Back to Home

Privacy Policy

Last Updated: January 19, 2026

1. Introduction

Welcome to Renewly ("we," "our," or "us"). We are committed to protecting your personal information and your right to privacy.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our contract intelligence platform. Please read this privacy policy carefully.

⚠️ IMPORTANT: This is a template. You must customize it with your specific company information and have it reviewed by a lawyer before publishing.

Replace all placeholder text and consult legal counsel for compliance with applicable laws.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Email address (required), full name, company name
  • Contract Information: Contract files (PDF, DOC, DOCX), titles, and metadata
  • Settings & Preferences: Notification preferences and communication settings

2.2 Information Collected Automatically

  • Usage Information: Pages visited, features used, time spent on the service
  • Device Information: Browser type, IP address, operating system
  • Cookies: Essential session cookies (required for functionality)

3. How We Use Your Information

3.1 Service Delivery

Legal Basis: Contract Performance

  • Create and manage your account
  • Process and analyze your contracts using AI
  • Send renewal notifications
  • Provide customer support

3.2 Legal Compliance

Legal Basis: Legal Obligation

  • Comply with legal requirements
  • Protect against fraud and abuse
  • Enforce our Terms of Service

4. Data Retention

We retain your personal information for as long as your account is active or as needed to provide services.

Retention Periods:

  • Active Account Data: Retained until you delete your account
  • Contracts: Retained until you delete them
  • Audit Logs: 3 years (for security and compliance)
  • Backups: 30 days, then permanently deleted

5. How We Share Your Information

We do not sell your personal information. We only share data with trusted service providers:

Supabase (Database & Storage)

  • Purpose: Store account data, contracts, and metadata
  • Security: SOC 2 Type II, GDPR compliant
  • DPA: Signed

Anthropic (AI Processing)

  • Purpose: Analyze contract content and extract information
  • Data Protection: Zero data retention policy
  • What's sent: Contract text only (no names, emails, or account info)

Resend (Email Service)

  • Purpose: Send renewal notifications and service emails
  • Security: GDPR compliant
  • What's sent: Email address and notification content

6. Your Rights

6.1 GDPR Rights (EU/EEA Users)

Right to Access:

Request a copy of your personal data (Settings → Export My Data)

Right to Rectification:

Correct inaccurate personal data (Settings → Profile)

Right to Erasure:

Request deletion of your data (Settings → Delete Account)

Right to Data Portability:

Receive your data in machine-readable format (JSON)

6.2 CCPA Rights (California Residents)

  • Know what personal information we collect and use
  • Access your personal information
  • Delete your personal information
  • Opt-out of sale (Note: We do not sell personal information)

7. Data Security

We implement appropriate technical and organizational measures to protect your personal information:

Technical Measures

  • ✓ Encryption in transit (TLS 1.3)
  • ✓ Encryption at rest (AES-256)
  • ✓ Secure authentication
  • ✓ Row-level security

Organizational Measures

  • ✓ Limited employee access
  • ✓ Security training
  • ✓ Incident response procedures
  • ✓ Regular security audits

8. Cookies and Tracking

We use essential cookies required for the service to function:

Session Cookies (Essential)

  • Purpose: Keep you logged in
  • Duration: Session or 7 days with "Remember Me"
  • Can be disabled: No (service won't work without them)

See our Cookie Policy for details.

9. Data Breach Notification

In the event of a data breach affecting your personal information, we will notify you within 24 hours (GDPR requires 72 hours) and provide information about the breach and steps we're taking.

10. Contact Us

If you have questions about this Privacy Policy or our data practices:

Email: privacy@renewly.gg

Response Time: We aim to respond within 5 business days

This Privacy Policy may be updated from time to time. Continued use of the service constitutes acceptance of changes.