pAInpoint.solutions

Privacy Policy

Last updated: April 18, 2026

Information We Collect

We collect information you provide directly to us and information we obtain from your use of our Service:

Account Information

  • Registration Data: Email address, username, password (securely hashed), and profile information
  • Authentication: Login credentials for both direct registration and OAuth via Replit
  • Profile Details: Business information, industry selection, company details, and professional background
  • Admin Accounts: Separate administrative credentials for platform management functions

Project and Submission Data

  • Problem Descriptions: Detailed text submissions describing business challenges and requirements
  • File Uploads: Documents, images, and other files you upload to support your project descriptions
  • Project Information: Project names, descriptions, categories, and associated metadata
  • Discovery Sessions: Interactive chat conversations and analysis results from AI-powered discovery sessions

AI Processing Data

  • Claude AI Processing: Your problem descriptions are sent to Anthropic Claude for PRD generation
  • Generated Content: AI-created Product Requirement Documents based on your submissions
  • Analysis Results: Structured insights and recommendations from AI processing
  • Session Context: Conversation history and context maintained during discovery sessions

Technical and Usage Data

  • IP Addresses: For rate limiting, abuse prevention, and geographic analytics
  • Session Data: Login sessions, authentication tokens, and security-related information
  • Platform Usage: Feature usage patterns, submission frequency, and interaction analytics
  • System Logs: Technical logs for platform performance monitoring and debugging

How We Use Your Information

We use the collected information for the following business purposes:

Core Platform Services

  • PRD Generation: Process your problem descriptions through Anthropic Claude AI to create tailored Product Requirement Documents
  • Account Management: Maintain your user account, authentication, and profile information
  • Project Organization: Store and organize your projects, submissions, and generated PRDs
  • Email Delivery: Send generated PRDs and platform notifications via Resend email service

Enhanced User Experience

  • Discovery Sessions: Facilitate interactive AI-powered conversations to refine project requirements
  • Progress Tracking: Monitor project completion status and profile completeness
  • Personalization: Customize the platform experience based on your industry and preferences
  • File Management: Securely store and manage uploaded documents and images

Platform Operations

  • Security: Protect against abuse, fraud, and unauthorized access through IP monitoring and rate limiting
  • Performance: Monitor system performance, identify issues, and optimize platform functionality
  • Support: Provide customer support and troubleshoot technical issues
  • Legal Compliance: Meet regulatory requirements and respond to legal obligations

Information Sharing and Third-Party Services

We share your information with specific third-party services essential to our platform operations:

AI Processing Partners

  • Anthropic: Your problem descriptions are sent to Anthropic Claude AI for PRD generation. Anthropic's privacy policy governs their handling of this data.
  • Data Processing: Only the specific content needed for AI processing is shared, not your full account information.
  • AI Model Usage: Data may be used to improve AI model performance according to Anthropic's terms.

Communication Services

  • Resend: Email addresses and generated PRD content are processed through Resend for email delivery.
  • Email Templates: We use custom email templates with our branding for consistent communication.
  • Delivery Tracking: Resend provides delivery confirmation and email analytics.

Optional Newsletter Services

  • Beehiiv: If you explicitly opt-in, your email address may be added to our newsletter via Beehiiv.
  • Marketing Communications: Newsletter subscriptions are completely optional and require separate consent.
  • Unsubscribe: You can unsubscribe from newsletters at any time through provided unsubscribe links.

Infrastructure and Security

  • Cloud Database: Data is stored in secure PostgreSQL databases hosted on trusted cloud infrastructure.
  • Authentication: OAuth integration with Clerk for secure authentication options.
  • File Storage: Uploaded files are stored securely with appropriate access controls and encryption.

Data Retention and Deletion

We maintain different retention schedules for different types of data:

Account Data

  • Active Accounts: Profile and account information retained while account remains active
  • Account Deletion: User-requested deletion processed within 30 days
  • Inactive Accounts: Accounts inactive for 2+ years may be archived or deleted after notice

Project and Submission Data

  • Project Data: Retained for the life of your account unless explicitly deleted
  • Generated PRDs: Stored indefinitely as core platform output unless account is deleted
  • Discovery Sessions: Chat history and analysis results retained for 1 year or until account deletion
  • Uploaded Files: Retained until project deletion or account closure

System and Security Data

  • IP Address Logs: Retained for 90 days for security and abuse prevention
  • Session Data: Authentication sessions expire and are purged according to security settings
  • System Logs: Technical logs retained for 30 days for debugging and performance monitoring
  • Email Delivery Logs: Resend delivery records retained according to their retention policy

Data Security

We implement comprehensive security measures to protect your information:

Technical Safeguards

  • Encryption: Data encrypted in transit via HTTPS and at rest in our databases
  • Password Security: User passwords are hashed using industry-standard bcrypt encryption
  • Database Security: PostgreSQL databases with access controls, connection limits, and monitoring
  • File Upload Security: File type validation, size limits, and secure storage for uploaded content

Access Controls

  • Role-Based Access: Separate user and admin roles with appropriate permission levels
  • Session Management: Secure session handling with appropriate timeout and invalidation
  • API Security: Protected API endpoints with authentication and rate limiting
  • Admin Functions: Administrative access protected with separate authentication requirements

Monitoring and Response

  • Abuse Prevention: IP-based rate limiting and automated abuse detection systems
  • Security Monitoring: Continuous monitoring for suspicious activity and security threats
  • Incident Response: Established procedures for security incident detection and response
  • Regular Updates: Security patches and updates applied to maintain platform security

Your Rights and Choices

You have several rights regarding your personal information:

Account Management

  • Profile Updates: Update your profile information, industry selection, and business details at any time
  • Project Management: Create, edit, or delete projects and associated submissions
  • File Management: Upload, view, or delete files associated with your projects
  • Account Deletion: Request complete account deletion through platform settings or by contacting support

Communication Preferences

  • Email Notifications: Control which types of platform notifications you receive
  • Newsletter Opt-out: Unsubscribe from optional marketing communications at any time
  • PRD Delivery: Core service emails (PRD delivery) cannot be disabled while using the platform

Data Access and Portability

  • Data Export: Request copies of your account data, projects, and generated PRDs
  • Data Correction: Request correction of inaccurate personal information
  • Processing Transparency: Understand how your data is processed through our AI services

Cookies and Tracking

Our platform uses cookies and similar technologies for essential functionality and optional enhancements:

Essential Cookies

  • Authentication: Session cookies to maintain your login state and security
  • Security: CSRF protection and other security-related cookies
  • Platform Function: Cookies necessary for core platform features to work properly

Functional Cookies

  • Preferences: Remember your theme, language, and display preferences
  • Form Data: Temporarily store form progress to prevent data loss
  • User Experience: Enhance platform usability and remember user choices

Cookie Management

  • Cookie Consent: Control optional cookies through our cookie consent interface
  • Browser Settings: Configure cookie preferences through your browser settings
  • Essential Cookies: Some cookies are necessary for platform security and cannot be disabled

Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices, technology, or legal requirements:

  • Notification: Material changes will be communicated via email and platform notifications
  • Effective Date: Updated policies will show the new effective date at the top of this page
  • Continued Use: Using the platform after changes become effective indicates acceptance of the updated policy
  • Major Changes: Significant changes may require re-consent for certain data processing activities

Contact Information

For questions about this Privacy Policy, your data rights, or our privacy practices, please contact us at:
info@painpoint.solutions