Privacy Policy

Version 2.2 — Last updated: May 14, 2026

NegotiateIt ("we", "us", "the Service") is an AI-powered negotiation practice platform. This policy explains what data we collect, why, how long we keep it, and your rights. We collect only the data necessary to provide the Service (data minimization).

The Service is not intended for the processing of sensitive personal data (e.g., health, biometric, political, religious data). Users should not submit such data during gameplay.

1. What We Collect

2. How We Use Your Data

• Providing the Service: Account and game result data powers your profile, progress, technique mastery, and session history. This is necessary to perform our contract with you (Art. 6(1)(b)).
• Product improvement: Where you have opted in to recording, transcripts may be processed in aggregated and pseudonymized form to improve system performance, AI opponent behavior, and difficulty calibration. We do not use your data to train general-purpose AI models.
• Safety and abuse detection: Minimal metadata about AI interactions (e.g., turn count, error flags, hostility classification) may be logged for abuse detection and system safety. Full conversation transcripts are only stored where you have opted in to recording (Art. 6(1)(f) — legitimate interest for metadata; Art. 6(1)(a) — consent for transcripts).
• Communication: We may send transactional emails (password reset, verification, subscription receipts). We do not send marketing emails without your explicit opt-in.

3. Conversation Recording Details

When you opt in to conversation recording:

• Your negotiation messages, AI responses, technique detections, emotional state changes, and game decisions are stored.
• Player text is automatically deleted after 90 days. AI dialogue and aggregate metadata (emotional trajectories, technique frequencies) are retained for the duration of your account.
• Detection evidence that quotes your messages is also purged at 90 days.
• Transcripts are stored securely in our database with encryption in transit (TLS).

If you revoke consent, future games will not be recorded. Existing transcripts remain on the basis of our legitimate interest (Art. 6(1)(f) GDPR) in maintaining product quality, detecting abuse, and debugging the system, until the 90-day auto-purge applies to player text and the rest is deleted on account deletion. You may request immediate deletion of all your transcripts at any time — see Section 6.

4. AI Processing

During gameplay, the following data is sent to our AI model providers to generate opponent dialogue and game decisions:

• What is sent: Your message text and game context (scenario, emotional state, turn history). Your email, name, or account identifiers are never sent to AI providers.
• Providers: Anthropic (Claude) as primary; Google (Gemini) as fallback. See our subprocessor list.
• Provider data retention: We use Anthropic's paid commercial API, where input data is not used for model training by default. Anthropic may retain API inputs for up to 30 days for safety and abuse monitoring purposes.
• No general-purpose training: We do not provide your data to any AI provider for the purpose of training general-purpose models.

5. Data Retention

• Account data: Retained for the duration of your account. Anonymized on account deletion (billing records retained for 10 years per German tax law, § 147 AO).
• Game results: Retained for the duration of your account and as long as necessary to provide historical progress features. Deleted on account deletion.
• Conversation transcripts: Player text auto-purged after 90 days. AI dialogue and metadata retained for duration of account. All transcripts deleted on account deletion.
• Consent records: Retained for the duration of your account for compliance purposes.
• Purchase consent records: When you purchase a subscription, we record evidence of your consent to the EU 14-day withdrawal waiver under Art. 16(m) CRD / § 356 Abs. 5 BGB: timestamp, truncated IP address (IPv4 /24 or IPv6 /64), truncated user-agent string (maximum 512 characters), product ID, price, and a cryptographic hash of the legal wording shown to you at the moment of purchase. Retained for 10 years per German § 147 AO. Legal basis: GDPR Art. 6(1)(c) (legal obligation) and Art. 6(1)(f) (legitimate interest in evidentiary value for tax and consumer-rights audits).

6. Your Rights

Depending on your jurisdiction, you have the right to:

• Access your personal data
• Delete your account and associated data (Profile settings or contact us)
• Withdraw consent for conversation recording and analytics at any time (Profile settings)
• Data portability — download a copy of your data
• Correction — update inaccurate information
• Object to processing based on legitimate interest (EU)
• Restriction of processing in certain circumstances (EU)
• Lodge a complaint with a supervisory authority in your country of residence or in Germany (the competent authority is the Landesbeauftragte für den Datenschutz und für das Recht auf Akteneinsicht Brandenburg)

To exercise these rights, contact privacy@negotiateit.ai. We will verify your identity (typically by confirming the email address associated with your account) and respond within one month. We may extend this period by up to two further months for complex or numerous requests and will inform you of any such extension — with reasons — within the first month.

Appeals. If we deny your request, you may appeal by emailing privacy@negotiateit.ai with "Appeal" in the subject line. We will respond within 60 days.

7. Automated Decision-Making

The Service uses automated systems to generate feedback, performance scores, technique classifications, and coaching suggestions based on your gameplay. These automated processes are part of the core Service and do not produce legal or similarly significant effects on you. You may contact us if you have questions about how automated scores are determined.

8. Third-Party Services

We use third-party services to operate the Service. Our complete subprocessor list, which forms part of this policy, details each provider, the data they process, and their location.

Key points:

• AI providers receive your messages during gameplay (see Section 4). They do not receive your identity.
• Payment processing is handled by Creem (operated by Armitage Labs OÜ in Estonia), our merchant of record. Creem invoices you, processes payment, calculates and remits applicable taxes (VAT under EU OSS, US state sales tax), and processes refunds. We share with Creem only what is necessary to fulfil your purchase: email address, country, and billing address. Your payment instrument (card number, expiry, CVV) is handled directly by Creem's hosted checkout and never reaches our servers. Legal basis: GDPR Art. 6(1)(b) (performance of contract). Creem is established in the EU (Estonia), so the contracting transfer is intra-EU; certain Creem sub-processors are US-based and are covered under Creem's own Standard Contractual Clauses per its DPA.
• In-app analytics are only active if you explicitly opt in via the consent prompt. This includes aggregated custom events — such as which opponent card or pricing button was clicked — none of which are linked to your identity. Our landing page uses privacy-friendly, cookieless analytics: we store no cookies and no client-side identifier. To estimate visitor counts, our server derives a temporary, daily-rotating pseudonymous identifier from your IP address and browser type; your raw IP address is never stored and never sent to our analytics processor (PostHog). We rely on our legitimate interest (Art. 6(1)(f) GDPR) in understanding aggregate website usage. Because nothing is stored on or read from your device, no cookie consent is required (§25 TTDSG).
• Marketing attribution uses server-side conversion measurement APIs (Meta Conversions API, AppLovin S2S) to attribute paid acquisition campaigns. We transmit hashed identifiers (such as a one-way hash of your email) and conversion event types only — never browsing behavior or any personal information beyond what is necessary to attribute a signup or purchase.
• Error monitoring may include device information and anonymized error context, but never message content or personal data.

We do not sell personal information. We do not share personal information for cross-context behavioral advertising.

9. Security

We implement appropriate technical and organizational measures to protect personal data, including:

• Encryption in transit (TLS/HTTPS)
• Password hashing with Argon2id (industry-standard memory-hard algorithm)
• Access controls and authentication on API endpoints
• Rate limiting and abuse prevention measures
• PII redaction policies for application logs and error reports
• Regular backups with documented restore procedures

No system is perfectly secure. We continually work to improve our security posture and will notify affected users and relevant authorities in the event of a data breach, in accordance with GDPR Articles 33 and 34.

10. International Data Transfers

We are based in Germany (EU). Your data may be transferred to and processed in the United States when we use third-party services (Anthropic, Google, Resend, Sentry, Cloudflare, PostHog). Where such transfers occur, we rely on:

• The EU-U.S. Data Privacy Framework (for certified providers), and/or
• Standard Contractual Clauses (SCCs) as appropriate

in compliance with GDPR Chapter V.

PostHog, Inc. is established in the United States. We use PostHog for both in-app product analytics and cookieless landing-page analytics; transfers to PostHog are covered by the EU-U.S. Data Privacy Framework and Standard Contractual Clauses.

Our remaining sub-processors are EU-hosted and do not result in international transfers: Fly.io (primary region EU), Creem (payments, EU). Typography is served from our own infrastructure, so no font request transmits your IP to Google.

11. Age Requirement

NegotiateIt is intended for users aged 18 and older. You must confirm that you are at least 18 years old when creating an account. We do not knowingly collect personal information from anyone under 18. If we learn that a user is under 18, we will terminate their account and delete their data promptly.

12. US State Privacy Rights

If you are a resident of a US state with a comprehensive privacy law — currently including California, Virginia, Colorado, Connecticut, Texas, Florida, Oregon, Montana, Utah, Iowa, Delaware, New Hampshire, New Jersey, Tennessee, Maryland, Minnesota, Nebraska, Indiana, Kentucky, and Rhode Island — you have the rights described below. We honor these rights regardless of whether we technically meet the thresholds of your state's law.

12.1 Your rights

• Access: request the categories and specific pieces of personal information we have collected about you.
• Delete: request deletion, subject to legal exceptions (tax recordkeeping, ongoing service provision).
• Correct: request correction of inaccurate information.
• Portability: receive a copy of your personal information in a portable format.
• Opt out of sale: we do not sell your personal information.
• Opt out of sharing for cross-context behavioral advertising: we do not engage in this practice.
• Opt out of profiling that produces legal or similarly significant effects: we do not perform profiling of this kind.
• Non-discrimination: we will not discriminate against you for exercising your privacy rights.

12.2 Sources of personal information

We collect personal information directly from you (when you register and use the Service), from your interactions with the Service (game results, usage activity, conversation transcripts if you have opted in to recording), and from the third-party authentication services you choose to use (Google OAuth).

12.3 How to exercise your rights

Email privacy@negotiateit.ai. Include "Privacy Request" in the subject line and describe what you are asking for.

12.4 Verification

We will verify your identity before processing requests, typically by confirming the email address associated with your account. For sensitive requests we may ask additional verification questions.

12.5 Authorized agents

You may designate an authorized agent to make requests on your behalf. We require a signed written authorization (or a notarized power of attorney) plus verification of your own identity. We will deny agent requests that lack adequate authorization or verification.

12.6 Response time and appeals

We will confirm receipt of your request and respond within 45 days. We may extend this period by an additional 45 days for complex or numerous requests, with notice to you within the initial 45-day window.

If we deny your request, you may appeal by emailing privacy@negotiateit.ai with "Appeal" in the subject line. We will respond to appeals within 60 days. If you remain unsatisfied, you may contact your state attorney general.

12.7 California-specific (CCPA/CPRA)

Categories of personal information collected: identifiers (email, display name), internet activity (game results, usage data), inferences (negotiation scores, technique proficiency), and — where you have opted in to recording — the contents of communications (your typed negotiation messages).

Sensitive personal information. Where you have opted in to recording, your conversation transcripts may qualify as "contents of communications" under CPRA § 1798.140(ae). We process these only to provide and improve the Service; we do not infer characteristics about you for any purpose beyond gameplay feedback. You may revoke recording consent at any time in your Profile or request deletion of any stored transcripts via the contact above. Under California law you also have the right to limit our use of sensitive personal information; we already limit ours to the purposes just described.

Purpose of collection: providing the Service, improving system performance, communicating about your account.

Retention: see Section 5.

13. Changes to This Policy

We may update this policy from time to time. Material changes will be communicated through the app or by email at least 30 days before they take effect. The version number and date at the top indicate the most recent revision.

14. Contact

For privacy-related questions, data requests, or concerns:

Email: privacy@negotiateit.ai

Postal: BD Nova UG (haftungsbeschränkt), Straße der Jugend 18, 14974 Ludwigsfelde, Germany