PitchPilot
PricingSign inTry free

Privacy Policy

Last updated: March 2026

Who we are

PitchPilot is an AI-powered freelance proposal generator. We are based in the United Kingdom. If you have any questions about this policy, contact us at hello@pitchpilot.online.

What data we collect

  • Email address — collected when you sign up or use the free trial. Used to identify your account and send transactional emails (magic links, billing receipts).
  • Usage data — proposal count, subscription status, and feature usage. Used to enforce plan limits and improve the product.
  • Knowledge base content — CV text, website content, and notes you upload. Stored so PitchPilot can personalise your proposals. Never shared with third parties.
  • Proposals generated — the last 50 proposals you generate are saved to your account so you can review them. Free trial proposals are also stored to enforce the 3-proposal limit.
  • IP address — logged for rate limiting and fraud prevention. Not linked to your identity for any other purpose.
  • Payment data — handled entirely by Stripe. PitchPilot never sees or stores your card details.

How we store your data

Your data is stored in a PostgreSQL database hosted on Neon (eu-west-2, AWS Ireland). The application is hosted on Vercel with servers in Europe. Transactional emails are sent via Resend. Payments are processed by Stripe. Rate limiting data is stored in Upstash Redis.

All data is encrypted in transit (TLS) and at rest. We do not operate our own servers.

How we use your data

  • To generate personalised proposals using your knowledge base
  • To enforce plan limits (free trial: 3 proposals; Pro: 70/month)
  • To send you transactional emails (sign-in links, billing receipts)
  • To prevent abuse and protect the service

We do not sell your data to third parties. We do not use your data for advertising. We do not share your knowledge base content or proposals with any other user or service.

Your rights (UK GDPR)

Under UK GDPR, you have the right to:

  • Access — request a copy of all data we hold about you
  • Rectification — correct inaccurate data
  • Erasure — delete your account and all associated data via the dashboard, or by emailing us
  • Portability — request an export of your data
  • Objection — object to processing where we rely on legitimate interests

To exercise any of these rights, email hello@pitchpilot.online. We will respond within 30 days.

Cookies

PitchPilot uses a single session cookie for authentication (NextAuth). No third-party tracking cookies are set. No advertising pixels.

Data retention

Your data is retained as long as your account is active. When you delete your account, all personal data (email, name, knowledge base, proposals) is permanently deleted from our database. Backups are purged within 30 days. Stripe retains billing records as required by law.

Changes to this policy

We may update this policy from time to time. Material changes will be communicated by email. Continued use of PitchPilot after changes constitutes acceptance of the updated policy.

Terms of Service →← Back to home