Privacy Notice

The data controller is Reserved Enterprises, LLC. Contact: support@procedurally.app.

Account information. When you sign up: your name (optional), email address, hashed password, the company name you provide at signup, and the role you select. We do not require a phone number; if you provide one, we store it.

Your operational content. Everything you create in the Service: SOPs (titles, descriptions, stages, resources, edit history), business identity statements (mission, vision, principles, who you serve), position descriptions, resource library entries, categories, comments, voice transcripts, and the metadata around them (timestamps, author IDs, version numbers).

Billing information. If you upgrade or buy Extra Usage packs, Stripe collects and stores your payment details. We receive only a Stripe customer ID, the last four digits of your card, brand, expiry month, and the events (paid, refunded, disputed) that we need to manage your subscription and balance. We never see, store, or transmit full payment-card numbers.

Usage and diagnostics. Standard server logs (request method, path, response status, latency, IP address, user agent, error stack traces), AI-call accounting (token counts, cost in cents, outcome — but not prompt or response bodies), and anomaly signals (rate-limit hits, off-topic AI rejections, cost spikes).

Cookies. We use a session cookie to keep you signed in, an active-organization cookie to remember which org you have open, and a CSRF token cookie. We do not run third-party advertising trackers.

We don’t collect data from third-party advertising networks, web beacons, fingerprinting libraries, or analytics tools that profile individual users across sites. We don’t collect or upload your browser history, contacts list, or files outside what you explicitly create in the Service.

We process personal data for the following purposes:

• To deliver the Service — authentication, content storage, AI generation, voice transcription, billing. Legal basis: performance of the contract with you.
• To bill you — process payments and handle disputes. Legal basis: performance of the contract; legal obligation.
• To send transactional emails — account, billing, security, invite, and receipt emails. Legal basis: performance of the contract.
• To keep the Service secure — detect abuse, fraud, and unauthorized access; rate-limit; investigate incidents. Legal basis: legitimate interests in protecting the Service and our customers.
• To comply with law — when required by valid legal process. Legal basis: legal obligation.

We do not sell your personal data. We do not use Your Content to train AI models, and we do not allow our sub-processors to use it for their model training.

We share personal data only with the service providers we need to deliver the Service. Each is bound by contractual data-protection terms and processes data only on our instructions.

We do not sell, rent, or share your personal data for advertising. We may disclose personal data when legally required (lawful subpoena, court order), and we will challenge requests that appear overbroad.

When you trigger an AI feature, we send the following to Anthropic and (for voice) to Deepgram:

• To Anthropic: your organization name; existing categories and position titles; the SOP draft or stage content you’re editing; your business-identity fields (mission, vision, principles, who you serve); voice-transcript text; and any clarifying answers you provide. We do not send your account email, phone number, payment information, IP address, or browsing history.
• PII redaction. Before sending, we automatically scrub recognizable email addresses, phone numbers, credit-card numbers (Luhn-checked), U.S. SSN-shaped numbers, and common API-key prefixes from your free-text inputs.
• To Deepgram: the raw audio you record. Deepgram returns text; the audio is not retained for training per our configuration.

Anthropic and Deepgram act as our sub-processors. Their terms with us prohibit using your data to train models.

Primary database storage is in the United States (Supabase). Hosting and edge caching is distributed via Vercel, primarily in the United States. AI processing is performed by Anthropic in the United States. Voice transcription is performed by Deepgram in the United States. Where you access the Service from outside the U.S., your data may be transferred to the U.S. for processing; we rely on Standard Contractual Clauses where applicable.

Your operational content is retained for as long as your account is active, plus a 30-day soft-delete window after account closure, after which it is permanently deleted (subject to operational backups that age out on a rolling basis within 90 days).

AI-call accounting rows (no prompt content) are retained for 24 months for billing reconciliation, abuse review, and dispute response.

Server logs are retained for up to 30 days; email-send logs are retained per Resend’s policy (typically ≤30 days).

Billing records are retained for as long as required for tax and accounting law (typically 7 years).

We use industry-standard security controls: TLS in transit; encryption at rest for managed-infrastructure storage; row-level security to isolate tenants in the database; hashed-at-rest storage of API keys and passwords; signed webhook verification; per-user and per-org rate limits; structured logging with PII redaction at write-time; and time-bounded access to admin systems.

No system is perfectly secure. Where required by applicable law, we will notify affected organization owners following a confirmed security incident that materially affects Your Content, on the timeline that law requires.

Regardless of where you live, you can exercise the following with us:

• Access and export. Most of your content is visible and editable in-app. For a full machine-readable export of your account’s data, email support@procedurally.app; we’ll fulfill within 30 days.
• Correction. Edit your content directly in-app; for account fields not surfaced in Settings, email us.
• Deletion. You can close your account from Settings or by emailing us. Deletion is final after the 30-day soft-delete window described above. Some records may be retained where law requires (e.g. tax records).
• Objection / restriction. You can ask us to stop processing your personal data for legitimate-interests purposes (e.g. product improvement); we’ll comply unless we have an overriding lawful basis.
• Withdraw consent. Where we rely on consent (e.g. optional marketing emails — we don’t currently send any), you can withdraw it at any time.
• Complain. If you’re in the EEA, UK, or another jurisdiction with a data-protection authority, you have the right to lodge a complaint. We’d prefer the chance to resolve it first — please email us.

California residents: you have specific rights under the CCPA/CPRA, including the right to know what we collect and to request deletion. The rights described above cover those entitlements. We do not sell personal information and we do not engage in cross-context behavioral advertising.

The Service is not directed to children under 13 (or under 16 in the EEA). We don’t knowingly collect personal data from children. If you believe a child has provided personal data to us, contact us and we’ll delete it.

We send transactional emails (account, billing, security, invitations, receipts) that you can’t opt out of while you have an active account. We do not currently send marketing emails. If we start, we’ll include an unsubscribe link.

We may update this notice from time to time. The current version is always posted at this URL with an updated “Effective” date and version indicator at the top. Continued use of the Service after the new version’s effective date constitutes acceptance.

Questions, requests, or concerns: support@procedurally.app.

This notice complements our Terms of Service.