Privacy Policy

1. Introduction

Welcome to PRASTAO ("we," "our," or "us"). We are committed to protecting your privacy and ensuring you have a positive experience using our voice-powered quote software.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and mobile application (collectively, the "Service"). Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the Service.

2. Information We Collect

2.1 Information You Provide

• Account Information: Name, email address, password, business name, and phone number when you create an account.
• Business Profile: Business logo, address, branding colors, and payment terms you configure in your profile.
• Client Data: Names, email addresses, phone numbers, and addresses of clients you add to your account.
• Quote and Payment Data: Quote details, line items, pricing, signatures, and payment information processed through Stripe.
• Voice Data: Audio recordings when you use voice input to create quotes (processed for transcription and immediately discarded).

2.2 Information Collected Automatically

• Usage Data: How you interact with the Service, features used, and time spent on pages.
• Device Information: Browser type, operating system, device type, and unique device identifiers.
• IP Address: Your IP address for security, analytics, and signature verification purposes.
• Cookies: We use cookies and similar tracking technologies to enhance your experience.

3. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve the Service
• Process quotes, signatures, and payments
• Send transactional emails (quote delivery, payment receipts)
• Send SMS notifications when requested
• Respond to customer support inquiries
• Analyze usage patterns to improve user experience
• Detect and prevent fraud or abuse
• Comply with legal obligations

We do not use your data to train AI models. Voice recordings are processed for transcription only and are not stored or used for any other purpose.

4. How We Share Your Information

We do not sell your personal data. We may share your information only in the following circumstances:

4.1 Service Providers

We work with trusted third-party service providers to operate our Service:

• Stripe: Payment processing. See Stripe's Privacy Policy
• Supabase: Database and authentication. See Supabase's Privacy Policy
• Twilio: SMS delivery. See Twilio's Privacy Policy
• Resend: Email delivery. See Resend's Privacy Policy
• AI Providers: Voice transcription (Anthropic/OpenAI). Data is processed for transcription only and not retained.

4.2 Legal Requirements

We may disclose your information if required by law or in response to:

• Valid legal process (subpoena, court order)
• Government requests
• Protection of our rights, privacy, safety, or property
• Emergency situations involving potential threats to safety

4.3 Business Transfers

If PRASTAO is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will provide notice before your data is transferred and becomes subject to a different privacy policy.

5. Data Retention

We retain your information for as long as necessary to:

• Provide the Service to you
• Comply with legal obligations
• Resolve disputes and enforce agreements

When you delete your account, we will delete or anonymize your personal data within 30 days, except where we are required to retain it by law or for legitimate business purposes (such as tax records or legal claims).

Quote and signature data may be retained for up to 7 years to comply with legal and contractual requirements.

6. Your Rights

Depending on your location, you may have the following rights:

6.1 Access and Portability

You can request a copy of your personal data at any time through your account settings or by contacting us.

6.2 Correction

You can update your account information directly in the app, or contact us to correct any inaccuracies.

6.3 Deletion

You can delete your account at any time. Upon deletion, we will remove your personal data as described in the Data Retention section.

6.4 Opt-Out

• Marketing emails: Unsubscribe link in every email
• Cookies: Adjust browser settings or use our cookie preferences

6.5 California Residents (CCPA)

California residents have additional rights under the CCPA, including:

• Right to know what personal information is collected
• Right to delete personal information
• Right to opt-out of the sale of personal information (we do not sell data)
• Right to non-discrimination for exercising privacy rights

6.6 European Residents (GDPR)

If you are in the European Economic Area, you also have:

• Right to restrict processing
• Right to object to processing
• Right to data portability
• Right to lodge a complaint with a supervisory authority

7. Security

We implement industry-standard security measures to protect your data:

• Encryption in Transit: All data transmitted between your device and our servers is encrypted using TLS 1.3.
• Encryption at Rest: Sensitive data is encrypted when stored in our databases.
• Secure Authentication: We use secure password hashing and support two-factor authentication.
• Access Controls: Employee access to user data is restricted and logged.
• Regular Audits: We conduct regular security reviews and vulnerability assessments.

No method of transmission over the Internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

8. Cookies

We use cookies and similar technologies for:

8.1 Essential Cookies

Required for the Service to function. These cookies enable authentication, security, and basic functionality.

8.2 Analytics Cookies

Help us understand how you use the Service so we can improve it. You can opt out of analytics cookies in your browser settings.

8.3 Managing Cookies

Most browsers allow you to refuse or delete cookies. Please note that disabling cookies may affect the functionality of the Service.

9. Children's Privacy

The Service is not intended for children under 18 years of age. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Posting the new Privacy Policy on this page
• Sending you an email notification
• Displaying a notice in the app

Your continued use of the Service after changes become effective constitutes your acceptance of the revised Privacy Policy.

11. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

• Email: privacy@prastao.com
• Contact Form: /contact

We will respond to your inquiry within 30 days.