Privacy Policy

Provid AI is a product of Providence Solutions, LLC ("Providence Solutions," "we," "us," or "our"). This Privacy Policy describes how we collect, use, disclose, store, retain, and protect information when you access or use our website at prvdai.com, any affiliated subdomains, our SaaS platform, APIs, and all related services (collectively, the "Services"). By accessing or using the Services, you acknowledge that you have read and understood this Privacy Policy.

1. Scope of This Privacy Policy

This Privacy Policy applies to information collected through the Services, including information collected when you:

• visit our website;
• create an account;
• subscribe to or purchase our Services;
• upload, submit, or generate content through the platform;
• communicate with us for support, sales, security, or other operational purposes; or
• otherwise interact with Provid AI or Providence Solutions in connection with the Services.

This Privacy Policy does not apply to third-party websites, services, or platforms that are not owned or controlled by Providence Solutions, even if they are linked to or accessible through the Services.

2. Definitions

For purposes of this Privacy Policy:

• "Personal Information" means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with an individual, household, or identifiable person, as defined by applicable law.
• "Organization" or "Tenant" means a company, entity, institution, or other business customer that registers for, purchases, or uses the Services.
• "User" means any individual who accesses or uses the Services, whether on their own behalf or on behalf of an Organization.
• "Content" means any data, text, files, records, proposals, documents, prompts, responses, communications, submissions, metadata, or other materials that are uploaded to, entered into, created within, generated through, transmitted through, or otherwise processed by the Services.
• "Platform" means the Provid AI application, related websites, APIs, hosted environments, software components, infrastructure, and associated systems.
• "Applicable Law" means any law, regulation, rule, ordinance, directive, or legally binding requirement applicable to the collection, use, storage, disclosure, retention, transfer, or protection of information.

3. Information We Collect

We may collect information directly from you, automatically through your use of the Services, from your Organization, and from third parties or public sources where permitted by law.

3.1 Information You Provide Directly

We may collect information that you voluntarily provide, including:

Account and Registration Information
This may include your name, business email address, phone number, company name, job title, business address, account credentials, and other information provided during account registration, onboarding, or account administration.

Organization and Business Profile Information
This may include business descriptions, capabilities, certifications, NAICS codes, socio-economic designations, contract-related data, operational information, company library materials, internal reference documents, and other information your Organization elects to provide for use within the Services.

Payment and Billing Information
This may include billing name, billing address, subscription details, transaction metadata, payment status, and limited payment method information necessary for subscription management and billing administration. Payment card processing may be handled by third-party payment processors. We do not necessarily store full payment card numbers on our own systems.

Authentication and Security Information
This may include usernames, encrypted or hashed credentials, multi-factor authentication information, security challenge responses, account recovery information, and related authentication artifacts necessary to manage secure access to the Services.

Content and User Submissions
We may collect documents, files, solicitations, proposal drafts, past performance materials, capability statements, prompts, chat submissions, responses, notes, comments, edits, uploaded attachments, generated outputs, and any other materials submitted to or generated through the Services.

Communications
We may collect the content of your communications with us, including messages sent through forms, customer support inquiries, sales requests, product feedback, security notifications, and other communications.

3.2 Information Collected Automatically

When you access or use the Services, we may automatically collect certain technical and usage information, including:

Usage Information
This may include pages visited, features used, actions taken, time stamps, workflow activity, login and logout events, session information, clickstream data, feature interaction patterns, and general platform usage behavior.

Device and Technical Information
This may include internet protocol (IP) address, browser type, device type, operating system, referring URLs, approximate geolocation derived from IP address, language settings, identifiers associated with your device or browser, and similar technical information.

Log and Diagnostic Information
This may include server logs, API request metadata, error reports, crash data, performance diagnostics, authentication activity, security events, and related telemetry necessary to maintain, secure, and improve the Services.

Cookies and Similar Technologies
We may use cookies, session tokens, browser storage, and similar technologies to support authentication, security, performance, user preferences, and core platform functionality. Additional details are provided in the Cookies and Similar Technologies section below.

3.3 Information from Third Parties and Other Sources

We may receive information from third-party sources, public sources, your Organization, or service providers, including:

• information provided by your employer or Organization in connection with account setup or administration;
• information from payment processors regarding transaction status and subscription state;
• identity and authentication information from single sign-on providers or identity providers;
• publicly available government, regulatory, or contracting-related information used to support platform features;
• security, fraud-prevention, or verification data from service providers; and
• other information lawfully provided to us by third parties in connection with operation of the Services.

4. How We Use Information

We may use the information we collect for legitimate business, operational, contractual, legal, compliance, security, and service-related purposes, including the following:

4.1 To Provide and Operate the Services

We may use information to:

• create, administer, and maintain user accounts;
• authenticate users and manage account access;
• provide platform functionality and core service features;
• receive, process, store, organize, display, analyze, and generate Content;
• provide proposal drafting, document review, workflow management, collaboration features, and related functionality;
• process subscriptions, manage service plans, and administer customer accounts; and
• provide customer support, onboarding, and technical assistance.

4.2 To Improve, Enhance, and Develop the Services

We may use certain information, including submitted information, usage information, operational data, feedback, and platform interaction data, for internal business purposes such as:

• improving product performance, quality, reliability, and usability;
• enhancing existing features and developing new features, products, tools, and services;
• improving workflow logic, user experience, accuracy, responsiveness, and service functionality;
• conducting internal testing, troubleshooting, debugging, and quality assurance;
• performing analytics, research, trend analysis, benchmarking, and operational review; and
• refining and improving the effectiveness, relevance, and usefulness of the Services.

Where appropriate and permitted by law, we may use information in aggregated, anonymized, de-identified, transformed, or otherwise non-identifiable form for product enhancement, internal research, service optimization, analytics, and business operations.

4.3 To Secure and Protect the Services

We may use information to:

• detect, prevent, investigate, and respond to unauthorized access, misuse, abuse, fraud, or other harmful activity;
• monitor compliance with our contractual terms, acceptable use standards, and internal controls;
• maintain system integrity, availability, and resilience;
• enforce account restrictions, user permissions, and security requirements;
• protect the rights, property, safety, and legal interests of Providence Solutions, our customers, our users, and others; and
• support incident response, auditing, logging, and forensic review.

4.4 To Communicate with You

We may use information to:

• send service-related notices, confirmations, updates, alerts, and administrative messages;
• respond to customer service, technical support, security, and billing inquiries;
• communicate with Organization administrators regarding account, subscription, usage, or security matters;
• notify users of material product or policy changes; and
• provide other communications necessary to operate the Services and manage customer relationships.

4.5 For Legal, Compliance, and Business Purposes

We may use information to:

• comply with legal obligations, regulatory requirements, lawful requests, and governmental inquiries;
• establish, exercise, or defend legal rights and claims;
• enforce our agreements, policies, and business terms;
• support audits, investigations, due diligence, internal governance, and risk management;
• evaluate or facilitate actual or proposed mergers, acquisitions, investments, financing transactions, reorganizations, sales of assets, or similar business transactions; and
• carry out other lawful and legitimate business purposes consistent with this Privacy Policy.

5. How We Disclose Information

We do not sell Personal Information in the ordinary meaning of the term, and we do not disclose Personal Information to third parties for their own independent direct marketing purposes without appropriate legal basis or consent where required.

We may disclose information in the following circumstances:

5.1 Service Providers and Contractors

We may disclose information to service providers, contractors, subprocessors, consultants, and vendors that perform services on our behalf or support the operation of the Services, including entities that assist with:

• hosting and infrastructure;
• billing and payment processing;
• authentication and identity management;
• customer support and communications;
• analytics and diagnostics;
• storage, backup, and recovery;
• security monitoring and fraud prevention;
• product functionality, automation, and service enhancement; and
• other operational or technical functions reasonably necessary to provide and improve the Services.

Such parties may receive information only as necessary to perform services for us or on our behalf, subject to contractual, legal, or operational restrictions as applicable.

5.2 Within Your Organization

If you use the Services through an Organization, authorized administrators or designated representatives of that Organization may be able to access, manage, export, review, modify, or delete certain account information, user information, and Content associated with the Organization's workspace, subject to the Organization's internal policies and configuration choices.

Providence Solutions is not responsible for the privacy, employment, monitoring, or internal administrative practices of customer Organizations.

5.3 Legal, Regulatory, and Protective Disclosures

We may disclose information where we determine, in good faith, that disclosure is necessary or appropriate to:

• comply with applicable law, regulation, court order, subpoena, or lawful governmental request;
• enforce our agreements, terms, and policies;
• investigate, prevent, or respond to suspected fraud, abuse, security incidents, or unlawful conduct;
• protect the rights, property, safety, or legal interests of Providence Solutions, our users, our customers, or others; or
• support legal process, compliance review, auditing, or dispute resolution.

5.4 Business Transactions

We may disclose or transfer information in connection with any actual or proposed merger, acquisition, financing, due diligence review, restructuring, reorganization, dissolution, bankruptcy, asset sale, transfer of ownership, or similar corporate transaction. In such circumstances, information may be transferred as a business asset, subject to applicable confidentiality and legal obligations.

5.5 Aggregated or De-Identified Information

We may disclose aggregated, anonymized, de-identified, or otherwise non-identifiable information for lawful business purposes, including analytics, product development, benchmarking, market analysis, service improvement, research, reporting, and strategic planning, provided that such information cannot reasonably be used to identify an individual.

6. Data Retention

We retain information for as long as reasonably necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.

Retention periods may vary depending on the nature of the information, the context in which it was collected, the sensitivity of the information, contractual requirements, legal obligations, security needs, and legitimate business interests.

We may retain information for purposes such as:

• maintaining active customer accounts and service delivery;
• preserving business and transactional records;
• meeting tax, accounting, and legal compliance requirements;
• maintaining backup, archival, and disaster recovery systems;
• protecting against fraud, misuse, or unauthorized access;
• investigating or resolving disputes, complaints, or claims;
• enforcing agreements and protecting legal rights; and
• supporting internal auditing, security review, and operational continuity.

When information is no longer reasonably necessary, we will take commercially reasonable steps to delete, anonymize, de-identify, archive, or otherwise render it unusable in accordance with our retention practices and applicable law. Please note that residual copies of information may remain in backup systems for a limited period of time as part of routine backup and recovery operations.

7. Data Security

We implement and maintain administrative, technical, organizational, and physical safeguards designed to protect information from unauthorized access, acquisition, disclosure, alteration, misuse, destruction, or loss.

These safeguards may include, as appropriate:

• access controls and permission restrictions;
• authentication controls and account security measures;
• encryption or equivalent protective measures for data in transit and, where appropriate, at rest;
• network segmentation, firewalls, logging, monitoring, and alerting;
• secure software development and change management practices;
• personnel access limitations and confidentiality expectations;
• vulnerability management and remediation measures;
• backup and recovery controls; and
• other reasonable security practices appropriate to the nature of the Services.

However, no security measure is infallible, and no method of transmission over the internet or method of electronic storage is completely secure. Accordingly, while we strive to protect information using reasonable safeguards, we cannot guarantee absolute security.

8. Multi-Tenant Environment and Data Segregation

Provid AI may operate in a multi-tenant or shared infrastructure environment in which multiple customer Organizations use the Services on common underlying systems.

We maintain reasonable safeguards designed to logically separate customer environments, restrict cross-tenant access, and preserve customer confidentiality. These safeguards may include account-based segregation, access control enforcement, logical data partitioning, application-layer controls, auditing, and other internal controls designed to limit unauthorized access between Organizations.

Notwithstanding these safeguards, customers remain responsible for managing their own internal access permissions, authorized users, and account administration within their Organization's environment.

9. Product Functionality, Automation, and Service Enhancement

The Services may include automated, algorithmic, analytical, or other advanced functionality that processes Content and user inputs in order to generate outputs, recommendations, summaries, drafts, classifications, analyses, insights, or other service features.

In providing and improving these features, we may use certain information, including submitted Content, account context, usage information, configuration data, and related inputs, for the purpose of:

• providing requested outputs and platform functionality;
• improving service quality, relevance, structure, and performance;
• enhancing feature accuracy, usability, and workflow effectiveness;
• training, tuning, testing, validating, or refining internal service behavior, controls, and product capabilities, where permitted by law and contract;
• diagnosing errors, failures, edge cases, or misuse patterns; and
• supporting internal product development, service administration, and customer experience improvement.

Users remain responsible for reviewing and validating outputs generated through the Services before relying on or using them for business, contractual, legal, regulatory, or submission purposes.

10. Your Rights and Choices

Depending on your jurisdiction and the nature of your relationship with us, you may have certain rights regarding your Personal Information, subject to verification, applicable exceptions, and legal limitations.

These rights may include:

• the right to request access to certain Personal Information we hold about you;
• the right to request correction of inaccurate Personal Information;
• the right to request deletion of certain Personal Information;
• the right to request restriction of or object to certain processing activities;
• the right to withdraw consent where processing is based on consent;
• the right to data portability where required by law; and
• the right not to be discriminated against for exercising applicable privacy rights.

If you access the Services through an Organization, certain requests relating to Content or Organization-controlled data may need to be directed to your Organization administrator first, as the Organization may control the relevant workspace, account, or data environment.

We may take reasonable steps to verify your identity before processing a privacy rights request. We may also deny or limit requests where permitted by law, including where the request cannot be verified, where an exception applies, where compliance would impair the rights of others, or where the data is subject to legal or contractual retention obligations.

To exercise applicable rights, you may contact us using the contact information listed below.

11. California Privacy Notice

If you are a California resident, you may have rights under applicable California privacy laws, including the right to know, access, correct, delete, and request information regarding certain categories of Personal Information collected, used, disclosed, or retained by us, subject to exceptions and verification requirements.

We may collect the following broad categories of Personal Information, depending on how you interact with the Services:

• identifiers and contact information;
• customer records and billing-related information;
• commercial or transaction information;
• internet, network, and device activity information;
• professional or employment-related information;
• account credentials and authentication-related information;
• user-generated content and communications; and
• inferences derived from the foregoing in connection with operation and improvement of the Services.

We collect and use such information for business and commercial purposes described in this Privacy Policy, including service delivery, account administration, security, communications, legal compliance, internal analytics, and product enhancement.

We do not sell Personal Information in the ordinary meaning of that term. We also do not knowingly share Personal Information for cross-context behavioral advertising.

California residents may submit privacy requests using the contact information provided below.

12. International Users

If you access the Services from outside the United States, please be aware that your information may be transferred to, stored in, and processed in the United States or other jurisdictions where we or our service providers operate.

These jurisdictions may not provide the same level of data protection as your home jurisdiction. Where required by applicable law, we will take appropriate measures designed to provide lawful safeguards for cross-border transfers of Personal Information.

If applicable law grants you additional privacy rights, we will honor such rights to the extent required by law, subject to verification and lawful limitations.

13. Cookies and Similar Technologies

We may use cookies, session identifiers, local storage, and similar technologies to operate, secure, maintain, and improve the Services.

These technologies may be used for purposes such as:

• maintaining user sessions;
• remembering preferences and settings;
• authenticating users and preventing unauthorized access;
• measuring performance and diagnosing service issues;
• preserving platform functionality; and
• supporting security, integrity, and operational analytics.

Some cookies or similar technologies may be strictly necessary for the Services to function properly. If you disable certain cookies or browser storage through your browser or device settings, portions of the Services may not function as intended.

14. Third-Party Services and Links

The Services may reference, integrate with, or contain links to third-party services, websites, software, tools, or content not owned or controlled by Providence Solutions. We do not control and are not responsible for the privacy, security, content, availability, or practices of third parties.

Your interactions with third-party services are governed by the applicable terms and privacy policies of those third parties, and we encourage you to review them carefully.

15. Children's Privacy

The Services are intended for business and professional use and are not directed to children. We do not knowingly collect Personal Information directly from children under the age required by applicable law for independent consent.

If we learn that we have collected Personal Information from a child in a manner inconsistent with applicable law, we will take commercially reasonable steps to delete such information.

16. Data Breach and Security Incident Response

We maintain internal processes designed to detect, assess, contain, investigate, and respond to suspected security incidents affecting the Services.

If we determine that a security incident has resulted in unauthorized access to, or acquisition of, Personal Information and notification is required by applicable law, we will provide notice in accordance with applicable legal requirements and within the timeframes required by law.

17. Changes to This Privacy Policy

We may update or revise this Privacy Policy from time to time to reflect changes in our Services, legal obligations, operational practices, security measures, or business needs.

When we make material changes, we may update the "Last Updated" date above and provide additional notice as appropriate under the circumstances, such as by posting a notice through the Services or sending an email notification where required or appropriate.

Your continued use of the Services after the effective date of an updated Privacy Policy constitutes acknowledgment of the revised Privacy Policy to the extent permitted by law.

18. Contact Us

If you have questions about this Privacy Policy, our privacy practices, or would like to submit a privacy-related request, please reach out through our Contact Us page.