$ cat ./legal/privacy.md

Privacy Policy

Effective Date: April 17, 2026

CW Frontier Innovations LLC (“CW Frontier,” “we,” “us,” or “our”) provides software products and related services, including Leadagg, Prezentd, RiteHQ, and our websites and related applications (collectively, the “Services”).

This Privacy Policy explains how we collect, use, disclose, store, and protect information when you access or use the Services, interact with us, create an account, use product features, submit content, or otherwise communicate with us.

By using the Services, you acknowledge the practices described in this Privacy Policy.

Scope

This Privacy Policy applies to:

The CW Frontier Innovations LLC website;
Leadagg;
Prezentd;
RiteHQ; and
Any related websites, hosted applications, APIs, communications, and support interactions that link to or reference this Privacy Policy.

If we provide a separate privacy notice for a specific service, feature, integration, or customer relationship, that separate notice will govern to the extent it conflicts with this Privacy Policy.

Who We Serve

Our Services are designed primarily for businesses and their authorized users. We do not intentionally market the Services to children under 13, and we do not knowingly collect personal information from children under 13.

Information We Collect

We collect information you provide directly, information collected automatically through your use of the Services, and information from third parties and integrations.

Information You Provide

Depending on the Service and how you use it, we may collect:

Name, email address, username, organization name, and account credentials or authentication identifiers;
Business profile information and organization settings;
Limited contact data, including phone numbers in certain Services such as Leadagg;
Content you submit to the Services, such as prompts, text inputs, notes, records, form entries, and generated outputs;
Brand assets and similar files, such as logos;
In Prezentd, files, images, prompts, and other materials submitted to AI-enabled features;
Customer support communications and related information you choose to provide;
Billing and subscription metadata, such as plan type, subscription status, billing dates, and transaction references.

We do not store full payment card numbers or full payment credentials. Payment processing is handled by third-party payment processors such as Stripe.

Information Collected Automatically

When you use the Services, we may automatically collect:

Device, browser, operating system, and technical usage information;
IP address and approximate geolocation derived from IP address;
Log data, timestamps, session information, and error diagnostics;
Authentication and security event data;
Product usage data and event analytics;
Cookie, local storage, and similar browser-based data used for authentication, session management, security, and analytics.

Information from Third Parties

We may receive information from:

Identity and authentication providers, including Clerk;
OAuth and single sign-on providers, such as Google or Microsoft, when you choose to sign in with those services;
Payment processors such as Stripe;
Analytics providers such as PostHog;
Service providers, integrations, or business customers who provision accounts for their users.

The information we receive depends on the provider and your settings with that provider, but may include your name, email address, organization affiliation, and authentication identifiers.

How We Use Information

We use information for legitimate business and operational purposes, including to:

Provide, operate, maintain, and improve the Services;
Create and manage accounts, organizations, and user access;
Authenticate users and secure the Services;
Process transactions, subscriptions, and billing-related administration;
Provide customer support and respond to inquiries;
Enable product features, including AI-enabled functionality;
Analyze performance, usage trends, reliability, and feature adoption;
Prevent fraud, abuse, unauthorized access, and other harmful activity;
Enforce our Terms of Use and other policies;
Comply with legal obligations and protect our rights, users, customers, and systems.

AI and Data Use

Some of our Services include features powered by third-party AI providers. Depending on the product, users may submit prompts, text, notes, images, files, and other content for processing by those providers.

Product-Specific AI Use

Leadagg may process business contact and workflow-related inputs, including certain personal information such as names, email addresses, and in some cases phone numbers.
Prezentd may process prompts, files, images, and generated content submitted through AI-enabled features.
RiteHQ may process prompts and planning-related inputs, including non-identifying or limited-value data fields.

We use third-party AI providers to provide requested functionality. We do not use customer-submitted content to train AI models. We also do not store sensitive information sent to model providers. Customer inputs are simply processed by the model, and the model returns a response, but raw context such as images, sensitive information are not retained or stored by us.

You are responsible for ensuring that you have the right to submit content to the Services, including content sent to AI-enabled features, and for avoiding submission of information that is prohibited by applicable law, contract, or your internal policies.

How We Disclose Information

We may disclose information:

To service providers and subprocessors that help us operate the Services;
To identity, authentication, hosting, storage, analytics, infrastructure, support, and payment providers;
To AI model and inference providers solely as needed to provide requested features;
To your organization, account owner, or workspace administrator where applicable;
In connection with a merger, acquisition, financing, asset sale, or other corporate transaction;
To comply with applicable law, legal process, or enforceable governmental requests;
To protect the rights, security, integrity, and safety of CW Frontier, our users, customers, or others;
With your consent or at your direction.

Categories of Service Providers

Our service providers may include providers of:

Authentication and user management;
Cloud hosting, content delivery, databases, and infrastructure;
File and media storage;
Logging, observability, and security monitoring;
Analytics and product performance measurement;
Payment processing;
Email and transactional communications;
AI processing and model access.

Our technical stack may include providers such as Clerk, Neon, Cloudinary, Cloudflare, Redis-related services, Upstash, Vercel, Stripe, OpenAI, Anthropic, OpenRouter, and similar providers we use to operate the Services.

We select service providers based on business, technical, and security considerations and may require contractual commitments that are appropriate to the services they provide.

Cookies and Similar Technologies

We use cookies and similar technologies for:

Authentication and session management;
Security and fraud prevention;
Remembering user preferences;
Product analytics and service performance;
Maintaining reliable operation of the Services.

We may use browser storage and session technologies in addition to cookies. If you disable certain cookies or storage features, parts of the Services may not function properly.

Data Retention

We retain information for as long as reasonably necessary for the purposes described in this Privacy Policy, including to:

Provide and secure the Services;
Maintain business and financial records;
Comply with legal obligations;
Resolve disputes;
Enforce agreements; and
Preserve backup, audit, security, and fraud-prevention records as needed.

If you request deletion of your data after cancellation, we will process the request without undue delay, subject to legal, accounting, contractual, security, backup, and fraud-prevention requirements.

Data Deletion Requests

Users generally must request deletion rather than relying on automatic deletion. We may delete or de-identify data in accordance with our operational practices and legal obligations. Some residual copies may remain in backups, logs, or archival systems for a limited period.

Data Security

We maintain reasonable and appropriate administrative, technical, and organizational safeguards designed to protect personal information and Customer Content against unauthorized access, acquisition, disclosure, alteration, misuse, or destruction.

These safeguards may include, as appropriate:

Encryption of data in transit;
Access controls intended to limit access to authorized personnel and users;
Authentication controls and account protections;
Logging, monitoring, and security event review;
Secure cloud and infrastructure services;
Backup and recovery processes;
Vendor and subprocessor review; and
Incident response and remediation procedures.

No system is completely secure, and we cannot guarantee absolute security.

Security Incident Response

If we become aware of a confirmed security incident affecting personal information or Customer Content, we will take reasonable steps to investigate, contain, mitigate, and remediate the issue. We will provide notice where required by applicable law or contractual obligations.

International Use

Our Services are offered primarily to businesses in the United States, but they may be accessed from other jurisdictions. If you access the Services from outside the United States, you understand that your information may be transferred to and processed in the United States or other jurisdictions where our service providers operate.

Your Privacy Rights

Depending on where you are located, you may have certain rights under applicable law, which may include the right to:

Access personal information we maintain about you;
Request correction of inaccurate information;
Request deletion of personal information;
Request restriction of processing in certain cases;
Object to certain processing;
Request data portability where applicable;
Withdraw consent where processing is based on consent.

To exercise privacy rights, contact us at info@cwfrontierinnovations.com. We may need to verify your identity and authority before processing your request.

If you are an end user using the Services through an organization, we may direct your request to the relevant customer or workspace administrator where appropriate.

Legal Bases for Processing

Where applicable under laws such as the GDPR or similar privacy laws, we may process personal data based on:

Performance of a contract;
Legitimate interests;
Compliance with legal obligations; and
Consent, where required.

U.S. State Privacy Disclosures

Residents of certain U.S. states may have additional rights regarding personal information, including rights to know, access, delete, and correct personal information, subject to applicable exceptions. We do not sell personal information in exchange for monetary consideration as commonly understood under U.S. privacy laws.

Third-Party Services

The Services may contain links to or integrations with third-party websites, applications, or services. We are not responsible for the privacy, security, or content practices of third parties. Your use of third-party services is governed by their terms and policies.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will post the revised version and update the Effective Date above. If changes are materially significant, we may provide additional notice where appropriate.

Contact Us

If you have questions about this Privacy Policy or our privacy practices, contact:

CW Frontier Innovations LLC
Email: info@cwfrontierinnovations.com