1. INTRODUCTION
DealDoctor PLLC ("DealDoctor," "we," "us," or "our") operates the CARMAI™
software platform ("Software"). This Privacy Policy describes how we collect,
use, disclose, and protect information in connection with your use of the
Software, including the CARMAI™ Word Plugin
and CARMAI™ Web application (collectively, the "Services").
By using the Services, you consent to the practices described in this Privacy
Policy. If you do not agree, do not use the Services.
2. PRIVACY-FIRST ARCHITECTURE
CARMAI™ is built on a privacy-first architecture. We designed the Software
to minimize the exposure of your sensitive information:
DOCUMENT ANONYMIZATION
Before any document text is transmitted to AI providers for analysis,
CARMAI™ applies an anonymization layer that:
• Detects and replaces party names, counterparty names, and personally
identifiable information (PII) with anonymized placeholders
• Uses pattern matching to catch misspellings and variations
• Is designed to ensure that text transmitted to Cloud AI Providers has been anonymized
WHAT THIS MEANS FOR YOU:
• Your original document text is processed on Licensor’s analysis server and is not intentionally transmitted to Cloud AI Providers
• AI providers (Anthropic, OpenAI, Google) are designed to receive anonymized text
• DealDoctor servers receive document text, apply anonymization, and route the resulting anonymized text to AI providers for analysis
• Your confidential terms, party names, and deal details are designed not to be
transmitted to third parties in identifiable form, although no anonymization process can guarantee complete removal of all identifiable information in every instance
3. INFORMATION WE COLLECT
3.1 ACCOUNT INFORMATION
When you register for CARMAI™, we collect:
• Your name and email address
• Organization name
• License key
• Role designation (CARMA Champion)
3.2 USAGE DATA
We collect technical data about how you use the Software:
• Feature usage patterns (which modules, tabs, and tools you use)
• Error reports and crash logs
• Performance metrics (analysis times, export counts)
• Session duration and frequency
We do NOT collect:
• The content of your documents
• Your analysis results or findings
• Your business strategies or work product
• Your entity configurations or counterparty information
3.3 ANONYMIZED ANALYSIS TEXT
When you use AI-powered analysis features, we process the anonymized
version of your document text through our AI routing infrastructure.
This anonymized text:
• Contains NO identifiable party names or PII
• Is used solely to route your request to AI providers
• Is not retained after the analysis response is delivered
(Note: CARMAlly™ conversations are stored separately; see Section 3.5)
• Is not intended to be used to train any AI models
3.4 ENTITY SETUP AND CONFIGURATION DATA
Your entity profiles, risk configurations, jurisdiction selections,
and regulatory mappings are stored in your dedicated database instance.
This data:
• Is stored in a dedicated, isolated database
• Is encrypted at rest and in transit
• Is accessible only to authorized users within your organization
• Is designed not to be shared with other tenants or third parties
3.5 CARMAlly™ AI ASSISTANT CONVERSATIONS
When you use CARMAlly™, the AI assistant within the Software, your
conversations (questions you ask and responses you receive) are handled
differently depending on your product tier:
CUSTOMERS WITH A DATABASE-TIER SUBSCRIPTION (PLUGIN+DB, PROFESSIONAL, ENTERPRISE):
Conversations are stored in your organization's dedicated database
instance. This data:
• Is stored in your dedicated, isolated tenant database
• Is retained for the period configured by your administrator
(default: 90 days; configurable to 30, 90, 365, or 1095 days)
• Is accessible to your organization's administrators for
compliance and audit purposes
• Can be exported or deleted by you at any time
• Is not intended to be shared with other customers or used to train AI models
• Is not transmitted to Cloud AI Providers (only the current
query is sent for processing; conversation history remains local)
PLUGIN-ONLY CUSTOMERS:
Conversations exist only during the active session. They are not stored
on DealDoctor servers or retained on your device after the session ends.
3.6 COOKIES AND SESSION MANAGEMENT
The Software uses a strictly necessary session cookie (carmai_sid)
to maintain your authenticated session. This cookie:
• Is set upon successful login and expires after 24 hours
• Is configured with HttpOnly and Secure attributes to prevent
access by third-party scripts and ensure encrypted transmission
• Is classified as strictly necessary for operation and does not
require separate consent under applicable cookie regulations
The Software does not use advertising cookies, tracking cookies,
analytics cookies, or any third-party cookies.
3.7 CARMAGREE™ ELECTRONIC SIGNATURE DATA
When you use CARMAgree™, the Software's electronic signature service,
Licensor stores signed documents and related data (including signer names,
email addresses, signing actions, and timestamps) on its servers for the
duration of the active Subscription.
Storage location depends on your subscription tier:
• Plugin-only customers: CARMAgree™ data is stored in CARMAsigned™,
a database shared across Plugin-only customers with logical separation
between each customer's data.
• Plugin+DB, Professional, and Enterprise customers: CARMAgree™
data is stored in your organization's own dedicated database with
physical separation from other customers.
Upon cancellation or termination, you have sixty (60) days to export
CARMAgree™ data through the Software. After that period, CARMAgree™
data is permanently deleted.
Electronic signatures captured via CARMAgree™ are intended to comply
with the U.S. Electronic Signatures in Global and National Commerce
Act (15 U.S.C. § 7001 et seq.) and the Uniform Electronic Transactions
Act as adopted by each applicable State. See Section 6.d of the EULA
for details.
Electronic signatures captured via CARMAgree™ are intended to comply
with the U.S. Electronic Signatures in Global and National Commerce
Act (15 U.S.C. § 7001 et seq.) and the Uniform Electronic Transactions
Act as adopted by each applicable State. See Section 6.d of the EULA
for details.
4. HOW WE USE YOUR INFORMATION
We use the information we collect to:
• Provide, maintain, and improve the Services
• Process your AI analysis requests (using anonymized text only)
• Authenticate your license and manage your account
• Send transactional communications (account setup, password resets,
critical security notices)
• Monitor and improve Software performance and reliability
• Comply with legal obligations
We do not currently use your information to:
• Train AI models (ours or any third party's)
• Sell or rent your data to third parties
• Build profiles for advertising purposes
• Share your data with other CARMAI™ customers
• Contact you for marketing purposes without your consent
5. AI PROVIDER DATA HANDLING
CARMAI™ routes anonymized analysis requests through cloud AI providers.
Our current providers and their data handling:
ANTHROPIC (Claude): Anonymized text is processed per Anthropic's API
terms. Anthropic represents that it does not use API inputs to train models under its current API terms.
OPENAI (GPT): Anonymized text is processed per OpenAI's API terms.
OpenAI represents that it does not use API inputs to train models under its current API terms.
GOOGLE (Gemini): Anonymized text is processed per Google's API terms.
Google represents that it does not use API inputs to train models under its current API terms.
BRING YOUR OWN KEY (BYOK): If you provide your own API keys, your
requests are sent directly to your chosen provider under your own
API agreement. DealDoctor does not intentionally intercept or retain BYOK traffic
beyond the anonymization step.
IMPORTANT: Even with these safeguards, we cannot guarantee the behavior
of third-party AI providers. We select providers with strong privacy
commitments, but their terms may change. We will notify you of any
material changes to our AI provider relationships.
6. DATA STORAGE AND SECURITY
6.1 INFRASTRUCTURE
• Hosted on commercial cloud infrastructure with industry-standard physical and network security
• Encryption of data at rest and in transit using industry-standard protocols
• Dedicated database per tenant (no shared tables)
• Regular automated backups
6.2 ACCESS CONTROLS
• Access controls within your organization
• Workflow enforcement for document approvals
• Audit logging of user actions
• DealDoctor restricts employee access to your data and requires your prior written consent before any such access, except as necessary for emergency security response
6.3 DATA RETENTION
• Account data: Retained while your account is active, plus 60 days
after termination for data export
• Analysis routing logs: Not retained after response delivery
• Usage analytics: Aggregated and anonymized, retained for 24 months
• Audit logs: Retained per your organization's configuration
• CARMAlly™ conversations (customers with a database-tier Subscription): Retained per your administrator's configuration (default: 90 days; configurable to 30, 90, 365, or 1095 days). Automatically purged thereafter.
• Audit trail (customers with a database-tier Subscription): Retained per the same administrator-configured retention period as CARMAlly™ conversations
• CARMAgree™ signed documents and related data: Retained for the active Subscription period plus a sixty (60) day post-termination grace window, after which permanently deleted. Plugin-only customers' CARMAgree™ data is stored in CARMAsigned™ (a database shared across Plugin-only customers with logical separation between each customer's data); Plugin+DB, Professional, and Enterprise customers' CARMAgree™ data is stored in their own dedicated database with physical separation from other customers.
• Session cookies: Expire after 24 hours
7. YOUR RIGHTS AND CHOICES
7.1 DATA EXPORT (PORTABILITY)
You may export all of your organization's data at any time using the
built-in data export feature. Exports include all documents, analysis
results, entity configurations, and related data
in commonly used formats (DOCX, PDF, CSV). This supports your rights under GDPR
Article 20 and similar data portability regulations.
7.2 DATA DELETION AND RETENTION CONTROLS
Customers with a database-tier Subscription have the following data management controls,
available to administrators in Settings:
• Delete individual CARMAlly™ conversations at any time
• Bulk-clear all CARMAlly™ conversation history (double confirmation required)
• Bulk-clear audit trail data (double confirmation required)
• Export conversations before deletion
• Configure automatic retention periods (30, 90, 365, or 1095 days)
• Individual users may delete their own conversations
ACCOUNT DELETION
You may request deletion of your account and all associated data by
contacting us at privacy@dealdoctor.pro. Upon verified request, we
will delete your tenant database and all associated records within 30
days, subject to legal retention requirements.
7.3 ACCESS AND CORRECTION
You may access and correct your account information at any time through
the Entity Setup interface. For data that cannot be corrected through
the interface, contact us at privacy@dealdoctor.pro.
7.4 OPT-OUT
• You may opt out of non-essential communications at any time
• You may disable usage analytics in Settings
• You may use BYOK to route AI requests through your own provider
agreements
8. CHILDREN'S PRIVACY
The Services are not directed to individuals under the age of 18. We do
not knowingly collect personal information from children. If we learn
that we have collected personal information from a child under 18, we
will take steps to delete such information promptly.
9. INTERNATIONAL DATA TRANSFERS
Our servers are located in the United States. If you access the Services
from outside the United States, your information may be transferred to,
stored, and processed in the United States. By using the Services, you
consent to such transfers. We implement appropriate safeguards for
international data transfers, including standard contractual clauses
where required.
10. CHANGES TO THIS POLICY
We may update this Privacy Policy from time to time. We will notify you
of material changes by:
• Displaying a notice within the Software
• Sending an email to your registered address
• Posting the updated policy on our website
Your continued use of the Services after such notification constitutes
your acceptance of the updated Privacy Policy.
If you have questions or concerns about this Privacy Policy or our data practices, contact us at:
| Company: | DealDoctor PLLC |
| Privacy Inquiries: | privacy@dealdoctor.pro |
| Legal Inquiries: | legal@dealdoctor.pro |
| General Support: | support@dealdoctor.pro |