Solvr

Privacy Policy

Last Updated: March 2026

1. What Data We Collect

User Account Data

When you create an account with Solvr, we collect:

  • Email address (used for authentication and invitations)
  • Display name (optional, for team recognition)
  • Account settings and preferences (timezone, notification settings)
  • Device session identifiers and security-related metadata (for fraud prevention and account security)

Organization Data

Organization administrators provide:

  • Organization name and company information
  • Team member roster (email addresses and assigned roles)
  • Inbound email address for decision notifications
  • Custom domain configuration (optional)

Decision & Evidence Data

When using Solvr to manage decisions, we store:

  • Decision context, descriptions, and scope names
  • Attached documents and evidence files uploaded by users
  • Decider responses (approvals, declines, and commentary)
  • Reminder logs and communication history related to decisions

Audit Log Data

We maintain audit logs to ensure security, accountability, and compliance:

  • Identity of the user who performed an action
  • Description of the action performed (creation, update, completion, deletion)
  • Timestamp of the action
  • Resources affected (decision ID, scope ID, organization ID)
  • Change history (previous values, new values, originating IP address)

Funnel Analytics Data (Anonymous)

To understand how visitors interact with our marketing pages, we collect anonymized analytics data:

  • Anonymous session ID generated in the browser (not linked to user accounts)
  • Pages visited (e.g., landing page, pricing, checkout, success)
  • Timestamp of page visits
  • Marketing campaign parameters (utm_source, utm_medium, utm_campaign)
  • Browser user-agent information (for device-type analysis only)

Important: This data is not linked to identifiable individuals and cannot be associated with a Solvr account. Sessions expire when the browser is closed.

Payment Data

Payment processing is handled by Stripe. We store:

  • Encrypted Stripe customer identifier
  • Subscription status (active, canceled, past-due)
  • Subscription tier

Solvr does not store credit card numbers or payment credentials. All payment information is processed directly by Stripe.

2. How We Use Your Data

We collect and use data only for legitimate business purposes, including:

Authentication and Access Control: Verify identity and secure access to accounts

Service Delivery: Enable creation, tracking, storage, and review of organizational decisions and evidence

Communication: Send invitations, reminders, and decision notifications to participants designated by the organization

Service Improvement: Analyze anonymous usage patterns to improve our website, onboarding, and product experience

Security & Compliance: Maintain audit trails, prevent misuse, investigate incidents, and comply with legal obligations

Customer Support: Respond to inquiries and provide technical assistance

Solvr does not sell personal information and does not use customer content for advertising or profiling.

3. Data Roles and Responsibilities (B2B Context)

Solvr is designed for organizational use.

The customer organization is responsible for determining what data is entered into the platform, how it is used internally, and how long it is retained.

Solvr acts as a service provider / data processor, processing data solely to provide the service, maintain security, and meet legal obligations.

Solvr does not independently determine the business purpose of customer content and does not access such data except as necessary to operate and support the service.

4. How We Store and Protect Your Data

Security Measures

We apply industry-standard technical and organizational safeguards to protect data against unauthorized access, loss, or misuse, including:

  • Encryption of sensitive data at rest using modern cryptographic standards
  • Encryption of data in transit using HTTPS/TLS
  • Logical isolation of organization data
  • Role-based access controls

Anonymous Analytics Data

Anonymous analytics data is stored without encryption because it does not contain personal identifiers and cannot be linked to individuals.

Infrastructure & Hosting

Customer data is hosted on Supabase infrastructure located in Canada.

5. Data Retention

Decision & Evidence Data

Retention periods vary by subscription tier, up to 60 months. The active retention window is configurable in organization settings.

After the configured retention period, decision and evidence data is permanently deleted.

Audit Logs

Audit logs are retained for a minimum of 6 months and a default of 2 years, or longer where required by law or business necessity. Retention periods can be configured in organization settings.

Funnel Analytics

  • Individual events: deleted after 90 days
  • Aggregated statistics: retained for up to 2 years

Organization Deletion

When an organization is deleted, data enters a 3-month recovery window. After this period, all associated data is permanently deleted.

6. Individual Privacy Rights

Depending on applicable privacy laws in your jurisdiction, individuals may have rights regarding their personal information, including:

  • Access to personal information
  • Correction of inaccurate information
  • Deletion or anonymization, subject to organizational and legal obligations
  • Data portability
  • Restriction or objection to certain processing activities

Because Solvr is primarily used in a business context, requests may need to be coordinated with the individual's organization, which controls the data.

Requests can be submitted to privacy@solvr.cc and are typically processed within 30 days.

7. Cookies & Tracking

Solvr does not use cookies for advertising or behavioral tracking.

Anonymous Session Tracking

We use browser sessionStorage for anonymous session tracking on marketing pages. This data:

  • Is deleted when the browser is closed
  • Is not shared with third parties
  • Cannot identify individuals

Essential Cookies

Essential cookies are used for core application functionality (such as authentication sessions and security protections). These cookies are strictly necessary for the service to operate.

8. Third-Party Service Providers

Solvr uses trusted third-party service providers to operate the platform. These providers process data only on our instructions and are subject to contractual privacy and security obligations.

Stripe – Payment Processing

Processes subscription and payment information securely

Postmark – Inbound Email Routing

Receives and routes forwarded and CC'd decision threads into Solvr

Resend – Outbound Email Delivery

Sends transactional emails (invitations, notifications, reminders)

Supabase – Data Storage

Hosts encrypted customer data in Canada

Vercel – Application Hosting

Hosts and serves the Solvr application

Details regarding data locations, safeguards, and retention practices are available upon request.

9. Data Ownership

All decision content, evidence, and organizational data entered into Solvr remains the property of the customer organization. Solvr does not claim ownership of customer data and uses it solely to provide the service.

10. Privacy Contact & Complaints

For privacy-related questions, data access requests, or concerns:

Email: privacy@solvr.cc

Response Time: Within 30 days

If you believe your privacy rights have been violated, you may also contact the relevant data protection or privacy authority in your jurisdiction.

11. Changes to This Policy

We may update this Privacy Policy as our services evolve or to reflect changes in applicable laws. Material changes will be communicated to affected organizations. Continued use of Solvr constitutes acceptance of the updated policy.