ProposalPilot AI proposal intelligence for agencies
Start a proposal
Legal

Privacy Policy

Last updated April 2026

This policy describes the information ProposalPilot collects, how that information is stored, and the rights you have over it. It is written in plain language so proposal teams, security reviewers, and procurement officers can read it once and know what to tell their leadership.

01Who we are

ProposalPilot is an AI-powered RFP-to-proposal platform operated by an independent product team. When this policy uses "we," "us," or "ProposalPilot," it refers to that operating team and the systems we maintain at proposalpilot.net. When it uses "you," it refers to the person using the product or the organization they represent.

We are the data controller for account information you give us directly. For proposal files you upload into a workspace, we act as a data processor on behalf of your organization — meaning we hold and process that content under your instructions, not ours.

02What we collect

We only collect what we need to run the product. Specifically:

  • Account data — name, work email, company, and the password hash or federated identity you use to sign in.
  • Workspace content — the RFPs, supporting documents, firm context, differentiators, tone preferences, and draft outputs you create inside a proposal workspace.
  • Product telemetry — which features you used, at what time, and with what outcome, so we can diagnose errors and improve the intake and review flows.
  • Billing information — handled by our payment processor; we retain the last four digits of the card and billing country, never the full card number.
  • Support correspondence — if you email us, we keep that thread so we can answer follow-ups.

We do not buy contact lists, we do not use hidden tracking pixels, and we do not run fingerprinting scripts.

03How we use it

We use the information above to:

  • Deliver the proposal workflow you signed up for — intake, compliance mapping, drafting, gap resolution, and export.
  • Authenticate your sessions and protect your workspace from unauthorized access.
  • Send transactional emails tied to your account, such as password resets, billing receipts, and security notices.
  • Answer your support requests and investigate reported issues.
  • Measure product health at an aggregate level — median draft time, export success rate, feature adoption — to decide where to invest engineering.

We do not sell your data, and we do not rent access to it. Advertising is not part of our business model.

04Uploaded RFP files

The most sensitive content ProposalPilot touches is the bid package you upload — RFPs, attachments, pricing sheets, past performance, and capability statements. We treat that content as the property of your organization at all times.

Scoped to your workspace, full stop

Uploaded files are stored in a workspace tied to your account. They are encrypted in transit with TLS 1.3 and at rest with AES-256. Only authenticated members of that workspace can read them. Our engineering team can access a specific workspace only with a signed, logged support ticket from an account owner.

If you delete a file, the object is purged from primary storage within 24 hours and from encrypted backups within 30 days. Deletion is final — we do not retain a shadow copy for analytics, recommendations, or any other downstream use.

05Model training

We do not train shared AI models on your content. The RFPs you upload, the context you add, and the drafts the system produces stay inside your workspace. They are used to generate your package and support your team's work on that specific pursuit — nothing else.

If at some future point we offer an opt-in program to improve ProposalPilot using anonymized customer content, it will be exactly that: opt-in, clearly labeled, and reversible. We will never flip that default without your written consent.

06Retention windows

We keep things only as long as they are useful to you:

  • Uploaded files and draft outputs — up to 30 days by default, so teams can return to an active submission. You can tighten or extend this window in workspace settings.
  • Account records — retained while your account is active and for 12 months after closure, to support reactivation and tax or audit requirements.
  • Billing records — retained for seven years, as required by generally accepted tax practice.
  • Product telemetry — aggregated and stripped of direct identifiers within 90 days.
  • Support correspondence — retained for 24 months from the last reply.

07Sharing and sub-processors

We share information with a small, deliberately short list of sub-processors, each chosen for security posture rather than convenience:

  • Cloud hosting — an enterprise-grade provider in a data region you select at signup.
  • Language model inference — a vetted AI provider operating under a data-processing agreement that prohibits training on customer content.
  • Transactional email — limited to account, billing, and security messages.
  • Payments — a regulated processor that handles card data directly.
  • Error reporting — a privacy-respecting service that records stack traces without request bodies.

The current list of sub-processors is available on request from founder@proposalpilot.net. We give at least 30 days' notice before adding a new sub-processor with material access to customer content.

08Security controls

Our security program is aligned with SOC 2 Type I criteria, and we are in the evidence-collection phase for a Type II report. Concretely, that means:

  • All production traffic uses TLS 1.3, with HSTS preload enabled.
  • Customer content is encrypted at rest with AES-256 using keys rotated on a scheduled cadence.
  • Engineering access to production is gated behind hardware MFA, just-in-time role elevation, and session recording.
  • Dependencies are scanned continuously; critical patches ship within 72 hours of disclosure.
  • We run annual third-party penetration tests and publish an executive summary to customers on request.

If you believe you have discovered a vulnerability, please report it privately to founder@proposalpilot.net. We acknowledge within one business day.

09Your rights

Depending on where you live, you have some or all of the following rights: to access the personal data we hold about you, to correct it, to delete it, to export a copy, to restrict certain processing, and to object to processing based on legitimate interests. Residents of the EU and UK can exercise these rights under the GDPR; residents of California can exercise them under the CCPA.

You can act on most of these rights yourself from workspace settings. For anything that isn't self-serve, email founder@proposalpilot.net and we will respond within 30 days.

10Cookies and telemetry

We use a small number of first-party cookies to keep you signed in, remember your workspace preference, and protect against forgery. We do not set advertising cookies. We do not embed third-party trackers on the marketing site. If you disable cookies, the marketing pages still work; the product requires session cookies to function.

11Changes to this policy

When we change this policy in a way that affects your rights, we will update the "Last updated" date at the top, email account owners at the address on file, and give at least 30 days' notice before the change takes effect. Editorial clarifications that do not change the substance of our practices may go live immediately.

12Contacting us

For privacy questions, data-subject requests, or anything else related to this policy, email founder@proposalpilot.net. For general product and commercial inquiries, use the same address.

This policy is offered in good faith to help you evaluate ProposalPilot. It is not a contract and does not replace the Terms of Service, which govern your use of the product. If there is any conflict between this policy and a signed enterprise agreement, the enterprise agreement controls.