Legal Review Required — The content below is a placeholder template. All sections marked [PLACEHOLDER] must be reviewed and approved by legal counsel before this page is published to users.

The ACP Deal Tracker collects the following categories of information from authorized users:

• Account data: name, email address, role, group membership
• Activity data: login history, pages viewed, actions taken within the platform (deal edits, comments, task updates)
• Device data: browser user-agent, device type (mobile/desktop) collected at login
• Communication data: messages and comments entered within the platform

[PLACEHOLDER — expand categories and add any additional data collected]

Information collected is used to:

• Authenticate and maintain your session
• Provide platform features (deal tracking, task management, messaging)
• Audit access for security and compliance purposes
• Send notifications related to your assigned deals and tasks

[PLACEHOLDER — add additional uses; confirm no sale or sharing with third parties for marketing]

Platform data is stored in Supabase (PostgreSQL), hosted on infrastructure operated by Supabase, Inc. Authentication sessions use secure, HttpOnly cookies and are not accessible to client-side scripts. Passwords are hashed using bcrypt and are never stored in plain text. [PLACEHOLDER — add data retention policy, backup procedures, and any encryption-at-rest details]

The platform uses a single session cookie (acp_session) to maintain your authenticated session. This cookie is HttpOnly (not accessible to JavaScript), Secure (transmitted only over HTTPS), and expires after 30 minutes of inactivity. No third-party tracking cookies are used. [PLACEHOLDER — confirm no analytics or advertising cookies are present]

Your information is not sold or shared with third parties for commercial purposes. Data may be shared with service providers who operate infrastructure on behalf of ACP (e.g., Supabase for database hosting, Resend for transactional email, Vercel for application hosting). [PLACEHOLDER — list all sub-processors and add data processing agreement references]

[PLACEHOLDER — describe user rights including access, correction, deletion, and data portability rights applicable under CCPA/GDPR or other applicable law]

[PLACEHOLDER — specify how long each category of data is retained and the criteria for deletion]

We may update this Privacy Policy from time to time. Users will be notified of material changes through the platform. Continued use following notice constitutes acceptance. [PLACEHOLDER — specify notice method]

Privacy questions or requests should be directed to: [PLACEHOLDER — insert privacy contact email]

Adobe Capital Partners • ACP Deal Tracker • Terms of Service