Privacy Policy
Last updated: April 5, 2026
1. Information We Collect
Account information: When you create an account, we collect your email address, company name, UEI (if provided), certifications, and NAICS codes. This information is used to personalize your experience and generate relevant alerts.
Usage data: We collect information about how you interact with the Service, including pages viewed, alerts opened, search queries, and feature usage. This data is used to improve alert quality and the overall product.
Payment information: Payment processing is handled entirely by Stripe. We do not store credit card numbers, bank account details, or other financial credentials on our servers. We receive only a Stripe customer ID and subscription status.
2. How We Use Your Information
We use your information to:
Provide and operate the Service, including generating personalized alerts and recommendations. Process your subscription and billing. Communicate with you about your account, including transactional emails (alert digests, billing receipts, security notifications). Improve the Service based on usage patterns and feedback. Comply with legal obligations.
3. Data Sources
Prevara aggregates publicly available data from government sources including SAM.gov, USAspending.gov, state procurement portals (CaleProcure, Virginia eVA, and others), and the SBA certification database. This data is public domain and freely accessible. Our proprietary value is in the analysis, scoring, matching, and presentation of this data — not the data itself.
4. Information Sharing
We do not sell your personal information. We share information only in these cases:
Service providers: Stripe (billing), Supabase (database and authentication), Vercel (hosting), and Resend (transactional email). These providers process data only as necessary to provide their services.
Aggregated data: We may share anonymized, aggregated statistics (e.g., industry-level subcontracting rates) that cannot identify individual subscribers.
Legal requirements: We may disclose information if required by law, subpoena, or government request.
Prime feedback: If you submit feedback about a prime contractor, it is anonymized and only surfaced in aggregate when a minimum threshold of responses is reached. Individual feedback is never attributed to a specific subscriber.
5. Data Security
We implement industry-standard security measures including: encryption in transit (TLS) and at rest, row-level security policies ensuring subscribers can only access their own data, multi-factor authentication, single concurrent session enforcement, rate limiting on all API endpoints, and regular security audits. No system is 100% secure, and we cannot guarantee absolute security of your data.
6. Data Retention
We retain your account information for as long as your account is active. If you delete your account, we remove your personal information within 30 days. Anonymized usage data and aggregated analytics may be retained indefinitely. Billing records are retained as required by tax and financial regulations.
7. Your Rights
You may access, update, or delete your account information at any time through the Settings page. You may request a copy of your data by contacting us. You may opt out of non-essential communications. California residents have additional rights under the CCPA, including the right to know what personal information we collect and the right to request deletion.
8. Cookies and Tracking
We use essential cookies for authentication and session management. We use analytics tools to understand usage patterns. We do not use third-party advertising cookies. We do not sell data to advertisers or ad networks.
9. Children
The Service is designed for business use and is not directed at individuals under 18. We do not knowingly collect information from children.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify subscribers of material changes via email. Continued use of the Service after changes constitutes acceptance of the revised policy.
11. Contact
Questions about this Privacy Policy? Contact us at legal@prevara.io or through the contact form at prevara.io/contact.