Privacy Policy

Last updated: March 6, 2026

1. Information We Collect

When you create an account, we collect your email address and name (provided via Google OAuth or email sign-in). When you use Wintura to generate proposals, we collect the client briefs, proposal content, and agency profile information you provide.

We also automatically collect usage data including pages visited, features used, and proposal view tracking (anonymized IP hashes for deduplication, not raw IP addresses).

2. How We Use Your Information

We use your information to:

  • Provide and improve the Wintura service
  • Generate AI-powered proposals based on your client briefs
  • Send transactional emails (magic link login, proposal delivery)
  • Process payments through our payment processor
  • Track proposal views to help you understand client engagement

3. Data Storage & Security

Your data is stored in a managed PostgreSQL database in the United States. All connections are encrypted in transit via TLS, and the database is encrypted at rest. We do not store raw IP addresses — only salted hashes for view deduplication.

Payment information is handled entirely by our PCI-DSS-compliant payment processor and never touches our servers.

4. Third-Party Services

We engage third-party service providers to operate the service across the following categories:

  • AI inference provider — to generate proposal content from your briefs
  • Payment processor — to handle subscription payments
  • Transactional email provider — to send magic-link logins, proposal delivery, and receipts
  • Cloud hosting provider — to serve the application
  • Managed database provider — to store proposal and account data
  • OAuth identity provider — for third-party sign-in
  • Object storage provider — for proposal assets and PDFs
  • Product analytics provider — to measure feature usage

Business customers may request the current list of named sub-processors at privacy@wintura.ai. See our Data Processing Agreement for the controller/processor terms.

5. AI-Generated Content

Client briefs you submit are sent to our AI inference provider to generate proposals. Our provider contractually does not use API inputs for model training. Your briefs and generated proposals are not shared with other users or used to improve AI models.

6. Data Retention

Your account data and proposals are retained as long as your account is active. You can delete individual proposals at any time. To delete your entire account and all associated data, go to Settings → Account → Danger zone. Deletion is immediate and irreversible.

7. Cookies

We use essential cookies only — session cookies for authentication. We do not use tracking cookies or third-party analytics cookies.

8. Your Rights

You have the right to access, correct, or delete your personal data. You can export your proposals at any time via PDF export, and you may delete your account at any time from your account settings. For other data rights, contact us at privacy@wintura.ai.

9. Changes

We may update this privacy policy from time to time. We will notify you of material changes via email or an in-app notification.

10. Business Customers

If you are a business customer subject to GDPR, CCPA, or similar regulations, see our Data Processing Agreement for the controller/processor terms, sub-processor list, and breach-notification SLA.

11. Contact

For privacy-related questions, contact us at privacy@wintura.ai.