Legal

Privacy Policy

Last updated: May 12, 2026

1. Who We Are

PipelineIQ is an AI-powered deal intelligence platform for SMB sales teams. We are operated by Pavan Madabathula. If you have questions about this policy, contact us at mvspavan001@gmail.com.

2. What Data We Collect

Account data — Name, email address, and password (or Google OAuth token) when you sign up.

CRM data (HubSpot) — When you connect HubSpot, we sync deal records, contact information, and engagement activity (calls, emails, meetings, notes) into your PipelineIQ workspace. This data is stored in your isolated workspace and is never shared with other customers.

Usage data — Pages visited, features used, and interaction events collected via PostHog (proxied through our own domain to avoid ad-blocker interference). We use this to understand product usage and improve the platform.

AI processing data — Deal data and activity history are sent to OpenAI's GPT-4o API to generate deal health scores and recommended actions. Prospect company names and domains are sent to Tavily for web signal searches. We do not use your data to train third-party AI models.

Billing data — Payment processing is handled by Stripe. We do not store full card numbers. Stripe's privacy policy applies to payment data.

3. How We Use Your Data

To provide deal health scoring, prospect signal monitoring, and focus digest features
To send transactional emails (account confirmation, daily digest) via Resend
To track API usage costs per workspace for billing and transparency
To improve the product based on aggregated, anonymised usage patterns
To detect and prevent fraud, abuse, or security incidents

We do not sell your data. We do not use your CRM data for advertising purposes.

4. Data Retention

Your workspace data (deals, contacts, activities, scores, signals) is retained as long as your account is active. You can delete all synced CRM data at any time from Settings → HubSpot without deleting your account. On account deletion, all workspace data is purged within 30 days.

5. Third-Party Services

Service	Purpose
Supabase	Database and authentication
OpenAI	AI deal scoring and signal reasoning
Tavily	Prospect web signal search
HubSpot	CRM data source (user-initiated)
PostHog	Product analytics (proxied)
Stripe	Payment processing
Resend	Transactional email
Render	Backend hosting
Vercel	Frontend hosting

6. Your Rights

You have the right to access, correct, export, or delete the personal data we hold about you. To exercise these rights, email mvspavan001@gmail.com. We will respond within 30 days.

7. Security

All data is encrypted in transit (TLS) and at rest. Database access is restricted to application-layer service accounts. We use Row-Level Security (RLS) in Supabase to enforce workspace isolation — no customer can access another customer's data.

8. Children

PipelineIQ is not directed at children under 16. We do not knowingly collect data from minors.

9. Changes to This Policy

We may update this policy as the product evolves. We will notify active users by email of material changes at least 14 days before they take effect.