DealSherpa Privacy Policy

Effective Date: June 23, 2025

Your privacy is paramount to DealSherpa. This Privacy Policy describes how DealSherpa ("we," "us," or "our") collects, uses, processes, stores, protects, and shares your information when you access or use our AI-powered business acquisition platform, including our website, applications, and services (collectively, the "Service").

By accessing or using the Service, you consent to the data practices described in this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access or use the Service.

1. Information We Collect

We collect information to provide, maintain, and improve our Service, as well as to communicate with you. The types of information we collect include:

A. Information You Provide Directly:

  • Account Registration Data: When you create an account, we collect personal details such as your full name, email address, and password.
  • Profile Information: Any additional information you provide for your user profile (e.g., contact details, company name, specific roles).
  • User-Uploaded Content (Deal Documents): The documents and data you upload for analysis, which may include sensitive financial statements, legal contracts (e.g., supply agreements, lease agreements), customer lists, market research, and meeting notes. This Content is central to the Service's functionality.
  • AI Advisor Interactions: Any text input you provide to the AI Advisor chatbot and the responses it generates.
  • Deal-Specific Notes: Any notes or conversations you manually enter for a specific deal.
  • Payment & Billing Information: While we use Stripe for payment processing, we collect certain billing details (e.g., billing address, subscription tier, transaction history). Your full payment card details are collected and processed directly by Stripe, not by DealSherpa.
  • Communications: Records of your communications with us, including customer support inquiries, feedback, and survey responses.

B. Information Collected Automatically:

  • Usage Data: Information about how you access and use the Service, such as the features you use, the pages you visit, the time, frequency, and duration of your activities.
  • Device Information: Information about your device, including your IP address, browser type, operating system, device identifiers, and mobile network information.
  • Log Data: Server logs may include details about your requests, network activity, hardware settings, browser type, browser language, the date and time of your request, and referral URL.
  • Cookies and Tracking Technologies: We use cookies and similar tracking technologies (like web beacons and pixels) to track activity on our Service and hold certain information. These are used for authentication, remembering your preferences, analyzing trends, and improving user experience. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.

C. Information from Third Parties:

  • Stripe: We receive transaction information (e.g., payment status, subscription details) from Stripe related to your purchases and subscriptions. We do not receive full payment card details.
  • Supabase: As our backend service provider, Supabase processes user authentication data and stores the data you provide to our database and storage buckets. Their privacy policy also governs their handling of data.
  • AI Providers: If we integrate with external AI model providers, data sent for processing (e.g., your uploaded content for analysis) is governed by their sub-processor terms, ensuring data privacy.

2. How We Use Your Information

We use the collected information for various purposes, primarily to provide and improve the DealSherpa Service. Specifically:

  • To Provide and Maintain the Service: To operate DealSherpa's functionalities, including account management, deal creation, document upload, and display of analysis.
  • To Perform AI Analysis: To process your User-Uploaded Content with our AI models (including those of third-party AI providers) to generate AI Analysis Output (e.g., financial ratios, legal risk assessments, recommendations, questions, and ratings).
  • To Process Payments: To manage your subscriptions, process per-deal payments, and communicate billing-related information through our Stripe integration.
  • To Personalize Your Experience: To tailor the Service to your preferences and provide relevant content and features.
  • To Communicate with You: To send you service-related notifications, updates, security alerts, and support messages, as well as marketing and promotional communications you've opted into.
  • For Security and Fraud Prevention: To protect the integrity and security of our Service, prevent fraudulent activities, and enforce our Terms of Service.
  • For Product Improvement: To analyze usage patterns, diagnose technical problems, and optimize features and performance. This often involves aggregated or anonymized data.
  • For Legal Compliance: To comply with legal obligations, respond to lawful requests, and protect our rights.

3. How We Share Your Information

We share your information only in limited circumstances and for specific purposes, as described below:

A. With Service Providers:

We engage third-party companies and individuals to facilitate our Service ("Service Providers") to perform Service-related services (e.g., payment processing, hosting, analytics, customer support). These Service Providers have access to your Personal Information only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

  • Stripe: For payment processing and subscription management. Your payment information is directly handled by Stripe.
  • Supabase: As our backend infrastructure, hosting our database, authentication, and file storage.
  • AI Model Providers: If we utilize third-party AI models for document analysis, your uploaded Content is securely transmitted to these providers solely for the purpose of generating AI Analysis Output. We ensure these providers are contractually obligated to maintain data confidentiality and security and will not use your Content to train their public/general AI models without your explicit consent.

B. For Legal Reasons:

We may disclose your Personal Information if required to do so by law or in response to valid requests by public authorities (e.g., a court or a government agency).

C. Business Transfers:

If DealSherpa is involved in a merger, acquisition, or asset sale, your Personal Information may be transferred. We will provide notice before your Personal Information is transferred and becomes subject to a different Privacy Policy.

D. With Your Consent:

We may share your information with third parties when we have your explicit consent to do so.

E. Aggregated or Anonymized Data:

We may share aggregated or anonymized information that cannot reasonably be used to identify you.

F. No Sale of Personal Data or User-Uploaded Content:

DealSherpa does NOT sell your Personal Data or your User-Uploaded Content to any third parties. Your Content is used solely for the purpose of providing and improving the Service to you.

4. Data Retention

We retain your Personal Information and User-Uploaded Content only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law (e.g., for legal, tax, or accounting purposes). When your account is terminated, we will delete or anonymize your Personal Information and Content within a commercially reasonable timeframe, subject to legal obligations.

5. Data Security

We implement reasonable technical and organizational measures designed to protect the security of your Personal Information and User-Uploaded Content against unauthorized access, disclosure, alteration, and destruction. These measures include:

  • Encryption of data in transit (TLS/SSL).
  • Encryption of data at rest (database and file storage).
  • Access controls and authentication mechanisms.
  • Regular security audits and updates.

However, no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security.

6. Your Data Rights

Depending on your jurisdiction, you may have the following rights regarding your Personal Information:

  • Right to Access: Request a copy of your Personal Information.
  • Right to Rectification: Request correction of inaccurate or incomplete Personal Information.
  • Right to Erasure ("Right to Be Forgotten"): Request deletion of your Personal Information, subject to certain exceptions.
  • Right to Data Portability: Request transfer of your Personal Information to another organization or directly to you.
  • Right to Object: Object to the processing of your Personal Information in certain circumstances.
  • Right to Withdraw Consent: Withdraw your consent at any time where processing is based on consent.
  • Right to Lodge a Complaint: Lodge a complaint with a data protection authority.

To exercise any of these rights, please contact us using the contact information provided below. We will respond to your request in accordance with applicable laws.

7. Third-Party Services

DealSherpa uses third-party services like Stripe (for payments) and Supabase (for backend services). This Privacy Policy does not apply to the practices of third-party companies that we do not own or control. We encourage you to review the privacy policies of these third parties.

8. Children's Privacy

Our Service is not intended for use by children under the age of 18. We do not knowingly collect Personal Information from children under 18. If you become aware that a child has provided us with Personal Information, please contact us, and we will take steps to delete such information.

9. International Data Transfers

As DealSherpa operates globally and utilizes cloud services, your information may be transferred to and maintained on computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those from your jurisdiction. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

10. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Effective Date" at the top of this Privacy Policy. We encourage you to review this Privacy Policy periodically for any changes.

11. Contact Information

If you have any questions about this Privacy Policy, please contact us at:

support@dealsherpa.com