Privacy Policy

Last updated: June 19, 2026

1. Overview

SoliContrax("we," "us") is an AI-assisted workspace for building government-contracting pursuits, commercial proposals, and pitch decks. This Policy explains, in plain terms, what personal information we collect, why, who we share it with, and the choices you have — with particular attention to the rights of U.S. state residents. Using our website and application (the "Service") means you accept this Policy and our Terms of Service. If you do not agree, do not use the Service.

In short: we do not sell your data, we do not share it for advertising, and we do not train public AI models on your content. For a summary of your privacy choices (including California rights), see Your Privacy Choices (Section 12).

2. Who we are

Data controller: SoliContrax (Delaware, USA)

Mailing address: 3435 Ocean Park Blvd. #107 Santa Monica, CA 90405

Privacy contact: our contact form (select Privacy / Data Request (CCPA))

General inquiries: our contact form

3. Information we collect

Account and identity

  • Account data — your email, password, and profile details, handled by our authentication provider. We store a user identifier to link your activity to your account.

Content you provide

  • Uploaded documents — solicitations and knowledge-base files, plus their file names and types.
  • Text you enter — concepts, commercial briefs (buyer, problem, offer, audience, ask, traction), pitches, chat messages, client names, optional industry labels, search queries, and promo codes.
  • AI outputs — concepts, extractions, outlines, proposal sections, compliance matrices, commercial readiness reports, slide deck JSON, deck quality reports, and chat replies generated on your behalf.
  • Extracted contacts — names, titles, emails, and phone numbers parsed from solicitations when present in uploaded documents.
  • CRM records — contacts (agency points of contact, client contacts, partners, stakeholders), client organization profiles, and the notes and history you add. You control these records; they are included in your data export and account deletion. Agency points of contact captured from public solicitations are professional, public-directory information about people acting in their official capacity.
  • Pursuit-management data — pipeline stages, tasks and checklists, deadlines, financial fields (requested and actual award amounts, match notes), and activity history. We use this to run the Service for you; we do not use it for cross-customer benchmarking or marketing without separate notice.

We transmit and store the contents of a document only when you select it for upload. Documents you upload may contain personal information about other people. You are responsible for having a lawful basis to upload and process it.

Sensitive personal information

We do not ask you to provide sensitive personal information (such as Social Security numbers, government IDs, financial-account numbers, or health data). Documents you upload may incidentally contain it. We process sensitive personal information only as needed to provide the features you request (for example, parsing a solicitation) and for security and legal compliance — never to infer characteristics about you. Do not upload classified material, Controlled Unclassified Information (CUI), or other data you are not authorized to share.

Billing and usage

  • Payments — our payment processor handles credit purchases. We receive transaction metadata (amount, currency, a transaction reference), not your full card number.
  • Usage — credit balance, purchase and consumption records, and internal logs of AI usage (including token counts and estimated costs).

Technical data

  • Account identifiers, timestamps, notification records, file references, embedding vectors derived from your content, and server logs needed to run and secure the Service.
  • Extracted text and content fingerprints — the plain text we extract from a document you upload (retained so we do not re-process the same file repeatedly) and a one-way content fingerprint (a hash of the file) used to detect and skip duplicate uploads.
  • Our infrastructure providers may log IP addresses, user agents, and request metadata. We do not use this for cross-site advertising.

4. How we use information

  • Provide, maintain, and secure the Service, including sign-in, storage, and search.
  • Run AI-assisted workflows — parsing solicitations, generating concepts and drafts, chat, and retrieval over your documents.
  • Process payments, manage credits, and prevent fraud or abuse.
  • Send in-app notifications and deadline reminders.
  • Enforce our Terms, protect security, and comply with law.
  • Analyze aggregate usage and internal costs to run the business.
  • With your consent, analyze optional product-usage events (such as help tooltip and onboarding tour interactions) to improve the Service.

We do not sell your personal information, and we do not use your content to train public AI models. Content is sent to our AI providers only to deliver features you request.

Financial incentives: We may offer promotional or starter credits at our discretion. These offers are not conditioned on you providing additional categories of personal information beyond what is needed to create and use an account.

5. Artificial intelligence

The Service uses large language models and embedding models to analyze documents, generate text, score concepts, and power chat. This is automated assistance, not a substitute for your professional judgment — outputs may be inaccurate or incomplete, so review all materials before use.

When you use AI features, relevant portions of your uploads, concepts, and chat history may be sent to our AI service providers for the duration of the request. We store prompts, outputs, and embeddings as described in Section 3.

Service features: SoliContrax supports multiple engagement types including government proposals, business plans, and presentation decks (with variants such as pitch, vision, product demo, investor briefing, and government briefing). Each engagement type uses AI to assist with extraction, concept development, drafting, and quality assessment.

Automated scoring: The Service may generate advisory scores or grades (for example, on concepts you submit). These are recommendations only — they do not produce legal or similarly significant effects, and you remain responsible for all decisions and submissions.

6. Cookies

We use cookies and similar technologies (such as local storage) to operate the Service. A cookie is a small text file stored on your device. When you first visit, we show a cookie banner so you can accept all cookies, reject non-essential cookies, or allow strictly necessary cookies only.

Strictly necessary

These are required to run the Service. Without them you cannot sign in or use core features. They are always active and do not require your consent under applicable law.

  • Authentication cookies — set by our authentication provider to keep you signed in and protect your session.
  • Security and routing — tokens used to validate requests to our application and API.

Analytics (optional)

With your consent, we collect limited product-usage data to understand how help features and onboarding are used and to improve the Service. This includes events such as tooltip opens and guided-tour progress. We store this on our servers.

Optional analytics run only if you choose Accept all in the cookie banner. If you choose Reject all or Necessary only, we do not collect this optional usage data.

Campaign measurement

We use a third-party campaign measurement service to help us understand how visitors discover our Service and to measure the performance of our marketing efforts. This service may set cookies or use similar browser-based tracking technologies on your device and may transmit certain visit data (such as page views and referring information) to the service provider. The information is used solely to evaluate marketing effectiveness. See Section 7 (Service providers) and Your Privacy Choices for more detail.

Preferences

  • Cookie preference— we save your banner choice in your browser's local storage so we do not show the banner again. This is not used for advertising.

What we do not use

We do not deploy cross-site behavioral advertising cookies or share your personal information with advertising platforms for the purpose of targeting you with ads based on your browsing across unrelated sites. If we materially change our use of tracking technologies, we will update this Policy.

Your choices

  • Use the cookie banner to Accept all, Reject all (non-essential cookies only), or Necessary only.
  • — change your choice at any time.
  • Block or delete cookies in your browser — note that blocking essential cookies prevents sign-in.

7. Service providers

We share information with the following service providers that help us run the Service. Each processes data on our instructions under their agreements with us:

  • Authentication providerSign-in, session management, and account credentials.
  • Data hosting providerSecure storage of account data, uploaded files, and generated content.
  • AI service providerLarge language models and embeddings for document analysis, generation, and chat.
  • Background processing providerOrchestration of long-running document and generation workflows.
  • Payment processorPayment processing for credit purchases.
  • Application hosting providerApplication hosting and serverless execution.
  • Campaign measurement providerMarketing campaign performance and conversion measurement to help us understand how visitors find and engage with our service.

We may also disclose information when required by law, to protect rights and safety, or in connection with a merger or sale of assets (with notice where appropriate).

Sharing at your direction. If you enable the calendar feed, we make a read-only iCalendar (.ics) feed of your pursuit deadlines and dated tasks available at a private URL that contains a secret token. Anyone with that URL can view the feed, so treat it like a password. Enabling the feed is optional; you can rotate the token at any time to revoke every previously shared URL. We do not email, transmit, or otherwise disclose your pursuit data to any third party except the service providers listed above.

8. Data location

We are based in and operate the Service from the United States. Your information is processed and stored in the U.S. by us and our service providers. We do not target the Service to individuals in the EEA, UK, or Switzerland and do not rely on EU transfer mechanisms.

9. Security and retention

We protect your information with measures including encryption in transit, logical separation of customer data, and access controls on production systems. No method of transmission or storage is completely secure.

We retain information according to the following schedule (or as required by law):

Data typeRetention
Account recordsWhile your account is active, plus up to 3 years after closure for legal and audit purposes
Uploaded documents, embeddings, chat, and AI outputsUntil you delete the content or close your account; backups may persist up to 30 days
Uploaded files never attached to a client or pursuitAutomatically deleted about 7 days after upload if never assigned to a client or opportunity
Billing and credit recordsUp to 7 years for tax, accounting, and fraud-prevention obligations
Server and security logsTypically 30–90 days, unless needed for an active investigation
Background job and event logsGenerally 30–90 days, unless needed for operations or security

You can delete certain content in the application. For account deletion or broader erasure, see Section 10. Backups and logs may persist for a limited period after deletion.

10. Your privacy rights

Depending on where you live, you may have the right to:

  • Know, access, correct, delete, and obtain a portable copy of your personal information.
  • Opt out of any "sale" or "sharing" of personal information (we do neither — see Section 12).
  • Limit the use and disclosure of sensitive personal information.
  • Appeal a denied request and not be discriminated against for exercising these rights.

These rights are available to residents of California (CCPA/CPRA) and, to the extent applicable, other U.S. states with comprehensive privacy laws (e.g., Virginia, Colorado, Connecticut, Utah).

How to submit a request

Submit a request through our contact form and select the Privacy / Data Request (CCPA) category, then tell us what you are asking for (access, deletion, correction, or portability). We will verify your identity using information associated with your account before fulfilling the request.

  • Response time: We aim to respond within 45 days. If we need more time, we will notify you (up to an additional 45 days where permitted).
  • Authorized agents: California residents may use an authorized agent. The agent must provide proof of authorization and we may verify your identity directly.
  • Appeals: If we deny your request, you may reply to our response to appeal. We will explain our decision in writing.
  • Non-discrimination: We will not discriminate against you for exercising your privacy rights.

California residents: see also Section 11 and Your Privacy Choices (Section 12).

11. California residents (CCPA/CPRA)

This section supplements the Policy above for California residents. In the preceding 12 months, we have collected the categories of personal information below. We do not sell personal information or share it for cross-context behavioral advertising.

Categories collected

CategoryExamples in SoliContraxSourceBusiness purposeDisclosed to
IdentifiersAccount ID, email, client namesYou; authentication and payment providersAccount, billing, supportAuthentication, payment, data hosting, and application hosting providers
Customer recordsPayment metadata, credit balance and usage, promo redemptionsYou; payment processorBilling, fraud preventionPayment processor, data hosting provider
Commercial informationCredit purchases and usage historyYou; payment processorProvide paid featuresPayment processor, data hosting provider
Internet / network activityIP address, user agent (infrastructure logs)Your device; hosting providersSecurity, operationsApplication hosting and authentication providers
Professional / business informationSolicitations, proposals, extracted agency contacts, chat contentYou; AI extractionCore Service deliveryData hosting, AI, background processing, and application hosting providers
InferencesConcept grades, bid/no-bid signals, generated summariesAI processing of your contentAdvisory features you requestAI and data hosting providers
Sensitive personal informationMay appear incidentally in uploads (e.g., IDs in solicitations)Your uploadsProvide parsing and drafting features you requestData hosting, AI, and background processing providers

Sensitive personal information — limit use

We use sensitive personal information only to provide the Service you request and for security and legal compliance. We do not use it to infer characteristics about you for unrelated purposes. California residents may request that we limit use of sensitive personal information through our contact form (select Privacy / Data Request (CCPA)).

Sale and sharing

We do not sell personal information. We do not share personal information for cross-context behavioral advertising. See Your Privacy Choices (Section 12) for more detail.

12. Your Privacy Choices

SoliContrax respects your privacy. This section summarizes key choices available to you, especially if you are a California resident under the CCPA/CPRA. Sections 10 and 11 above provide additional legal detail.

We do not sell or share for advertising

We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising. There is no need to opt out of sale or sharing for advertising purposes because we do not engage in those activities.

If our practices change, we will update this Policy and provide any opt-out mechanism required by law.

Global Privacy Control (GPC)

If your browser sends a Global Privacy Control signal, we treat it as a request to opt out of the sale or sharing of personal information. Because we do not sell or share for cross-context behavioral advertising, your experience with SoliContrax will not change, but we honor GPC where applicable.

Limit use of sensitive personal information

California residents may ask us to limit use of sensitive personal information to what is necessary to provide the Service. We already use sensitive personal information only to deliver features you request and for security and legal compliance. To submit a limit request, use our contact form (select Privacy / Data Request (CCPA)).

Access, delete, and correct your data

You can:

  • Delete individual documents, clients, opportunities, and proposals in the application.
  • Clear concept chat history from within a concept session.
  • Request account deletion or a copy of your data by emailing us (see below).

We will verify your identity before fulfilling requests and respond within 45 days (or notify you if we need additional time). We will not discriminate against you for exercising these rights. For formal requests, see Section 10.

How to contact us

Submit a request through our contact form and select the Privacy / Data Request (CCPA) category, then describe what you need. Authorized agents may submit requests on your behalf with proof of authorization.

California-specific disclosures and category tables: Section 11 — California residents.

Cookies

We use strictly necessary cookies for sign-in and security. Optional analytics cookies and similar technologies run only with your consent. See the Cookies section (Section 6) for details, or use to update your choice.

13. Children

The Service is for business users and is not directed to children under 16 (or the age required in your jurisdiction). We do not knowingly collect personal information from children.

14. Changes

We may update this Policy from time to time. We will post the revised version here and update the "Last updated" date. Material changes may be communicated by email or in-app notice where appropriate.

15. Contact

Privacy questions and requests: our contact form (select Privacy / Data Request (CCPA)).

See also our Terms of Service and Your Privacy Choices (Section 12).

← Back to home