Privacy Policy
Last updated: 2 April 2026
1. Overview
Pre Contract Review (“we”, “us”, “our”) is committed to protecting your privacy. This policy explains what data we collect, how we use it, and your rights under the Australian Privacy Act 1988 and the Australian Privacy Principles (APPs).
2. What We Collect
2.1 Document Content (Temporary)
When you upload a PDF, the text is extracted in your browser and sent to our server for analysis. We do not store your PDF files or the extracted text after the analysis is complete. The text is processed in memory and discarded once the analysis response is returned.
2.2 Payment Information
Payments are processed by Stripe. We do not collect, store, or have access to your credit card numbers, bank account details, or other payment credentials. Stripe handles all payment data in accordance with PCI DSS standards.
We receive from Stripe: the payment amount, currency, payment status, and the filename you provided (for your reference on the receipt).
2.3 Shared Reports
If you use the “Share” feature, your analysis results are stored on our servers for 30 days and accessible via a unique link. After 30 days, shared reports are automatically deleted. You can also delete a shared report by contacting us.
2.4 Feedback
If you submit feedback via the star rating widget, we store your rating, optional comment, and the property address from the analysis. We do not collect your name or email address through the feedback widget.
2.5 Analytics and Usage Data
We collect anonymous usage metrics to improve the Service, including: number of analyses performed, success/failure rates, and response times. These metrics do not contain personally identifiable information or document content.
2.6 Authentication (Admin Only)
Our admin dashboard uses Clerk for authentication. This only applies to our internal team — public users of the Service do not need to create an account or provide any personal information beyond what is listed above.
3. What We Do NOT Collect
- We do not store your uploaded PDF files
- We do not store the extracted text from your documents
- We do not collect your name, email, phone number, or address (unless you email us directly)
- We do not use cookies for advertising or tracking
- We do not sell, rent, or share your data with third parties for marketing
- We do not require account creation to use the Service
4. How We Use Your Data
The limited data we collect is used solely to:
- Process your payment and deliver the analysis
- Generate and deliver shared report links (when you choose to share)
- Improve the accuracy and reliability of the Service
- Monitor for errors and service disruptions
- Respond to support requests
5. Third-Party Services
We use the following third-party services:
| Service | Purpose | Data Shared |
|---|---|---|
| Stripe | Payment processing | Payment details (handled by Stripe, not us) |
| OpenRouter | AI analysis | Extracted document text (not stored by them) |
| Vercel | Hosting | Standard web server logs (IP, user agent) |
| Upstash | Shared reports storage | Analysis results (when you share a report) |
| Clerk | Admin authentication | Admin team accounts only (not public users) |
6. Data Retention
- Document text: Not retained. Processed in memory and discarded immediately after analysis.
- Shared reports: 30 days from creation, then automatically deleted.
- Error logs: 7 days, then automatically deleted.
- Usage metrics: 90 days, aggregated and anonymous.
- Payment records: Retained by Stripe per their policies. We retain payment session metadata (amount, date, status) indefinitely for accounting purposes.
- Feedback: Retained indefinitely unless you request deletion.
7. Your Rights
Under the Australian Privacy Act 1988, you have the right to:
- Request access to any personal information we hold about you
- Request correction of inaccurate information
- Request deletion of your data (including shared reports and feedback)
- Lodge a complaint with the Office of the Australian Information Commissioner (OAIC) if you believe we have breached the APPs
To exercise these rights, contact us at support@precontractreview.com.
8. Security
We take reasonable steps to protect your data, including:
- All data transmitted via HTTPS encryption
- API keys and secrets stored server-side only, never in client code
- Payment processing fully handled by Stripe (PCI DSS compliant)
- No PDF files stored on our servers
- Admin access protected by authentication
9. Changes to This Policy
We may update this policy from time to time. Changes will be posted on this page with an updated date. Continued use of the Service after changes constitutes acceptance.
10. Contact
For privacy-related questions or requests, contact us at support@precontractreview.com.
See also: Terms of Service