ProPortal logoProPortal

Privacy Policy

Last updated: May 24, 2026

1. Who we are

ProPortal ("we", "us", "our") is operated by ProPortalBusiness.com. We act as the data controller for personal data you submit when using our website, and as a data processor for personal data your clients submit through your portal.

2. Data we collect

  • Account data: name, email, password hash, company name.
  • Customer content: clients, projects, invoices, files, messages you create.
  • Billing data: processed by Stripe; we never store full card numbers.
  • Usage data: log files, IP address, browser type, pages visited.
  • Cookies: session cookies and limited analytics. See section 8.

3. Legal bases (GDPR)

We process personal data under: (a) contract — to provide the service you signed up for; (b) legitimate interest — security, fraud prevention, product improvement; (c) legal obligation — tax and accounting; (d) consent — optional marketing emails and non-essential cookies, which you can withdraw at any time.

4. How we use data

To operate the service, authenticate you, process payments, send transactional emails, provide support, and comply with law. We do not sell your personal data.

5. Sub-processors

  • Supabase (EU region) — database, authentication, file storage.
  • Stripe — payment processing.
  • Cloudflare — DDoS protection and content delivery.
  • Resend — transactional email delivery.

6. International transfers

Where data leaves the EEA/UK, we rely on Standard Contractual Clauses and the EU–US Data Privacy Framework where applicable.

7. Retention

We keep account data while your account is active and for up to 90 days after deletion (longer for invoicing records required by tax law — typically 7–10 years).

8. Cookies

We use strictly necessary cookies for authentication. Analytics cookies are loaded only after you consent.

9. Your rights

You can access, correct, export, restrict, or delete your data, and object to processing. EU users may lodge a complaint with their supervisory authority. Email privacy@proportalbusiness.com.

10. Security

TLS in transit, encryption at rest, row-level security policies, principle of least privilege, regular backups, and incident response procedures.

11. Children

ProPortal is not directed at children under 16.

12. Contact

ProPortalBusiness.com — privacy@proportalbusiness.com