Back to appPravado

Privacy Policy

Last updated: March 15, 2026

Saipien Labs LLC ("Pravado", "we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Pravado platform at app.pravado.io and all associated services (the "Service").

By using the Service, you consent to the data practices described in this Privacy Policy. If you do not agree with this policy, please do not use the Service.

1. Introduction

Pravado is an AI-native Visibility Operating System designed for businesses and marketing professionals. This policy applies to all users of the Service, including account holders, team members, and anyone who interacts with our platform. We process data as a controller for account and usage data, and as a processor for content you create and manage through the Service.

2. Information We Collect

2.1 Account Information

When you register for an account, we collect your name, email address, organization name, job title, and password. If you sign up through a third-party authentication provider, we receive the information you authorize that provider to share.

2.2 Usage Data

We automatically collect information about how you interact with the Service, including pages visited, features used, actions taken, timestamps, session duration, click patterns, and navigation paths. This data helps us understand how the Service is used and how to improve it.

2.3 Content Data

We store and process content you create, upload, or manage through the Service, including articles, press releases, pitch drafts, SEO analyses, keyword research, journalist contact information, and any other materials you input into the platform.

2.4 Integration Data

If you connect third-party services (such as Google Search Console, email providers, or CRM systems), we collect data from those integrations as authorized by you. This may include website analytics, search performance data, email engagement metrics, and contact information.

2.5 Device and Technical Data

We collect information about the device and browser you use to access the Service, including IP address, browser type and version, operating system, screen resolution, language preferences, and referring URLs.

2.6 Communications

We retain records of communications between you and our support team, including emails, chat messages, and any feedback or survey responses you provide.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Service Delivery -- To provide, operate, maintain, and improve the Service, including AI features such as SAGE recommendations, CiteMind analysis, and content generation.
  • AI Features -- To power AI-driven analysis, recommendations, and content generation within the Service. Your content is processed in real time by AI models to deliver personalized insights and suggestions.
  • Payments -- To process subscription payments, manage billing, and prevent fraud through our payment processor, Stripe.
  • Product Communications -- To send you transactional emails (account confirmations, billing receipts, security alerts), product updates, and, with your consent, marketing communications.
  • Fraud Detection and Security -- To detect, prevent, and respond to fraud, unauthorized access, and other security threats.
  • Legal Compliance -- To comply with applicable laws, regulations, legal processes, or enforceable governmental requests.
  • Analytics and Improvement -- To analyze usage patterns, conduct research, and improve the Service's features, performance, and user experience.

4. How We Share Your Information

We do not sell your personal information. We share data only in the following limited circumstances:

4.1 AI Service Providers

We use third-party AI providers to power certain features of the Service. Content you submit may be processed by:

  • OpenAI -- For content generation, analysis, and natural language processing.
  • Anthropic -- For AI reasoning, strategy recommendations, and content analysis.
  • Perplexity -- For citation tracking and AI search intelligence.

These providers process data per our instructions and are contractually prohibited from using your data for their own model training purposes.

4.2 Infrastructure Providers

  • Supabase -- Database hosting and authentication.
  • Render -- API hosting and compute.
  • Vercel -- Frontend hosting and edge network.

4.3 Analytics Providers

  • PostHog -- Product analytics and feature usage tracking.
  • Sentry -- Error monitoring and performance tracking.

4.4 Billing

Stripe processes all payment transactions. We do not store your full credit card number on our servers. Stripe's privacy policy governs its handling of your payment information.

4.5 Legal Requirements

We may disclose your information if required to do so by law, or if we believe in good faith that such action is necessary to: (a) comply with a legal obligation; (b) protect and defend our rights or property; (c) prevent fraud; (d) act in urgent circumstances to protect the personal safety of users or the public.

4.6 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will notify you via email or prominent notice on the Service before your information is transferred and becomes subject to a different privacy policy.

5. Data Retention

We retain your personal information and content data for as long as your account is active and as needed to provide the Service. Upon account termination or deletion, we retain your data for a period of 90 days to allow you to request data export. After the 90-day retention period, your data is permanently deleted from our systems.

We may retain certain information beyond the 90-day period where required by law, for legitimate business purposes (such as fraud prevention), or to resolve disputes. Aggregate, anonymized data that does not identify you may be retained indefinitely.

6. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

  • Access -- Request a copy of the personal information we hold about you.
  • Correction -- Request correction of inaccurate or incomplete personal information.
  • Deletion -- Request deletion of your personal information, subject to certain exceptions.
  • Data Export -- Request a portable copy of your data in a commonly used, machine-readable format.
  • Objection -- Object to the processing of your personal information for certain purposes.
  • Restriction -- Request that we restrict the processing of your personal information under certain circumstances.
  • Withdrawal of Consent -- Where processing is based on your consent, you may withdraw consent at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, contact us at legal@pravado.io. We will respond within 30 days (or as required by applicable law).

7. Cookies and Tracking Technologies

7.1 Strictly Necessary Cookies

We use essential cookies required for the Service to function, including authentication session cookies managed by Supabase (prefixed sb-*). These cannot be disabled without breaking the Service.

7.2 Analytics Cookies

We use PostHog for product analytics, which sets cookies prefixed ph_*. These cookies help us understand how users interact with the Service and identify areas for improvement.

7.3 No Advertising Cookies

We do not use advertising or third-party tracking cookies. We do not participate in ad networks or sell data to advertisers.

7.4 Managing Cookies

You can manage cookies through your browser settings. Note that disabling strictly necessary cookies may prevent you from using the Service. For more details, see our Cookie Policy.

8. Security

We implement industry-standard security measures to protect your information, including:

  • Encryption in transit -- All data transmitted between your browser and our servers is encrypted using TLS (Transport Layer Security).
  • Encryption at rest -- Stored data is encrypted using AES-256 encryption.
  • Row-Level Security (RLS) -- Database access is governed by row-level security policies ensuring that users can only access their own organization's data.

While we strive to protect your information, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.

9. International Data Transfers

Pravado is operated from the United States. If you access the Service from outside the United States, your information will be transferred to and processed in the United States, where data protection laws may differ from those in your jurisdiction. By using the Service, you consent to the transfer of your information to the United States.

10. California Privacy Rights (CCPA)

If you are a California resident, you have the following additional rights under the California Consumer Privacy Act (CCPA):

  • Right to Know -- You may request that we disclose the categories and specific pieces of personal information we have collected about you.
  • Right to Delete -- You may request deletion of your personal information, subject to certain exceptions.
  • Right to Opt-Out -- We do not sell personal information. If this changes, we will provide a "Do Not Sell My Personal Information" option.
  • Non-Discrimination -- We will not discriminate against you for exercising your CCPA rights.

To exercise your CCPA rights, contact us at legal@pravado.io.

11. Children's Privacy

The Service is not intended for use by anyone under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will take steps to promptly delete that information. If you believe a child under 16 has provided us with personal information, please contact us at legal@pravado.io.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will provide at least 30 days' notice of material changes via email or in-product notification. The "Last updated" date at the top of this policy indicates when it was last revised. Your continued use of the Service after the effective date of any changes constitutes acceptance of the updated policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Saipien Labs LLC
Email: legal@pravado.io
Product: app.pravado.io