Legal
Privacy Policy
Effective date: July 10, 2026 · Last updated: July 10, 2026
Plain-language summary provided for convenience; this document was generated for early access and will be refined with counsel.
In plain language
We collect what we need to run the product: your account details, the fund documents you upload, the terms extracted from them, and usage and audit logs. Document contents go to Anthropic for extraction; neither TermProof nor Anthropic trains models on them. We never sell personal data. Cookies are for login sessions only — no ad trackers. Demo sandboxes delete themselves after seven days, and you can ask us to delete your data anytime at team@termproof.com.
1. Who we are
TermProof ("TermProof", "we", "us") provides document-native fund operations at termproof.com (the "Service"). This policy describes what personal data we collect, how we use it, who processes it on our behalf, and the choices you have. For questions or requests, contact team@termproof.com.
2. What we collect
- Account information — your email address and name, your organization, and your role within it.
- Waitlist information — the email address and, if you provide them, the name, fund size, and referral source you submit when joining the waitlist.
- Uploaded fund documents — the SAFEs, convertible notes, priced equity paperwork, side letters, warrants, term sheets, and other documents you upload, which may contain personal data about parties to those documents.
- Extracted terms and review activity — the deal terms extracted from your documents, together with your approvals, corrections, and rejections.
- Usage and audit logs — records of actions taken in the Service (who did what, and when), used for security, support, and the audit trail the product provides.
- Billing information — subscription status and usage counts. Payment card details are collected and stored by Stripe, not by TermProof.
3. How we use your data
We use your data to provide the Service: extracting terms from your documents, running the review workflow, maintaining the audit trail, computing fund analytics, metering usage for billing, sending you service and onboarding email, securing the platform, and responding to support requests. We do not use your data for advertising.
4. Service providers
We share data only with the service providers that run the platform, each bound to process it solely to provide their service to us:
- Anthropic — AI model inference over document contents for classification and term extraction. Anthropic does not train models on API data.
- Supabase — Database, authentication, and file storage for uploaded documents.
- Vercel — Application hosting and delivery.
- Stripe — Subscription billing and payment processing. TermProof never stores your card details.
- Resend — Sending transactional and onboarding email.
- Cloudflare — DNS and email routing for the termproof.com domain.
We may also disclose data when required by law, or as part of a merger, acquisition, or sale of assets, in which case this policy continues to apply to the transferred data.
5. No sale of data, no training on your documents
We do not sell personal data, and we do not share it for cross-context behavioral advertising. TermProof does not train AI models on your documents or extracted data. Document contents are sent to Anthropic solely to perform extraction, and Anthropic does not train models on API data.
6. Retention and deletion
We retain your documents and extracted data for as long as your organization uses the Service, so your records and their source documents stay connected. Demo sandbox organizations, including everything uploaded to them, are deleted automatically after seven days. You can request deletion of your account, organization, or specific data at any time by emailing team@termproof.com; we will honor verified requests within a reasonable period, subject to legal retention obligations.
7. Email and unsubscribe
Onboarding and marketing email from TermProof includes RFC 8058 one-click unsubscribe headers and an unsubscribe link in the message body; either immediately stops that category of email to your address. We may still send transactional email necessary to operate the Service, such as sign-in links, invitations, and billing notices.
8. Cookies
We use cookies only for authentication and session management — keeping you signed in and scoping demo sandbox sessions. We do not use advertising cookies or third-party tracking cookies.
9. Security
Documents and data are encrypted in transit and at rest. Every query in the product is scoped to your organization, and reads and writes of extracted terms are recorded in an audit log. No system is perfectly secure, but we design for tenant isolation and traceability, and we will notify affected customers of a breach as required by law.
10. Your rights
Depending on where you live (including under the California Consumer Privacy Act and the EU/UK General Data Protection Regulation), you may have the right to access the personal data we hold about you, correct it, delete it, receive a portable copy, object to or restrict certain processing, and not be discriminated against for exercising these rights. To exercise any of them, email team@termproof.com; we will verify your request and respond within the timeframe required by applicable law. If you are in the EU or UK, you may also lodge a complaint with your supervisory authority.
11. Children
The Service is for professional use by fund managers and their teams. It is not directed to children, and we do not knowingly collect personal data from anyone under 16.
12. Changes to this policy
We may update this policy as the Service evolves, particularly as we exit early access. If we make material changes, we will notify you by email or in the product before they take effect, and we will update the "Last updated" date above.
13. Contact
Privacy questions and requests: team@termproof.com.