pmdoxBack

Last updated: June 2026

Privacy Policy

Notice: This is placeholder copy provided for convenience. It is not legal advice. Have a qualified lawyer in your jurisdiction review and adapt this text before relying on it.

1. Who we are

pmdox ("we", "us") operates the pmdox service. Contact: hello@pmdox.com.

2. Data we collect

  • Account data: name, email, password hash, role, optional organisation and industry.
  • Project content: projects, documents, RAID items, stakeholders, budgets, prompts, and chat messages you submit.
  • Support data: messages you send via the help form.
  • Technical data: IP address (for rate limiting and abuse prevention), basic device/browser info, error reports.

3. How we use it

  • To provide and improve the Service (legitimate interest / contract).
  • To authenticate you and secure your account (contract).
  • To send transactional emails such as verification and billing receipts (contract).
  • To respond to support requests (legitimate interest).
  • To comply with legal obligations (legal obligation).

We do not sell your personal data. We do not use your project content to train AI models.

4. Sub-processors

Your data is processed by the following service providers:

  • Lovable Cloud (Supabase) — database, authentication, file storage. Data hosted in the EU.
  • Lovable AI Gateway — routing of prompts to AI model providers including Google (Gemini) and OpenAI (GPT). Prompts and project content needed to generate a document are transmitted to the selected provider for inference.
  • Email delivery — transactional email sending.

5. Retention

Account and project data is retained while your account is active. Deleting your account from Settings → Danger Zone permanently removes projects, documents, and AI memory within 30 days. Backups are purged within 90 days. Billing records may be retained as required by tax law.

6. Your rights (GDPR / UK GDPR / CCPA)

  • Access, correct, or delete your data.
  • Export your data in a portable format.
  • Object to or restrict certain processing.
  • Lodge a complaint with your local data-protection authority.

Most rights can be exercised in-app. For others, email hello@pmdox.com.

7. International transfers

Some sub-processors are located outside the EEA/UK. We rely on Standard Contractual Clauses (SCCs) and equivalent safeguards for these transfers.

8. Security

We protect data with row-level security in our database, encrypted transport (TLS), encrypted storage at rest, and least-privilege access for staff. No system is perfectly secure; report suspected issues to hello@pmdox.com.

9. Children

The Service is not directed to children under 16.

10. Changes

Material changes will be notified by email or in-app at least 14 days in advance.

TermsPrivacyCookiesAI Disclosure