Dealwright
BlogLog inGet Started

Legal

Privacy Policy

Last updated: April 2, 2026

What We Collect

We collect the following information when you use Dealwright:

  • Account data — your email address and a hashed password, managed by Supabase Auth.
  • Deal data — financial details, PDFs, listing URLs, notes, and attachments you upload while evaluating deals.
  • Billing information — subscription status and payment records processed by Stripe. We never store card numbers.
  • Usage data — IP address, browser type, and pages visited, collected by our hosting provider (Vercel).
  • Performance metrics — anonymous page load performance data (Core Web Vitals) collected by Vercel Speed Insights. No cookies or personal identifiers are used.

How We Use It

  • To operate and deliver the Dealwright service.
  • To process AI deal extraction — uploaded deal content (PDFs, URLs, text) is sent to Anthropic's API for analysis.
  • To scrape listing URLs you submit, using the Firecrawl service.
  • To generate PDF deal reports from your deal data.
  • To send transactional emails (email confirmation, password reset) via Supabase.
  • To process subscription payments and manage billing via Stripe.

Third-Party Services

Dealwright shares data with the following third-party services to operate:

  • Supabase — authentication and database (hosted in the United States).
  • Anthropic— AI processing. Deal content you upload is sent to Anthropic's API for extraction and analysis.
  • Firecrawl — web scraping of listing URLs you submit.
  • Stripe — payment processing and subscription management.
  • Vercel — application hosting, CDN, and anonymous performance monitoring (Speed Insights).

Each provider has its own privacy policy governing its use of your data.

Data Retention

Your account data and deal data are retained for as long as your account is active. If you request account deletion, we will remove your data from our systems. Stripe retains billing records in accordance with their own data retention policies and applicable financial regulations.

Your Rights

You have the right to access, correct, or delete your personal data at any time. To exercise these rights, contact us at hello@dealwrightapp.com.

Cookies

Dealwright uses session cookies for authentication only. We do not use advertising or tracking cookies.

Security

All data is encrypted in transit over HTTPS. Data stored in Supabase is protected by row-level security policies, ensuring each user can only access their own data.

Children

Dealwright is not directed at anyone under the age of 18. We do not knowingly collect personal information from minors.

Changes to This Policy

If we make material changes to this Privacy Policy, we will notify you by email. Continued use of the service after notification constitutes acceptance of the updated policy.

Contact

Questions about this Privacy Policy? Email us at hello@dealwrightapp.com.