Privacy Policy

Version 2026-04-17 · Effective 2026-04-17

1.Our approach

We collect only what we need to provide fowndr, we use it only for the purposes described here, and we never sell your personal information. If you're a California resident, you have specific rights under the CCPA/CPRA, described in Section 8.

2.What we collect

Account info. Email address, name, and avatar (if you sign in with Google, Apple, or Microsoft — they share these with us).

Business profile. Information you enter during onboarding: business name, city, business type, and similar details you choose to provide.

Progress data. Which onboarding steps you've completed, your compliance deadlines, and timestamps.

Billing info. When you subscribe, Stripe collects and stores payment card details on their systems. We receive only a customer ID, subscription status, and non-sensitive summary info (card brand, last 4 digits, expiry).

Usage data. Basic telemetry like page views, clicks on partner links, and approximate device/browser info, for product analytics and fraud prevention.

Communications. If you email us, we keep the message and our reply.

3.How we use your info

  • Provide and operate fowndr (authenticate you, save your progress, send deadline reminders)
  • Process subscriptions and billing
  • Send transactional emails (account notices, receipts, deadline alerts)
  • With your permission, send occasional product updates (you can opt out anytime)
  • Improve the product and prevent abuse
  • Comply with legal obligations

4.Who we share with (subprocessors)

We share data only with vendors who help us run fowndr, under contracts that require them to protect your information:

  • Supabase — database and authentication (data stored in the United States)
  • Vercel — application hosting
  • Stripe — payment processing (stores your payment method)
  • Google, Apple, Microsoft — only if you choose to sign in with them (they authenticate you and share basic profile info with us)
  • Resend — email delivery for transactional and deadline-reminder emails
  • Anthropic — AI assistant queries (when you use AI features; queries are processed under Anthropic's privacy terms)

We do not sell your personal information. We do not share it with advertisers.

5.Third-party partner links

When you click a link to a partner service (e.g., Northwest Registered Agent, Mercury, Gusto), that partner's privacy policy applies to information you share with them. We may log that you clicked the link for our own analytics and to track referral activity, but we do not share your personal information with partners beyond what's required for a specific referral program (which, if applicable, will typically be limited to the fact that the referral came from fowndr).

6.Cookies and similar tech

We use essential cookies to keep you signed in and remember your session. We may use a small number of analytics cookies to measure aggregate usage. We do not use advertising or cross-site tracking cookies.

7.Data retention

We keep your account data while your account is active and for a reasonable period afterward to comply with legal obligations, enforce our Terms, and prevent fraud. You can delete your account anytime from settings; we'll delete or anonymize most personal data within 30 days, except where law requires longer retention (e.g., tax records, payment records typically retained 7 years).

8.Your rights (California residents and others)

California residents have the right to:

  • Know what personal information we collect and how it's used
  • Delete your personal information (subject to legal exceptions)
  • Correct inaccurate personal information
  • Opt out of any "sale" or "share" of personal information (we don't sell or share for cross-context advertising, so there's nothing to opt out of)
  • Non-discrimination for exercising these rights

Residents of other jurisdictions may have similar rights. To exercise any right, email privacy@fowndr.ai. We'll verify your identity and respond within 45 days.

9.Security

We use reasonable administrative, technical, and physical safeguards — encryption in transit (TLS), encryption at rest where supported by our vendors, access controls, and audit logging. No system is 100% secure. If we learn of a breach that affects your data, we'll notify you as required by law.

10.Children

fowndr is not directed at children under 18, and we don't knowingly collect personal information from them.

11.Changes to this policy

We may update this Privacy Policy. If we make material changes, we'll notify you by email and update the version above. Your continued use after the effective date constitutes acceptance.

12.Contact

Privacy questions: privacy@fowndr.ai
Draft notice: this document is a working draft. Before relying on it for production use, have a California business attorney familiar with CCPA/CPRA review it.