priowise

Privacy Policy

Last Updated: January 15, 2026

1. Who We Are

Priowise is an AI-powered strategy execution and prioritization platform that helps businesses define objectives, align strategic decisions, and build impactful roadmaps. We are committed to protecting the privacy of our users and their businesses. This Privacy Policy explains how we collect, use, store, and protect the data you provide to us. It also outlines your rights and choices under relevant data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), among others.

2. What Information We Collect

When you use Priowise, we collect both personal and business-related information that enables us to provide our services efficiently and securely.

Account Information:

When you register on our platform, we collect personal information such as your full name, email address, and a password (stored securely using hashing). If you sign in using a third-party provider like Google, we receive only the information required to authenticate your identity.

Business Content:

To generate strategic insights and prioritization results, you may voluntarily submit business-related data including your company name, strategic statements, goals, objectives, key results (OKRs), and product or feature descriptions. This information is central to the service we provide and is treated with confidentiality.

Usage Data:

We automatically collect certain technical data when you interact with Priowise, such as your device type, browser, operating system, IP address, and the features you use. This helps us improve the platform’s performance and user experience.

Payment Data:

If you subscribe to a paid plan, your payment is securely processed by our third-party payment provider. We do not store your full payment information, such as credit card numbers, on our servers.

3. How We Use Your Information

We use the information we collect for the following core purposes:

  • Service Delivery: To operate the Priowise platform, generate AI-powered strategy assessments, and maintain your user account.
  • Personalization and Support: To tailor the experience to your business context and respond to any inquiries or support requests.
  • Improvements and Development: To analyze usage patterns and make continuous improvements to the performance, reliability, and relevance of the platform.
  • Account and Subscription Management: To manage your subscription, billing, and administrative communications.
  • Legal and Security Obligations: To comply with legal requirements, enforce our Terms of Service, and maintain the security of your data.

We do not use your business content for advertising or sell your data to third parties. Our commitment to privacy extends to all aspects of how we operate.

Some outputs in Priowise are generated through a system of collaborating AI agents (“agentic AI squad”) that analyze different parts of the data you provide. These agents may include components focused on objective validation, feature scoring, competitor insights, or research enrichment. This internal structure helps us deliver more precise and context-aware outputs, while maintaining strict data control within the platform.

4. Cookies and Tracking Technologies

Priowise uses a minimal and privacy-conscious approach to cookies and similar technologies. We use essential cookies and local storage mechanisms only, strictly required for the operation of the platform.

These include cookies or storage entries used to:

  • Maintain authenticated user sessions
  • Enable secure login and account access
  • Ensure platform stability, security, and performance

Our infrastructure and service providers may set essential cookies or storage entries as part of delivering these functions, including:

  • Vercel (hosting and content delivery), to support secure application delivery and performance optimization
  • Clerk (user authentication and subscription management), to manage login sessions, identity verification, and access control
  • Supabase (database and backend services), which may store session-related identifiers required for secure data access

These technologies are strictly functional, do not involve advertising, behavioral profiling, or cross-site tracking, and cannot be disabled without impacting core platform functionality.

You can control or block cookies via your browser settings. However, disabling essential cookies or storage mechanisms may prevent you from logging into your account or using key features of the platform.

5. Data Ownership and Use of Subprocessors

You retain full ownership of all business data you submit to Priowise, including your strategic plans, objectives, key results, and roadmap details. This content remains under your control, and we will never claim rights to it beyond what is necessary to operate the service.

Priowise acts as a data processor, using your submitted information solely for the purpose of delivering the services you've signed up for. We will never sell or disclose your business data to third parties for advertising, profiling, or competitive analysis.

To provide core functionality, we rely on a limited set of trusted subprocessors, including:

  • OpenAI Google Gemini, for AI model execution (to generate responses and insights)
  • Perplexity AI – for research summarization and competitive intelligence insight
  • Vercel, for hosting, content delivery, and static asset management
  • Clerk, for user authentication, identity management, and subscription services
  • Airtable, for structured data storage and organization
  • Supabase, as our database provider for storing application data
  • Make.com, to automate workflows and AI prompt flows

Perplexity AI does not access your personal or company-uploaded data. It is used only for generating generalized, AI-powered research summaries that may inform some outputs presented within the platform.

Each of these providers is under a strict data processing agreement with us, and they are contractually obligated to maintain confidentiality and meet GDPR-compliant security standards.

6. Data Retention

We retain your account information and business content for as long as your Priowise account is active.

If you choose to cancel your subscription or delete your account, we will begin the process of permanently removing your data:

  • All production data is removed within 30 days of account deletion.
  • Encrypted backups containing your data are purged within 90 days.

You may also contact us at any time to request the immediate deletion of your data. Once deleted, this data cannot be recovered.

7. Data Transfers and Storage Locations

Priowise stores all user and business data on secure servers located within the European Union, primarily in data centers managed by Airtable.

Where data is transferred outside the EU (e.g., to OpenAI), we rely on Standard Contractual Clauses (SCCs) and similar legal mechanisms to ensure that your data receives a level of protection equivalent to that provided under European law.

We continuously monitor our subprocessors' compliance with data protection requirements and avoid using vendors in jurisdictions lacking adequate safeguards.

8. Your Rights (GDPR, CCPA, and Beyond)

We respect your right to control your personal and business data. Depending on your location, you may have the following rights:

  • Access: Request to see what data we hold about you.
  • Correction: Request correction of inaccurate information.
  • Deletion: Request deletion of your personal data at any time.
  • Objection: Object to certain types of data processing (e.g., marketing).
  • Restriction: Ask us to temporarily stop processing your data.
  • Data Portability: Request an export of your data in a structured format.

To exercise any of these rights, please contact us at privacy@priowise.com. We will respond within 30 days of your request.

9. Data Processing Agreement (DPA)

For GDPR compliance, Priowise includes a Data Processing Addendum as part of our Terms of Service. This DPA outlines the rights and obligations between you (the data controller) and us (the data processor) regarding your business content.

If you require a signed version of the DPA for enterprise procurement, legal review, or vendor onboarding, please contact us and we’ll provide a copy.

10. Contact Information

If you have questions about this Privacy Policy, data security, or your rights under data protection law, you can reach us directly: