cookies for authentication and locale preferences. We do not use tracking cookies or third-party advertising cookies. No cookie consent banner is required for essential-only cookies under GDPR, but you may clear cookies in your browser at any time.

8. Data retention

We retain your account data for as long as your account is active. When you delete your account, we remove all personal data within 30 days. Anonymized usage statistics may be retained for product improvement.

9. Changes to this policy

We may update this policy from time to time. Significant changes will be communicated via email. Continued use of the service after changes constitutes acceptance.

10. Contact

For privacy-related inquiries: privacy@foliocraft.app