Legal

Privacy Policy

Last updated: May 12, 2026

Never Sold

We never sell your data or share client information without consent.

Encrypted & Isolated

All data encrypted at rest and in transit. Each user’s data is isolated with Row Level Security.

Full Control

Export your data anytime, delete your account, and revoke integrations with one click.

At CloseDraft, we treat your data with the same care you treat your client relationships. This Privacy Policy explains exactly what we collect, why, and how we keep it safe — including how our AI, Gmail, Discord, and Telegram features handle your information.

Contents

1. Data Collection 2. How We Use It 3. Sharing 4. AI & Gmail 5. Discord & Telegram 6. Security 7. Retention 8. Your Rights 9. Contact

1. Information We Collect

Account & Contact

  • Registration: Name, email address, authentication credentials (Google OAuth or email/password).
  • Client Data: Names, business details, email addresses, project information, payment amounts, notes, and tags you add.
  • Communications: AI-generated emails, support requests, and any messages sent to us.

Automatically Collected

  • Usage: Pages visited, features used, time on platform.
  • Device: Browser, OS, IP address, approximate location.
  • Cookies: Essential only for session management and preferences (no tracking or advertising cookies).

2. How We Use Your Information

  • Service Delivery: Store and display client data, generate AI emails, run automated campaigns.
  • Improvement: Analyze aggregated, anonymous usage patterns to refine features and fix issues.
  • Communication: Transactional emails (confirmations, receipts) and optional product updates.
  • Security: Detect and prevent fraud, abuse, and security threats.

3. How We Share Your Information

We never sell your personal data or client information. We share only with essential service providers:

  • Supabase: Database hosting and authentication (your data is isolated with Row Level Security).
  • Google Gemini AI: Only the context needed to generate emails; Google does not use your data to train models.
  • Polar.sh: Payment processor; your card details go directly to Polar, not us.
  • Render: Application hosting.
  • Discord / Telegram: Only notification content you’ve configured (see sections 4–5).

4. AI & Email Integrations

Gemini AI Email Generation

We send only the client’s name, business, project, and your selected type/tone to Gemini. Google does not use your prompts to train its models. Generated emails are cached locally and never shared.

Gmail Integration

When you connect Gmail, we request permissions to send emails and read your inbox only to detect replies. Access and refresh tokens are encrypted with AES‑256 and deleted when you disconnect.

5. Discord & Telegram Notifications

Discord OAuth Bot

We store your Discord ID, username, and a private channel ID only to send notifications you’ve chosen. No message history or server data is accessed. Disconnect anytime to remove all stored identifiers.

Telegram Bot

We store your Telegram Chat ID to send direct notifications. The bot only receives the events you explicitly enable. Unlink your account and the Chat ID is permanently deleted from our servers.

6. Data Security

Encryption

AES‑256 at rest · TLS 1.3 in transit

Row Level Security

Every database query is scoped to your user ID

Daily Backups

Encrypted backups with point-in-time recovery

7. Data Retention

  • Active accounts: Data is retained as long as you use the service.
  • Deleted accounts: All personal and client data is permanently erased within 30 days.
  • Backups: Encrypted backups may persist for up to 90 days for disaster recovery, then securely purged.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access, correct, or delete your personal data.
  • Export your client data (available in Settings).
  • Withdraw consent for Gmail, Discord, or Telegram at any time.
  • Opt out of non‑essential communications.
  • Lodge a complaint with your local data protection authority.

To exercise these rights, contact us at closedraft@gmail.com.

9. Contact Us

If you have any questions or want to exercise your rights:

Email: closedraft@gmail.com

CloseDraft is committed to protecting your privacy and the confidentiality of your client relationships. Every feature is built with data minimization and security by design.