DealLink.ai

DealLink.ai – Privacy Policy

Last Updated: October 2025

At DealLink.ai (operated by Ridgeline Consulting, LLC DBA Ridgeline AI), we are committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our platform.

1. Information We Collect

We collect information that you provide directly to us:

  • Account Information: Email address, name, and authentication credentials when you create an account.

  • Document Data: Lease documents, purchase and sale agreements, and other files you upload to the platform for processing.

  • Usage Data: Information about how you interact with the platform, including features used and processing history.

We do not store: IP addresses, browser type, device information, or other technical identifiers beyond what is necessary for session management.

2. How We Use Your Information

We use the information we collect to:

  • Provide and improve our services: Process your documents, generate lease abstracts, and deliver AI-powered features.

  • Maintain your account: Manage authentication and account settings.

  • Communicate with you: Send service updates, technical notices, and respond to your inquiries.

  • Improve our platform: Analyze usage patterns to enhance features, fix bugs, and optimize performance.

  • Ensure security: Detect, prevent, and address fraud, security issues, and technical problems.

3. Document Processing & AI Services

Your documents go through multiple processing stages:

  • Document Conversion: PDF and other document formats are converted to text using third-party document processing services. These services delete your uploaded documents immediately after conversion is complete, and any response data is deleted within 4 hours.

  • AI Analysis: Converted text is processed using third-party AI services to generate lease abstracts, purchase and sale agreement summaries, and extract information.

  • Data Usage: We do not train AI models on your data. Your documents are processed for the sole purpose of providing you with document analysis and related services.

  • Third-Party Security: All third-party services we use implement industry-standard security measures including encryption in transit and at rest. Our AI service providers maintain enterprise-grade compliance certifications including HIPAA and SOC 2, ensuring the highest standards for data security and privacy protection. We carefully vet our service providers to ensure they maintain appropriate data protection practices.

  • Your Ownership: You retain full ownership of all documents and data you upload to the platform.

4. Data Storage & Security

  • Your data is stored securely using Supabase (a PostgreSQL-based cloud database) with encryption at rest and in transit.

  • We use secure authentication protocols including OAuth and encrypted passwords.

  • Access to your data is restricted to authorized personnel and systems necessary to provide our services.

  • While we implement strong security measures, no system is completely secure, and we cannot guarantee absolute security of your data.

5. Data Sharing & Third-Party Services

We do not sell your personal information. We may share your information with:

  • Document Processing Services: Third-party services that convert your PDF and document files to text format. These services temporarily store your documents during processing and automatically delete them after conversion is complete.

  • AI Service Providers: Third-party AI services that maintain HIPAA and SOC 2 compliance certifications for document analysis and information extraction. These providers do not train models on your data.

  • Cloud Infrastructure: Vercel (hosting), Supabase (database), and AWS/Google Cloud (storage).

  • Legal Requirements: When required by law, court order, or to protect our rights and safety.

6. Google Calendar Integration

DealLink.ai offers optional integration with Google Calendar to help you manage important dates extracted from your documents:

  • What We Access: When you choose to connect your Google Calendar, we request permission to create calendar events. We use the limited Google Calendar API scope (https://www.googleapis.com/auth/calendar.events) which only allows creating new events without access to your existing calendar data.

  • How We Use It: We create calendar events for dates extracted from documents you have uploaded. These dates include lease expiration dates, renewal deadlines, rent commencement dates, due diligence milestones, and closing deadlines.

  • What We Don't Do: We never read, modify, or delete your existing calendar events. We only add new events. We do not access or store any of your existing calendar data.

  • Your Control: This integration is entirely optional. You can revoke calendar access at any time through your Google account settings.

  • Data Storage: Your Google Calendar access token is stored locally in your browser and is never sent to our servers. The token is only used to communicate directly with Google's Calendar API on your behalf.

7. Data Retention

  • We retain your account information and documents as long as your account is active.

  • You may delete your documents at any time through the platform interface.

  • If you close your account, we will delete your data, except where we are required to retain it for legal or regulatory purposes.

8. Your Privacy Rights

Depending on your location, you may have the following rights:

  • Access: Request a copy of the personal information we hold about you.

  • Correction: Update or correct inaccurate information.

  • Deletion: Request deletion of your personal information (subject to legal retention requirements).

To exercise these rights, contact us at stephen@ridgelineai.com.

9. Cookies & Session Management

  • We use essential cookies only for authentication and session management to keep you logged in.

  • We do not use tracking cookies or analytics cookies that collect browsing behavior or technical identifiers beyond session requirements.

  • Session cookies are automatically deleted when you log out or close your browser.

10. Children's Privacy

DealLink.ai is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If we become aware that a child has provided us with personal information, we will delete it promptly.

11. International Data Transfers

Your information may be transferred to and processed in countries outside your country of residence. We ensure appropriate safeguards are in place to protect your data in accordance with this Privacy Policy.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy on this page and updating the "Last Updated" date. Continued use of the platform after changes constitutes acceptance of the updated policy.

13. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

Email: stephen@ridgelineai.com

Company: Ridgeline Consulting, LLC DBA Ridgeline AI