What we collect, who sees it, how long we keep it.

Verdict is an AI investment-memo generation product. Verdict is pre-incorporation as of the date of this policy and intends to incorporate in Pennsylvania. Until incorporation completes, the contracting party is the founder operating the service from Pennsylvania; on incorporation, the Pennsylvania entity will succeed to all rights and obligations under this policy. When this page says “we,” “us,” or “Verdict,” it means whichever of these is the current contracting party. When this page says “you,” it means the human using a Verdict account.

For privacy questions, GDPR / CCPA rights requests, or anything else in this document, contact lishaorui82@gmail.com.

We collect three categories of data: data you give us, data the product generates as a byproduct of you using it, and data we get from third-party services you opt into.

Data you give us directly.

• Account info. Email address (via Clerk sign-up or OAuth), display name, role (VC or founder), and user type during onboarding.
• Fund or fundraise profile. Thesis, stage focus, sector focus, check-size range, geographic focus, dealbreakers, and portfolio companies (VC users). For founder users: company name, stage, sector, and fundraise context.
• Uploaded content. Pitch decks (PDF / PPTX / DOCX), business plans, supplementary context you type into the upload form, and optional financial models (XLSX) when you opt to include them.
• Generated memos and edits.The memos Verdict produces, any corrections you submit via “Teach Verdict,” and any notes you append.
• Support correspondence. When you email us, we keep the thread so we can respond and find context later.

Data we generate while you use Verdict.

• Usage telemetry.PostHog autocapture of pageviews, button clicks, feature usage, and session metadata (browser, OS, screen size, approximate location from IP). PostHog respects the Do Not Track header; if your browser sends DNT, we don’t capture autocapture events.
• Chain telemetry. Per-call cost, latency, token counts, and structural coverage metrics for every memo generation. Used for cost monitoring and product quality.
• Error and performance data. Sentry captures unhandled exceptions and performance traces. Stack traces may include sanitized request metadata; we configure Sentry to scrub authentication tokens and user-uploaded content.
• Server logs. Vercel retains timestamped request logs (URL, status, latency, IP) per its defaults. These are short-lived and used for debugging.

Data from opt-in integrations.

• Founder LinkedIn lookup (opt-in, public sources only).When you opt in to founder enrichment, Verdict’s research step issues public web searches for the founder’s name and surfaces any publicly indexed LinkedIn information that already appears in those search results. We do not scrape LinkedIn directly and we do not send founder data to a dedicated LinkedIn data vendor. You can skip this on a per-deck basis.
• Google Calendar and Gmail (post-OAuth verification). If you connect Google after the OAuth verification clears, we read calendar events and Gmail thread metadata to power pre-meeting prep emails and engagement reminders. See section 09 for the full Google Limited Use disclosure.
• Stripe billing. Stripe stores your tokenized payment method, billing address, and transaction history. We store only your Stripe customer ID and subscription tier; we never see or store raw card numbers.

To run the product. Your uploads and profile feed the analyst chain that produces your memo. Your memos render in the report viewer. Your fund profile calibrates future memos.

To bill you. Email + Stripe customer ID tie your account to your subscription. Stripe handles the payment flow itself.

To improve the product. Aggregated usage analytics (PostHog) and chain telemetry tell us which features are used, where memos fail, and where performance lags. This work uses anonymized or aggregated views, not your specific content.

To keep the product running. Sentry error reports and Vercel logs are used to debug production incidents.

To talk to you.Transactional emails (welcome, billing receipts, memo-ready notifications, security alerts) go out via Resend. Product update emails go to users who haven’t opted out; you can opt out from the footer of any non-transactional email.

What we don’t use your data for. We do not sell your data. We do not rent your data. We do not train AI models on your decks, fund profile, memos, or feedback. The no-training commitment is documented in detail in the DPA.

Verdict runs on a small set of infrastructure providers. Your data transits each in the course of normal product operation. We pick vendors with their own published privacy commitments and link to each.

• Clerk. Authentication and session management. Stores your email and OAuth tokens. Clerk privacy.
• Supabase. Postgres database and Storage buckets for your decks, memos, and profile data. Encryption at rest (AES-256) and in transit (TLS 1.3). Hosted on AWS us-east-1. Supabase security.
• Stripe. Payment processing and subscription management. Receives card details directly via Stripe Checkout; Verdict never stores raw card data. Stripe privacy.
• Anthropic (Claude API).The analyst chain calls Claude models (Sonnet 4.6 and Haiku 4.5). Anthropic’s commercial API terms prohibit training on customer data. Decks and chain prompts transit Anthropic for processing and are not retained beyond the call. Anthropic terms.
• Voyage AI. Embeddings for the memory layer that calibrates future memos to your past corrections. Receives only the structured corrections you submit, not raw deck content. Voyage privacy.
• CloudConvert. Converts PPTX and DOCX uploads to PDF before Verdict reads them. Files are transferred to CloudConvert, processed, and deleted on their side per their retention policy. CloudConvert privacy.
• Resend. Transactional email delivery. Receives your email address and the message body of emails Verdict sends. Resend privacy.
• PostHog. Product analytics. Captures pageviews and feature usage subject to Do Not Track. PostHog privacy.
• Sentry. Error monitoring. Receives sanitized stack traces and request metadata when something breaks. Sentry privacy.
• Vercel. Web hosting and serverless functions. Standard request logs retained per Vercel defaults. Vercel privacy.
• Google (planned, post-OAuth verification). Calendar and Gmail integrations, opt-in per user. Subject to the Google Limited Use commitments in section 09. Google privacy.

We do not share your data with any other third parties. Verdict will not sell, lease, license, or otherwise transfer your personal data outside the sub-processor list above. When we add or remove a sub-processor, we’ll update this page and (for existing customers) email at least 30 days before the change takes effect.

Decks.90 days by default. 24 hours if you flag the upload as “Sensitive” on the upload form. Both windows are enforced by a daily cron job (04:00 UTC). The DPA documents the mechanics in detail.

Memos and chain telemetry. 90 days from creation, then auto-purged with the related deck row.

Memo feedback (“Teach Verdict” corrections). Retained scoped to your account so future memos calibrate to your past corrections. Hard cap of 7 years or until you delete your account, whichever comes first. Foreign-key link to the original deck is severed at the 90-day deck purge, so feedback is decoupled from any specific upload after that point.

Account data (email, profile, settings). Retained until you delete your account.

Billing records. Stripe retains transaction history per its own retention schedule and applicable tax / accounting law. Verdict retains the Stripe customer ID and subscription state for the same period your account is active.

Backups. Supabase database backups are retained for 30 days. Deletion requests propagate to backups on a best-effort basis; a deleted record will be fully gone within 30 days of the deletion.

Wherever you live, you have these baseline rights over the data Verdict holds about you. To exercise any of them, email lishaorui82@gmail.com from the address on your Verdict account. We’ll respond within 30 days (45 days for CCPA / CPRA requests).

• Access. Request a copy of the data we hold about you.
• Deletion. Request that we delete your account and content. The deletion path is also available programmatically at /api/account/delete.
• Portability.Export memos as PDF directly from the report viewer. We’ll provide a structured export of your account data on request.
• Correction. Edit your fund profile, display name, and settings directly in the product, or email us to correct anything else.
• Opt out of analytics.PostHog respects the Do Not Track header; enable DNT in your browser and we won’t capture autocapture events.
• Opt out of non-transactional email. Use the unsubscribe link in any product update email. Transactional emails (billing, security, memo-ready notifications) remain on as long as your account is active.

GDPR (EU / EEA / UK residents). Our legal bases for processing are: (a) performance of the contract for everything required to deliver the service, (b) consent for opt-in integrations like the founder LinkedIn lookup and Google, (c) legitimate interests for product analytics and security monitoring, balanced against your privacy rights, and (d) legal obligation where applicable. You have the additional rights to restrict processing, to object to processing based on legitimate interests, to withdraw consent at any time, and to lodge a complaint with your supervisory authority.

CCPA / CPRA (California residents).You have the right to know what categories of personal information we collect, the right to delete personal information, the right to correct inaccurate information, the right to opt out of any “sale” or “sharing” of personal information (we don’t sell or share for cross-context behavioral advertising), and the right to non-discrimination for exercising any of the above.

Verdict infrastructure runs primarily in the United States (Vercel and Supabase in AWS us-east-1). If you use the product from outside the US, your data will be transferred to and processed in the US.

For EU / EEA / UK data subjects, transfers rely on the Standard Contractual Clauses (SCCs) included in our sub-processor agreements. We’ll provide the relevant transfer documentation on request for procurement teams that need it (email lishaorui82@gmail.com).

Encryption. All deck files are encrypted at rest (AES-256) in Supabase Storage. All API traffic is TLS 1.3. Stripe handles card data via tokenization; raw card numbers never touch our infrastructure.

Isolation. Decks and memos are scoped to the uploading account. Supabase row-level security enforces that scoping at the database layer.

Public sharing. Memos are private by default. Public sharing is opt-in per memo via a Share button that generates a public-share URL you can revoke at any time. Until you generate a share URL, no public read path exists.

Incident response.If we discover a security incident affecting your data, we’ll email the address on your account within 72 hours of discovery with: what happened, what data was potentially exposed, what we’re doing about it, and (if anything) what we recommend you do.

Full security posture (including what we don’t have yet, like SOC 2) lives in the DPA.

Verdict’s use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.

What we access. If you connect Google to your Verdict account, with your consent, we may access:

• Google Calendar events. Read-only access to calendar events on the calendars you choose to share. We use this to power pre-meeting prep emails (a memo-context summary delivered before a calendar event with a founder) and to detect engagement signals for portfolio reminders.
• Gmail thread metadata. Read-only access to message metadata (sender, recipient, subject, timestamps) on threads you choose to share. We use this to detect engagement signals (founder responsiveness, last-touch timestamps) and to surface relationship context in memos.

What we will never do with Google user data.

• No ads. We do not use Google user data to serve, target, or measure advertising of any kind.
• No model training. We do not use Google user data to train, fine-tune, or improve any generalized AI / ML model. (This is in addition to our broader no-training commitment in the DPA.)
• No selling or sharing. We do not sell, rent, or share Google user data with third parties for any purpose other than operating the user-facing features above.
• No human reading. Our team does not read your Google data. Limited exceptions: with your explicit consent while debugging a specific support ticket, to comply with applicable law, or to investigate security abuse. Any such access is logged.

Scopes. Verdict requests the minimum Google OAuth scopes needed to deliver the feature you opted into. Scope grants are surfaced to you on the Google consent screen before any access is granted.

Revoking access.You can revoke Verdict’s Google access at any time from either: (a) your Google Account security settings at myaccount.google.com/permissions, or (b) the integrations panel in Verdict at /settings/integrations. Revocation takes effect immediately. Any cached Google data Verdict has stored is purged within 30 days of revocation.

Storage of Google data. Cached calendar event metadata and Gmail thread metadata are stored in Supabase under the same encryption and isolation rules as the rest of your account. Retention follows the general 90-day window in section 05; revoking Google access purges the cached data sooner.

Note on rollout. The Google integration is gated on Google OAuth verification. Until that verification completes, the connector is unavailable to general users. This policy describes the state once the integration ships.

Verdict is for adults. We do not knowingly collect personal information from anyone under 18. If you believe a child has signed up, email lishaorui82@gmail.com and we’ll close the account and delete the data.

Verdict uses a small number of cookies and similar storage technologies:

• Session cookies (Clerk). Strictly necessary to keep you signed in.
• Stripe Checkout cookies.Set during checkout to support fraud detection on Stripe’s side.
• PostHog analytics cookies. Track feature usage for product improvement. Suppressed when your browser sends Do Not Track.

We do not use third-party advertising cookies. We do not participate in cross-context behavioral advertising.

We’ll update this page as the product evolves. For material changes (new sub-processor, new data category, new data use, changes to retention) we’ll email registered users at least 30 days before the change takes effect and bump the Last updated date and version in the footer. Continued use after the effective date counts as acceptance of the updated policy.

For privacy questions, rights requests, or a lawyered version of this policy:

lishaorui82@gmail.com