Welcome to Pactify ("we," "our," or "us"). We are committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI knowledge management service available at https://pactify.io and our browser extension (collectively, the "Service").
This policy complies with the General Data Protection Regulation ("GDPR") for users in the European Economic Area, the California Consumer Privacy Act ("CCPA") for California residents, and other applicable privacy laws.
2. Information We Collect
2.1 Information You Provide
Content Data: AI conversation content synced, distilled, or processed through our service
Account Information: Email address when you create an account
Payment Information: Billing details processed securely through Stripe
Communication Data: Messages you send us for support
2.2 Information Automatically Collected
Usage Analytics: Service usage patterns, conversion statistics
Technical Data: IP address, browser type, device information
Cookies: Essential, functional, and analytics cookies (see Cookie Policy)
Error Logs: Technical error information for service improvement
2.3 Anonymous Authentication
We use Anonymous Authentication to track usage limits. This creates a temporary, anonymous identifier that does not contain personal information.
3. How We Use Your Information
Legal Bases for Processing (GDPR)
Contract Performance: Providing AI conversation sync, knowledge distillation, and content generation services
Legitimate Interest: Service improvement, security, analytics
Sync AI conversations, distill knowledge, generate content, and deliver processed results
Manage usage limits and billing for premium features
Provide customer support and respond to inquiries
Monitor and improve service performance and security
Detect and prevent fraud, abuse, or technical issues
Comply with legal requirements and enforce our terms
4. Data Storage and Retention
4.1 Storage Locations
Your data is stored using Google Cloud Platform, with servers primarily located in the United States. We implement appropriate safeguards for international data transfers.
4.2 Retention Periods
Conversation Content: Synced to your connected workspace (Notion) and retained on Pactify servers to power Distill, Generate, and Context features for everyday access
Knowledge Base (Context): Distilled knowledge and generated content stored until you delete them or your account is closed
Exported Files: 24 hours (free users), 168 hours/7 days (premium users) for legacy document exports
Usage Analytics: 25 months for statistical analysis
Account Data: Until account deletion or 3 years of inactivity
Payment Records: 7 years for legal and tax compliance
5. Data Sharing and Disclosure
5.1 Service Providers
We share data with trusted third-party providers:
Google: Hosting, authentication, analytics
Notion: Primary data storage and workspace integration — conversations are synced to and retrieved from your Notion workspace
Stripe: Payment processing (PCI DSS compliant)
5.2 Legal Requirements
We may disclose information when required by law, court order, or to protect our rights, users' safety, or investigate fraud.
5.3 Business Transfers
In case of merger, acquisition, or sale, your data may be transferred to the new entity under the same privacy protections.
6. Your Privacy Rights
6.1 GDPR Rights (EU Residents)
Access: Request copies of your personal data
Rectification: Correct inaccurate personal data
Erasure: Request deletion of your personal data
Portability: Receive your data in a structured format
Restriction: Limit how we process your data
Objection: Object to processing based on legitimate interests
Withdraw Consent: Withdraw consent for consent-based processing
6.2 CCPA Rights (California Residents)
Know: Know what personal information we collect and how it's used
Delete: Request deletion of personal information
Opt-Out: Opt-out of the sale of personal information (we don't sell data)
Non-Discrimination: Equal service regardless of privacy choices
Essential Cookies: Required for service functionality
Functional Cookies: Remember your preferences and settings
Analytics Cookies: Help us understand service usage
7.2 Cookie Management
You can manage cookie preferences through our Cookie Settings or your browser settings. Note that disabling essential cookies may affect service functionality.
8. Data Security
We implement industry-standard security measures:
Encryption: Data encrypted in transit (TLS) and at rest
Access Controls: Role-based access to personal data
Monitoring: Continuous security monitoring and incident response
Regular Audits: Security assessments and vulnerability testing
Data Minimization: Collect only necessary information
9. International Data Transfers
For users outside the United States, your data may be transferred to and processed in the US. We ensure adequate protection through:
Google Cloud Platform's security certifications and compliance programs
Standard Contractual Clauses (SCCs) with service providers
Adherence to data protection frameworks like Privacy Shield successor arrangements
10. Children's Privacy
Our service is not intended for children under 13 (or 16 in the EU). We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.
11. Changes to This Privacy Policy
We may update this Privacy Policy periodically. We will notify you of material changes via email or prominent notice on our service. Your continued use after changes constitutes acceptance of the updated policy.