Back to Home

Privacy Policy

Last updated: June 1, 2026

Draft — pending counsel review.

This content is provided for informational purposes only and does not constitute legal advice. Review with qualified counsel before relying on it.

1. Introduction

Perpetual Core LLC ("we," "our," or "us") operates the RFP & Proposal Engine at rfp.perpetualcore.com. This Privacy Policy explains how we collect, use, and protect information when you use the Service. By using the Service, you consent to the practices described here.

2. Information We Collect

2.1 Account & Organization Data

  • Account Information: Email address, name, password (hashed), organization name, and role within your organization.
  • Organization Profile: Mission statement, program areas, geographic focus, NTEE / NAICS codes, past funding history, and other details you provide to improve opportunity matching.
  • Billing Information: Subscription tier and payment status (payment card details are processed by Stripe and are not stored by us).

2.2 Vault Documents

You may upload documents to your organization's vault (PDF, DOCX, and similar formats), such as past proposals, annual reports, program descriptions, and budgets. These documents are stored securely and processed by AI providers to generate embeddings and proposal drafts. See Section 4 (Sub-processors) for details.

2.3 Proposal Content

Proposal drafts, fit scores, compliance assessments, and related content generated by the Service are stored in association with your account.

2.4 Usage Data

We automatically collect usage data including features accessed, actions taken, timestamps, IP addresses, browser type, and error logs for the purpose of operating and improving the Service.

3. How We Use Your Information

  • Opportunity Matching: Compare your organization profile and vault documents against public funding opportunities to generate fit scores and ranked results.
  • Proposal Drafting: Send vault document content and opportunity details to AI providers (Anthropic Claude, OpenAI) to generate proposal drafts, section summaries, and compliance notes.
  • Embeddings: Convert vault documents and opportunity text into vector embeddings for semantic search and retrieval-augmented generation.
  • Account & Billing Management: Create and maintain your account, process payments, and manage subscriptions.
  • Service Operations: Diagnose issues, improve accuracy, develop new features, and maintain security.
  • Legal Compliance: Comply with applicable law and enforce our Terms of Service.

4. Third-Party Sources & Sub-processors

4.1 Government & Public Data Sources

Opportunity data is pulled from publicly available government databases:

  • SAM.gov (federal contracts and grants)
  • Grants.gov (federal grant solicitations)
  • SBIR.gov (small business innovation research)
  • NIH (National Institutes of Health awards and notices)
  • NSF (National Science Foundation award data)
  • NYC and New Jersey municipal open-data portals

These sources' own terms govern their data. We do not redistribute license-restricted data in ways that violate those terms.

4.2 AI Providers

Vault document content and opportunity context are sent to the following AI providers to generate embeddings and proposal content:

  • Anthropic (Claude):Subject to Anthropic's privacy policy and commercial API terms.
  • OpenAI:Subject to OpenAI's privacy policy and API terms.

For details on how AI processes your data and applicable federal-contractor AI-use disclosures, see our AI-Use Disclosure.

4.3 Infrastructure Sub-processors

  • Supabase: Database storage, authentication, and row-level security (RLS) tenant isolation.
  • Stripe: Payment processing and subscription management.
  • Vercel: Application hosting and edge delivery.

5. Data Security

We implement industry-standard security measures to protect your information:

  • Encryption: Data encrypted in transit (TLS) and at rest.
  • Tenant Isolation: Row-level security (RLS) policies in Supabase ensure each organization can only access its own vault documents, proposals, and profile data.
  • Access Controls: Role-based access controls and principle of least privilege.
  • Authentication: Secure password hashing; session tokens scoped to your organization.

No method of transmission or storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

6. Data Retention

  • Account Data: Retained while your account is active. Deleted within 30 days of account closure upon request.
  • Vault Documents: Retained until you delete them or close your account.
  • Proposal Drafts & Scores: Retained while your account is active; deletable via the Service.
  • Usage Logs: Retained up to 90 days for security and operational purposes.
  • Billing Records: Retained for 7 years for tax and legal compliance.

AI provider processing of your content for embedding and draft generation is covered by each provider's data retention policies. Under standard enterprise API terms, providers do not retain input data to train their models.

7. Your Rights

You may request access to, correction of, or deletion of your personal data at any time by contacting us. You may also export your vault documents through the Service. California residents and EEA users have additional rights under applicable law (CCPA / GDPR). Contact us to exercise any of these rights.

8. Contact

Questions, requests, or concerns about this Privacy Policy may be directed to:

Email: privacy@perpetualcore.com

Operator: Perpetual Core LLC

This Privacy Policy describes how Perpetual Core LLC collects, uses, and protects information in connection with the RFP & Proposal Engine. For questions or to exercise your privacy rights, contact us at privacy@perpetualcore.com.