Privacy Policy

Last updated: 1st July, 2025

At ContractBox, your privacy is our priority. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform, including our website, applications, and integrations (e.g., Zapier, Make, API access).By using ContractBox, you agree to the terms outlined here. If you do not agree, please refrain from using the platform.

1. Information We Collect

We collect the following categories of information:

a. Account Information

  • Name, email address, organization name
  • Authentication credentials (OAuth via Google or email/password)

b. Contract & Metadata

  • Uploaded documents (PDFs, DOCX, etc.)
  • Extracted metadata (e.g., parties, dates, values)
  • AI-generated contract content

c. Usage Data

  • Pages visited, actions taken, feature usage
  • Device and browser information (IP address, operating system, browser type)

d. Communication Logs

  • Emails, support tickets, and other messages
  • Feedback submitted through the platform

2. How We Use Your Information

We use collected data to:

  • Provide and maintain the contract lifecycle management features
  • Improve platform performance and user experience
  • Deliver contract reminders, alerts, and AI suggestions
  • Send service-related notifications and updates
  • Ensure supplier agreement management workflows run securely
  • Respond to user inquiries and support requests

3. Sharing and Disclosure

We do not sell or rent your personal data.

We may share limited information with:

  • Service Providers (e.g., cloud storage, AI infrastructure, email delivery via Postmark)
  • Legal Authorities when required by law
  • Third-Party Integrations like Zapier and Make, only when explicitly enabled by you

4. Data Security

ContractBox employs end-to-end encryption, role-based access control, and tamper-proof audit trails to safeguard your data. All documents and metadata are stored securely using Supabase infrastructure (PostgreSQL & Supabase Storage).

5. International Data Transfers

ContractBox complies with GDPR requirements for international transfers. Data may be processed in regions outside your country depending on our service infrastructure.

6. Your Rights

Depending on your location, you may have the right to:

  • Access and export your data
  • Request corrections or deletions
  • Object to data processing
  • Withdraw consent for marketing communications

7. Cookies & Tracking

We use cookies to:

  • Keep you signed in
  • Track usage analytics (e.g., feature popularity)
  • Improve performance and personalization

You can manage cookies via your browser settings.

8. Data Retention

Contract data is retained as long as your account is active. Upon termination or request, we permanently delete documents and associated metadata within 30 days, unless otherwise required for legal or compliance purposes.

9. Subprocessors

We maintain an up-to-date list of subprocessors (e.g., Supabase, Postmark, Google) available upon request. We ensure all subprocessors adhere to equivalent privacy and security standards.

10. Contact Us

For any privacy-related questions, contact:

ContractBox – Privacy Office
Email: support@contractbox.io

Start Managing Contracts Smarter

ContractBox gives you full control of supplier agreement management and modern contract lifecycle management—without the bloat of legacy systems.
Sign up
ContractBox simplifies contract lifecycle management and supplier agreement management with AI-powered tools. Trusted by growing teams to manage contracts securely and efficiently.
MENU
HomepageAbout usWhy ContractBox?Blog
Pages
PricingIntegrationPrivacy PolicyTerms & ConditionsHelp & Support
REFERENCE
Style GuideLicensingChangelogLog InRegister
© 2025 ContractBox. All rights reserved.