Solvr

Privacy Policy

Last Updated: May 2026

1. What Data We Collect

User Account Data

When you create an account with Solvr, we collect:

  • Email address (used for authentication and invitations)
  • Display name (optional, for team recognition)
  • Account settings and preferences (timezone, notification settings)
  • Device session identifiers and security-related metadata (for fraud prevention and account security)

Organization Data

Organization administrators provide:

  • Organization name and company information
  • Team member roster (email addresses and assigned roles)
  • Inbound email address for decision notifications
  • Custom domain configuration (optional)

Decision & Evidence Data

When using Solvr to manage decisions, we store:

  • Decision context, descriptions, and scope names
  • Attached documents and evidence files uploaded by users
  • Decider responses (approvals, declines, and commentary)
  • Reminder logs and communication history related to decisions

Integration Data (Google Calendar, Gmail & Drive)

When a team member connects their personal Google account, Solvr may access:

  • Google Calendar: Event titles, dates, attendee lists, and event descriptions for the member's authorized personal calendar
  • Gmail: Subjects, body text, and sender information from meeting-note emails sent by recognized services (Granola, Zoom, Fireflies, Google Meet, and similar). Only emails from known meeting providers are read — Solvr never accesses your general inbox.
  • Google Drive: Titles and content of documents attached to your calendar events. Only files linked to calendar meetings are accessed — Drive is not browsed or indexed.

This data is used exclusively to identify and extract decision points on your organization's behalf. Extracted content is processed by Anthropic Claude to detect decision-relevant information — the same pipeline used for forwarded emails. Raw calendar, email, and document content from Google APIs is transmitted directly to Anthropic Claude for extraction and is not stored by Solvr. Only the resulting decision-relevant information is retained in your organization's workspace. Content is not used for advertising, profiling, or shared with third parties other than those listed in Section 8. Google data is never used to train AI models.

No Solvr employee reads your Google data. Access is fully automated. Gmail message content, Drive document content, and calendar event details are processed by machine only, solely to extract meeting-related decision points.

You can disconnect Solvr's access to your Google account at any time from Settings → Integrations. Revoking access stops all future data collection immediately. Previously extracted decision content remains in your workspace unless you delete it.

Solvr's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Audit Log Data

We maintain audit logs to ensure security, accountability, and compliance:

  • Identity of the user who performed an action
  • Description of the action performed (creation, update, completion, deletion)
  • Timestamp of the action
  • Resources affected (decision ID, scope ID, organization ID)
  • Change history (previous values, new values, originating IP address)

Funnel Analytics Data (Anonymous)

To understand how visitors interact with our marketing pages, we collect anonymized analytics data:

  • Anonymous session ID generated in the browser (not linked to user accounts)
  • Pages visited (e.g., landing page, pricing, checkout, success)
  • Timestamp of page visits
  • Marketing campaign parameters (utm_source, utm_medium, utm_campaign)
  • Browser user-agent information (for device-type analysis only)

Important: This data is not linked to identifiable individuals and cannot be associated with a Solvr account. Sessions expire when the browser is closed.

Payment Data

Payment processing is handled by Stripe. We store:

  • Encrypted Stripe customer identifier
  • Subscription status (active, canceled, past-due)
  • Subscription tier

Solvr does not store credit card numbers or payment credentials. All payment information is processed directly by Stripe.

2. How We Use Your Data

We collect and use data only for legitimate business purposes, including:

Authentication and Access Control: Verify identity and secure access to accounts

Service Delivery: Enable creation, tracking, storage, and review of organizational decisions and evidence

Communication: Send invitations, reminders, and decision notifications to participants designated by the organization

Service Improvement: Analyze anonymous usage patterns to improve our website, onboarding, and product experience

AI-Powered Extraction & Search: When AI features are used (decision extraction from emails or meeting notes, semantic duplicate detection), relevant content is transmitted to our AI sub-processors listed in Section 8. This content is processed solely to provide these features and is not used to train AI models.

Security & Compliance: Maintain audit trails, prevent misuse, investigate incidents, and comply with legal obligations

Customer Support: Respond to inquiries and provide technical assistance

Solvr does not sell personal information and does not use customer content for advertising or profiling.

3. Data Roles and Responsibilities (B2B Context)

Solvr is designed for organizational use.

The customer organization is responsible for determining what data is entered into the platform, how it is used internally, and how long it is retained.

Solvr acts as a service provider / data processor, processing data solely to provide the service, maintain security, and meet legal obligations.

Solvr does not independently determine the business purpose of customer content and does not access such data except as necessary to operate and support the service.

4. How We Store and Protect Your Data

Security Measures

We apply industry-standard technical and organizational safeguards to protect data against unauthorized access, loss, or misuse, including:

  • Encryption of sensitive data at rest using modern cryptographic standards
  • Encryption of data in transit using HTTPS/TLS
  • Logical isolation of organization data
  • Role-based access controls

Anonymous Analytics Data

Anonymous analytics data is stored without encryption because it does not contain personal identifiers and cannot be linked to individuals.

Infrastructure & Hosting

Customer data is hosted on Supabase infrastructure located in Canada.

5. Data Retention

Decision & Evidence Data

Retention periods vary by subscription tier, up to 60 months. The active retention window is configurable in organization settings.

After the configured retention period, decision and evidence data is permanently deleted.

Google API Data

Raw data retrieved from Google APIs (calendar events, Gmail messages, Drive documents) is not stored by Solvr. It is transmitted in real time to Anthropic Claude for decision extraction and discarded immediately after. Only the extracted decision-relevant content is retained, subject to the Decision & Evidence Data retention period above. Disconnecting your Google integration stops all future data collection; no Google API data persists after disconnection.

Audit Logs

Audit logs are retained for a minimum of 6 months and a default of 2 years, or longer where required by law or business necessity. Retention periods can be configured in organization settings.

Funnel Analytics

  • Individual events: deleted after 90 days
  • Aggregated statistics: retained for up to 2 years

Organization Deletion

When an organization is deleted, data enters a 3-month recovery window. After this period, all associated data is permanently deleted.

6. Individual Privacy Rights

Depending on applicable privacy laws in your jurisdiction, individuals may have rights regarding their personal information, including:

  • Access to personal information
  • Correction of inaccurate information
  • Deletion or anonymization, subject to organizational and legal obligations
  • Data portability
  • Restriction or objection to certain processing activities

Because Solvr is primarily used in a business context, requests may need to be coordinated with the individual's organization, which controls the data.

Requests can be submitted to privacy@solvr.cc and are typically processed within 30 days.

7. Cookies & Tracking

Solvr does not use cookies for advertising or behavioral tracking.

Anonymous Session Tracking

We use browser sessionStorage for anonymous session tracking on marketing pages. This data:

  • Is deleted when the browser is closed
  • Is not shared with third parties
  • Cannot identify individuals

Essential Cookies

Essential cookies are used for core application functionality (such as authentication sessions and security protections). These cookies are strictly necessary for the service to operate.

8. Third-Party Service Providers

Solvr uses trusted third-party service providers to operate the platform. These providers process data only on our instructions and are subject to contractual privacy and security obligations.

Stripe – Payment Processing Processes subscription and payment information securely

Postmark – Inbound Email Routing Receives and routes forwarded and CC'd decision threads into Solvr

Anthropic – AI Decision Extraction Processes email thread and meeting note content using the Claude AI model to identify and extract decision points. Content is not retained by Anthropic for AI training purposes.

OpenAI – Semantic Search & Duplicate Detection Generates vector embeddings from decision subjects and context to enable semantic search and similarity detection. Content is not retained by OpenAI for AI training purposes.

Google LLC – Calendar, Gmail & Drive Integration When a team member connects their personal Google account, Google APIs are used to read their personal calendar events, meeting-note emails from recognized providers (Granola, Zoom, Fireflies, Google Meet, and similar), and documents attached to calendar events. Only meeting-context data is accessed — Solvr never indexes your general inbox or browses Drive. Each member connects and manages their own integration independently. This integration is optional and can be disconnected at any time from Settings → Integrations. Content is processed by Anthropic Claude to extract decision points; content is not retained by Anthropic for AI training purposes.

Resend – Outbound Email Delivery Sends transactional emails (invitations, notifications, reminders)

Supabase – Data Storage Hosts encrypted customer data in Canada

Vercel – Application Hosting Hosts and serves the Solvr application

Details regarding data locations, safeguards, and retention practices are available upon request.

9. Data Ownership

All decision content, evidence, and organizational data entered into Solvr remains the property of the customer organization. Solvr does not claim ownership of customer data and uses it solely to provide the service.

10. Privacy Contact & Complaints

For privacy-related questions, data access requests, or concerns:

Email: privacy@solvr.cc

Response Time: Within 30 days

If you believe your privacy rights have been violated, you may also contact the relevant data protection or privacy authority in your jurisdiction.

11. Changes to This Policy

We may update this Privacy Policy as our services evolve or to reflect changes in applicable laws. Material changes will be communicated to affected organizations. Continued use of Solvr constitutes acceptance of the updated policy.