Privacy Policy

Last updated: February 27, 2026

1. What We Collect

We collect only what's needed to deliver your contract digest:

  • Account information: Email address and password (hashed, never stored in plain text).
  • Business preferences: NAICS codes, set-aside preferences, target states, company name, and digest delivery settings.
  • Usage data: Page views, feature usage, and email open rates, collected via PostHog analytics.
  • Payment information: Processed and stored by Stripe. We never see or store your full card number.

2. How We Use Your Data

  • Match government contract opportunities to your profile.
  • Send daily or weekly digest emails based on your preferences.
  • Process subscription payments.
  • Improve the Service based on aggregated usage patterns.
  • Communicate service updates or changes that affect your account.

3. Third-Party Services

We use the following third-party services:

  • Supabase: Database and authentication. Your account data is stored in Supabase's cloud infrastructure.
  • Stripe: Payment processing for Pro subscriptions. Subject to Stripe's Privacy Policy.
  • Resend: Email delivery for digest emails and transactional messages.
  • PostHog: Product analytics to understand how the Service is used. Data is anonymized and aggregated.
  • Vercel: Application hosting.

4. Cookies and Tracking

We use essential cookies for authentication (keeping you signed in). PostHog uses a first-party cookie to track anonymous usage analytics. We do not use third-party advertising cookies or sell your data to advertisers.

5. Data Retention

  • Account and preference data is retained for the life of your account.
  • Digest send history is retained for 90 days, then archived.
  • Upon account deletion, all personal data is permanently removed within 30 days.

6. Your Rights

You have the right to:

  • Access, update, or delete your personal data at any time from your dashboard.
  • Export your profile and preference data.
  • Opt out of analytics tracking.
  • Request a copy of all data we hold about you.

To exercise any of these rights, email support@govcontoday.com.

7. Security

We use industry-standard security measures including encrypted connections (TLS), hashed passwords, and role-based access controls. Payment data is handled entirely by Stripe and never touches our servers.

8. Changes to This Policy

We may update this privacy policy from time to time. Material changes will be communicated via email. The "last updated" date at the top reflects the most recent revision.

Contact

Privacy questions? Email us at support@govcontoday.com.