Privacy Policy

Last updated: May 28, 2026

This Privacy Policy describes how PrincelyAI ("PrincelyAI," "we," "us") handles information when you use the PrincelyAI service available at princely-ai.com (the "Service"). PrincelyAI is a brand of an independent operator based in California. For legal or official inquiries that require the operator's full legal identity, email legal@princely-ai.com.

We've written this policy to match what the Service actually does — no boilerplate that doesn't apply. If you have questions, email privacy@princely-ai.com.

What we collect

Account information:

Email address (required to sign in)
Name, if you choose to provide one
The plan you're on and your credit balance
Stripe customer and subscription identifiers associated with your account (so we can reconcile your payments and your access)

Operational information:

Timestamps of requests
HTTP status codes, model used, and token counts for each analysis (for billing and abuse-detection)
Your IP address, briefly, for rate-limiting purposes (see below)
Errors and diagnostic information necessary to keep the Service running

What you submit to be analyzed:

The financial information, deal materials, or text content you paste or upload into the analyzer. We process this in real time but do not retain it on our infrastructure (see "How processing works" below).

What we do NOT do

This is the part most users care about, so we want to be clear:

We do not store the deal financials, CIMs, or content you submit to the analyzer on our infrastructure. Inputs are processed in real time and are not persisted on PrincelyAI servers after your request completes.
We do not store the analyses, deal memos, or due-diligence checklists we generate for you. They are returned to your browser and discarded from our side.
We do not log the content of your inputs or outputs in our application logs. Our logs contain only operational metadata — timestamps, status codes, request identifiers, token counts — not the underlying content.
We do not use your data to train AI models.
We do not sell your data to anyone, ever.
We do not use third-party advertising or marketing trackers, and we don't share your data with advertising networks.

How processing works

When you submit a deal for analysis:

1. Your input travels from your browser to our backend over an encrypted (TLS) connection.

2. Our backend forwards the request to Anthropic's commercial API — the third-party AI model that powers PrincelyAI — for processing.

3. Anthropic returns the result. The result is passed back through our backend to your browser.

4. Our backend does not persist the input or the output. Nothing about the content remains on PrincelyAI infrastructure after the request completes.

About Anthropic's role: Anthropic's commercial API has its own data-handling policy that applies during the brief period it processes your request. As of the date of this policy, Anthropic does not use customer API inputs or outputs to train its models, and automatically deletes API logs after 7 days. Anthropic's policy is published at https://platform.claude.com/docs/en/manage-claude/api-and-data-retention. We recommend reviewing it directly if data handling is important to your use case.

IP addresses and rate limiting

To prevent abuse and keep the Service available, we use IP-based rate limiting. When a request reaches our backend, your IP address is briefly held in an edge cache (typically less than 60 seconds) for the purpose of counting requests within a rolling window. After the window expires, the entry is automatically discarded.

Your IP address may also appear in operational logs (e.g., when a request is rejected for exceeding the rate limit or for coming from an unrecognized origin). These operational logs are stored by our infrastructure provider (Cloudflare) under their default retention policy. We do not associate IP addresses with your account or use them for any purpose other than abuse prevention.

Third parties we use

PrincelyAI relies on the following infrastructure providers. Each has its own privacy practices and is responsible for compliance with applicable laws on its own platform.

Anthropic, PBC — AI inference. Processes the content of your analyses, in real time. Anthropic's policies: https://www.anthropic.com/legal/privacy
Cloudflare, Inc. — Web hosting, edge compute, and operational logs. Routes traffic between your browser and our backend. Cloudflare's policies: https://www.cloudflare.com/privacypolicy/
Supabase, Inc. — Account database and authentication. Stores account information only (email, name if provided, plan, credit balance, Stripe customer/subscription identifiers, timestamps). Does not receive deal content. Supabase's policies: https://supabase.com/privacy
Stripe, Inc. — Payments. Handles your payment information. We never see or store your full card number. Stripe shares with us only what's necessary to associate your payment with your account (a payment confirmation, your subscription status, and your customer/subscription identifiers). Stripe's policies: https://stripe.com/privacy

We do not share your data with any other parties.

Cookies and similar technologies

PrincelyAI uses only the browser storage and cookies necessary to keep you signed in (a session token from our authentication provider) and to remember your interface preferences. We do not use third-party advertising trackers, retargeting pixels, or marketing analytics.

Your rights and choices

Access: You can request a copy of the account information we hold for you by emailing privacy@princely-ai.com.
Deletion: You can request deletion of your account and all stored account information by emailing the same address. We will process the request within 30 days. Note that we may retain limited records (e.g., transaction records) for the period required by tax or accounting law.
Correction: You can correct your account information at any time via your account settings, or by emailing us.
Sign out: Use the "Sign out" button in your account menu. Your session ends immediately.

If you are located in the European Union, the United Kingdom, or California, you may have additional rights under local law (such as the right to object to processing, the right to data portability, or the right to opt out of any "sale" or "sharing" of personal information). PrincelyAI does not sell or share personal information for cross-context behavioral advertising. To exercise any local right, email privacy@princely-ai.com.

NDAs and confidential deal information

We understand that users frequently consider the Service in the context of confidentiality obligations (NDAs, LPAs, or similar agreements). The technical posture above — no persistence of deal content on our infrastructure, no AI model training on customer data, short upstream retention — is designed to be compatible with most ordinary commercial NDAs covering early-stage deal screening.

That said:

You remain responsible for compliance with your own confidentiality obligations. PrincelyAI is not a party to your NDA and cannot give legal advice on what your NDA permits.
For users with stricter requirements — e.g., regulated industries, signed Data Processing Addenda, Business Associate Agreements, or enterprise data-handling guarantees — please contact us at privacy@princely-ai.com so we can discuss whether the Service in its current form is appropriate for your use case.

Security

We use TLS encryption for all traffic between your browser, our backend, and our third-party providers. Authentication is handled by Supabase, which hashes and salts passwords; we do not see passwords in plaintext. Service-role keys and API credentials are stored as encrypted environment variables on our infrastructure provider and are not exposed to client-side code.

No online service can guarantee absolute security. If you become aware of a security issue with the Service, please email security@princely-ai.com.

Children

The Service is not intended for users under the age of 18. We do not knowingly collect information from children under 18. If you believe a child has provided information to us, please email privacy@princely-ai.com and we will delete it.

Changes to this policy

We may update this policy as the Service evolves. When we do, we'll update the "Last updated" date at the top and, for material changes, post a notice on the Service. If we ever begin storing analysis content, using customer data for any purpose beyond what's described here, or sharing data with new third parties, we will notify users before that change takes effect.

Contact

Email: privacy@princely-ai.com

Service: PrincelyAI (princely-ai.com)