Deal ShieldDeal Shield
Sign InGet Started

Privacy Policy

Last updated: November 4, 2025

Introduction

At Deal Shield, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our confidential due diligence platform. We are committed to protecting your sensitive business information with bank-grade security measures.

Our platform is designed specifically for high-value transactions where confidentiality is paramount. We understand that the information you process through Deal Shield is highly sensitive, and we have built our entire infrastructure around protecting it.

Information We Collect

Account Information

When you create a Deal Shield account, we collect:

  • Name and email address
  • Company name and business information
  • Billing and payment information (processed securely through Stripe)
  • Account credentials (passwords are encrypted and never stored in plain text)

Investigation Data

When you use our investigation platform, we temporarily process:

  • Deal information and documents you upload
  • Entity names, addresses, and identifiers you input
  • Verification requests and document analysis data
  • Risk reports and investigation results

🔒 Important: All investigation data is automatically deleted after 72 hours. You can also manually delete any investigation at any time from your dashboard.

Usage Information

We collect limited usage data to improve our service:

  • Login and access times
  • Feature usage patterns (which tools you use most)
  • Browser type and device information
  • IP address (for security and fraud prevention)

How We Use Your Information

We use your information solely to provide and improve our service:

  • Service Delivery: To process your due diligence investigations, verify documents, and generate risk reports
  • Account Management: To maintain your account, process payments, and provide customer support
  • Security: To detect and prevent fraud, unauthorized access, and other security threats
  • Communication: To send essential service updates, security alerts, and billing notifications
  • Product Improvement: To analyze aggregated, anonymized usage patterns to enhance our platform

Data Security

We implement enterprise-grade security measures to protect your information:

Encryption

  • Data at Rest: All stored data is encrypted using 256-bit AES encryption
  • Data in Transit: All communications use TLS 1.3 encryption
  • Database Encryption: Your investigation data is encrypted at the database level

Infrastructure Security

  • SOC 2 Type II certified infrastructure
  • Regular security audits and penetration testing
  • Isolated data storage with strict access controls
  • Multi-factor authentication for all accounts

Automatic Data Deletion

To minimize risk exposure, all investigation data (uploaded documents, analysis results, and risk reports) is automatically and permanently deleted after 72 hours. This ensures that sensitive deal information doesn't remain in our systems longer than necessary.

Data Sharing and Disclosure

✓ We do not sell, rent, or share your data with third parties for marketing purposes.

We only share information in these limited circumstances:

  • Service Providers: We use trusted vendors (Supabase for database, Stripe for payments, Vercel for hosting) who are contractually obligated to protect your data
  • Legal Requirements: We may disclose information if required by law, court order, or legal process
  • Business Transfer: If Deal Shield is acquired or merged, your information may be transferred to the new entity
  • With Your Consent: We may share information with your explicit permission

Data Retention

We practice strict data minimization:

  • Investigation Data: Automatically deleted after 72 hours (or immediately upon manual deletion)
  • Account Information: Retained while your account is active and for 30 days after account closure
  • Billing Records: Retained for 7 years for tax and accounting purposes
  • Usage Logs: Retained for 90 days for security and troubleshooting

Your Privacy Rights

You have the following rights regarding your information:

  • Access: Request a copy of your personal information
  • Correction: Update or correct inaccurate information
  • Deletion: Request deletion of your account and data
  • Export: Download your data in a portable format
  • Opt-Out: Unsubscribe from marketing communications (we send minimal marketing)
  • Restrict Processing: Request that we limit how we process your data

To exercise these rights, contact us at privacy@dealshield.com

Regulatory Compliance

GDPR (European Users)

For users in the European Economic Area, we comply with the General Data Protection Regulation:

  • Legal basis for processing: Contract performance and legitimate business interests
  • Data controller: Deal Shield Inc.
  • Right to lodge complaints with your supervisory authority
  • Data transfer safeguards: Standard Contractual Clauses

CCPA (California Users)

For California residents, we comply with the California Consumer Privacy Act:

  • We do not sell personal information
  • Right to know what personal information we collect
  • Right to delete personal information
  • Right to opt-out of data sales (not applicable as we don't sell data)
  • Right to non-discrimination for exercising privacy rights

Cookies and Tracking

We use minimal cookies and tracking technologies:

  • Essential Cookies: Required for authentication and core functionality
  • Analytics: We use first-party analytics only (no Google Analytics or third-party trackers)
  • No Advertising: We do not use advertising cookies or track you across websites

You can control cookies through your browser settings, but disabling essential cookies may impact functionality.

International Data Transfers

Deal Shield is based in the United States. If you access our service from outside the US, your information may be transferred to, stored, and processed in the United States. We ensure appropriate safeguards are in place for international transfers, including Standard Contractual Clauses approved by the European Commission.

Children's Privacy

Deal Shield is a B2B service not intended for individuals under 18 years of age. We do not knowingly collect information from children. If we become aware that we have collected information from someone under 18, we will promptly delete it.

Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will notify you of material changes by email and by posting a notice on our platform. Continued use of Deal Shield after changes constitutes acceptance of the updated policy.

Contact Us

If you have questions about this Privacy Policy or how we handle your information, please contact us:

Email: privacy@dealshield.com

Data Protection Officer: dpo@dealshield.com

Mail: Deal Shield Inc., Privacy Department, [Address]

Ready to protect your deals?

Join professionals who trust Deal Shield for confidential due diligence

Get Started Free