Privacy & data

This page is a product stub for engineering and early pilots. Replace with counsel-reviewed text before public launch and align with your registered legal entity and hosting region.

What we process

Account details (e.g. name, email), organization metadata, checklist answers, consultant feedback, discussion messages, audit events, and billing identifiers when Stripe is enabled. Uploaded files are not yet implemented; when they are, they should live in object storage with access controlled by the same RBAC as the app.

Subprocessors (typical)

Hosting / database (e.g. Railway, PostgreSQL)
Error monitoring when configured (e.g. Sentry)
Email delivery when configured (e.g. Resend)
Payments when configured (Stripe)

Your rights

Product direction includes export and deletion paths for organizations; operational details should be spelled out here and in your DPA stack as you sell into regulated contexts.

Questions: support@preflight.ca · Contact