Personal data notice

Who we are

ProposalGrid ("we") processes personal data when you use our service to create, share, and track proposals.

We are the controller for account and workspace data unless a separate agreement says otherwise. Content about your clients may make you the controller; we then act as processor on your instructions.

Contact: hello@proposalgrid.com. Publish your legal entity details (name, code, address) on your site when you trade as a company.

Scope

This notice covers the ProposalGrid website, app, and APIs we operate.

Linked third-party sites have their own statements.

Public links you create are your responsibility toward recipients; we process limited technical data to serve pages.

Data categories

Account: name, email, auth IDs, workspace settings.

Content: client fields, documents, templates, branding files, activity metadata.

Billing (paid plans): billing contact, subscription state, payment IDs from Stripe—not full card numbers on our servers.

Technical: IP, device, cookies, session tokens, logs.

Purposes and legal bases (GDPR Art. 6)

Contract (6(1)(b)): run the service, auth, support, features you expect.

Legal obligation (6(1)(c)): tax, accounting, lawful authority requests.

Legitimate interests (6(1)(f)): security, fraud prevention, product improvement—balanced with your rights.

Consent (6(1)(a)) where needed, e.g. non-essential cookies or marketing; withdraw anytime.

Processors and transfers

We use Google Cloud (e.g. auth, database, storage) and Stripe for payments.

Processors act on our instructions under agreements where required.

Transfers outside the EEA use EU-approved safeguards (e.g. SCCs). Ask hello@proposalgrid.com for details.

Retention

As long as needed for these purposes or as law requires.

Backups may persist briefly.

Request deletion subject to legal retention.

Security

Technical and organisational measures per GDPR.

No method is perfect—use strong passwords.

We notify authorities and, if required, you about serious breaches.

Your rights

Under GDPR and Lithuania’s Law on Legal Protection of Personal Data you may have: access, rectification, erasure, restriction, portability, objection, and complaint to VDAI (https://vdai.lrv.lt/).

Contact hello@proposalgrid.com; we verify identity and respond within legal time limits.

Cookies

Essential cookies for sign-in, session, locale.

Other cookies only with consent where required.

You can block cookies in the browser; essentials needed for core features.

Children

Not directed at children; no knowing collection under 16 without authority.

Contact hello@proposalgrid.com if a child submitted data.

Changes

We update this page and the date; material changes may get extra notice.

Continued use may acknowledge updates where the law allows.

Law

GDPR and Lithuanian implementing law apply.

EN/LT versions are for convenience; controlling text may be the one the law or contract requires.

EU representative (Art. 27)

If we appoint one outside the EEA, we publish contacts here; until then use hello@proposalgrid.com.