DealWithIt — Privacy Policy
DealWithIt, Inc.
Version 2.0 · Last Updated: June 16, 2026
1. Introduction and Scope
DealWithIt, Inc. (“Company,” “DealWithIt,” “we,” “us,” or “our”) provides an AI-assisted consumer-advocacy service that helps you prepare and (at your direction) send complaints to companies. This Privacy Policy explains how we collect, use, disclose, and protect personal information when you use our website at https://dealwithit.ai and its subdomains, our web application, and related features (together, the “Service”).
This Privacy Policy is part of, and incorporated into, our Terms of Service (available at https://dealwithit.ai/terms). By using the Service, you acknowledge that you have read this Privacy Policy. If you do not agree with it, do not use the Service.
2. Who This Policy Covers
The Service is intended for individual consumers in the United States who are at least 18 years old. It is not directed to children, and we do not knowingly collect personal information from anyone under 18 (see Section 14). The Service is currently offered to a limited group of approved users during an early-access period.
3. Information We Collect
We collect the following categories of information:
3.1 Information you provide to us
Account information. When you sign in (typically with Google Sign-In) or request access, we receive your name, email address, and basic Google profile information (such as your profile photo and Google account identifier). Legacy accounts may use an email address and password.
Your complaint and case content. The description of your problem (typed or spoken), any voice recordings you make and their transcripts, the outcome you are seeking, and the files and evidence you upload (such as receipts, photos, screenshots, PDFs, or other documents), along with text and data we extract from them.
Communications you approve or send. The drafts you review and the content of any message you choose to send through the Service (for example, an email sent from your connected Gmail account), and records that the message was sent.
Support and other communications. Information you provide when you contact us, request access, give feedback, or otherwise communicate with us.
3.2 Information about other people contained in your content
Your complaints, uploads, and messages may include personal information about other people — most often the companies you are complaining about and their staff, and sometimes other individuals mentioned in your evidence. You are responsible for ensuring you have the right to provide that information, and you should not include more third-party personal information than is necessary for your matter.
3.3 Information we collect automatically
Device and usage data. When you use the Service, we and our analytics provider automatically collect technical information such as your IP address, browser and device type, pages and features used, actions taken, dates and times of access, and similar log information.
Approximate location. We may infer your approximate (city/region-level) location from your IP address. We do not collect precise geolocation from your device.
Cookies and similar technologies. We use cookies and similar technologies (such as browser local storage) that are necessary to sign you in and operate the Service, and analytics technologies to understand usage. See Section 10.
3.4 Information from third parties
Google Sign-In. If you sign in with Google, Google provides us with the profile information described above, consistent with your Google settings.
Gmail (only if you connect it). If you connect your Google account to send email, we receive authorization tokens that let us send email as you for the messages you approve. We describe our handling of Google user data in Section 7. Today we request only permission to send email; we do not read your mailbox.
4. Sensitive Information — Please Be Careful What You Upload
You decide what to put into your complaints and uploads, and that content can sometimes include sensitive information — for example, financial account details, or, if they appear in documents you upload, government identifiers or health information. We do not need, and we ask that you do not provide, highly sensitive identifiers such as Social Security numbers or full payment card numbers. The Service does not currently automatically redact sensitive information from your uploads, so please remove or black out anything you do not want to submit. We do not use sensitive information to infer characteristics about you or for advertising.
5. How We Use Information
We use the information we collect to:
provide and operate the Service — for example, to create and manage your account, run your case (identify the company, research its policies and potentially relevant rules, scan public sources for context, and generate drafts), transcribe voice input, extract text from uploads, and send a message when you direct us to;
authenticate you, enforce usage limits and access controls, and maintain the security and integrity of the Service;
communicate with you, including sending account, transactional, and service-related messages (such as access approvals and case notifications) via our email provider;
protect against, investigate, and respond to fraud, abuse, harmful or prohibited use, and other trust-and-safety and legal matters (which may include retaining limited records of complaints we decline to process);
develop and improve the Service, including evaluating quality and building our internal knowledge base of complaint and resolution patterns, using de-identified and/or aggregated data for these purposes; and
comply with our legal obligations and enforce our Terms of Service.
We do not sell your personal information, we do not use it for third-party or cross-context behavioral advertising, and we do not use your content — or allow our AI providers to use it — to train generalized or third-party AI models. See Sections 6 and 9.
Automated processing. The Service uses automated processing and artificial intelligence to transcribe input, analyze your case, and generate drafts for you. These are tools to assist you: you review the results and decide what to do, and we do not use them to make decisions that produce legal or similarly significant effects about you without your involvement. If you have questions about our automated processing, contact us at privacy@dealwithit.ai.
6. AI Providers and How Your Data Is Used for Artificial Intelligence
The Service relies on third-party artificial-intelligence and research providers to function. In production, the AI/research providers that process your case content are Google (Gemini models, used for transcription, reading images and PDFs, and generating drafts and analysis) and Perplexity (used for AI-assisted web research about the company and relevant policies and rules). To provide the Service, we send relevant case content to these providers — for example, your complaint text and transcripts to Gemini, and research queries and related context (such as the company name and issue details) to Perplexity.
We use paid or enterprise tiers of our AI providers under terms that limit them to processing your data only to provide their services to us and that prohibit them from using your content to train their own models.
These providers process data on our behalf as service providers and are not permitted to use your content for their own purposes. Their handling of data is also governed by their own terms and privacy policies.
7. Google API Services and Gmail — Limited Use
When you connect a Google account to send email, our access to and use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.
We request only the access needed for the features you use. Today, that means permission to send email on your behalf (we do not read, organize, or store the contents of your mailbox). If we later add features that read messages — for example, to track a company’s reply on a thread or find related messages for your case — we will request that permission separately, explain it, and use it only for that purpose with your consent.
We use Google user data only to provide and improve the user-facing features you request. We do not use it for advertising, we do not sell or transfer it, and we do not use or transfer it to train generalized or third-party AI/ML models.
We do not allow humans to read your Google user data except with your affirmative consent (for example, to debug a specific issue you report), where necessary for security or to comply with law, or in aggregated/anonymized form for internal operations.
You can disconnect your Google account or revoke our access at any time in your Account settings or at your Google Account permissions page (https://myaccount.google.com/permissions), and we will stop sending email on your behalf.
8. How We Disclose Information
We do not sell your personal information. We disclose personal information only as described below:
Service providers. We share information with vendors that perform services for us, under contracts that limit their use of the information to providing services to us. Our key service providers are:
| Provider | What it does for us | Information it receives |
| Google Cloud / Firebase (Google LLC) | Hosting, user authentication, database (Firestore), file storage, and underlying infrastructure | Account data, case content, uploaded files, usage and log data |
| Google — Gemini (AI) | Transcribing voice, reading images/PDFs, and generating drafts and analysis | Complaint text, transcripts, and content/text extracted from your uploads |
| Perplexity (AI research) | AI-assisted web research about the company and relevant policies/rules | Search queries and case-derived context (e.g., company name and issue details) |
| Google — Gmail API | Sending email as you, for messages you approve (only if you connect Gmail) | The content of messages you choose to send, and your authorization tokens |
| Resend | Sending account and transactional emails to you | Your email address and the content of those emails |
| Mixpanel | Product analytics to understand and improve usage | Your account identifier and email, device/usage data, and product events |
| Stripe (only if/when paid features launch) | Payment processing | Billing and payment information you provide at checkout |
Legal, safety, and rights. We may disclose information if we believe in good faith that doing so is reasonably necessary to comply with a law, regulation, legal process, or governmental request; to enforce our Terms; to detect, prevent, or address fraud, security, or technical issues; or to protect the rights, property, or safety of our users, the public, or us.
Business transfers. If we are involved in a merger, acquisition, financing, reorganization, or sale of all or part of our assets, your information may be transferred as part of that transaction. We will continue to protect personal information consistent with this Privacy Policy and will notify you of any material change to how your information is handled.
With your direction. When you send a message through the Service, its contents go to the recipient you choose. When you connect a third-party account, information flows as needed to provide that feature.
9. No Sale of Data; No Targeted Advertising
We do not sell your personal information, and we do not “share” it for cross-context behavioral advertising, as those terms are defined under California and other U.S. state privacy laws. We do not serve third-party ads in the Service, and we have not sold or shared personal information in the preceding 12 months.
10. Cookies, Analytics, and Your Choices
We use a small number of cookies and similar technologies: (a) essential technologies (including browser local storage) that are necessary to sign you in and run the Service; and (b) analytics technologies provided by Mixpanel that help us understand how the Service is used so we can improve it. We do not use advertising or cross-site tracking cookies.
You can control cookies through your browser settings; blocking essential cookies may prevent the Service from working. Because we do not use the Service for targeted advertising, we treat recognized opt-out preference signals (such as Global Privacy Control) consistently with this policy. You can also limit analytics by contacting us at privacy@dealwithit.ai.
11. Data Retention
We keep personal information for as long as needed to provide the Service and for the purposes described in this Policy, then delete or de-identify it. In general:
Account information is retained while your account is active and is deleted from our active systems within 30 days after you delete your account, and from backups within an additional 90 days.
Case content (your descriptions, voice recordings and transcripts, uploaded files and extracted data, and generated drafts) and records of the messages you send are retained while your account is active so you can access your history; when you delete a case or your account, we remove them from our active systems within 30 days and from backups within an additional 90 days.
Gmail authorization tokens are retained until you disconnect your Google account or delete your account.
Trust-and-safety records — including limited records of complaints we declined to process and the associated submitter name and email — are retained for up to 12 months for security, abuse-prevention, and legal purposes, unless a longer period is needed for an ongoing investigation or to comply with law.
Analytics and log data are retained for up to 24 months.
De-identified and aggregated data, which can no longer reasonably be linked to you, may be retained indefinitely.
We may retain information longer where required to comply with legal obligations, resolve disputes, or enforce our agreements.
12. How We Protect Information
We implement administrative, technical, and organizational measures designed to protect personal information, including encryption of data in transit and at rest through our cloud provider, access controls and least-privilege practices, and database rules that deny client access by default so that sensitive records are accessible only to our backend systems. Your account is also protected by your sign-in credentials; please keep them confidential and sign out after use. No method of transmission or storage is completely secure, however, and we cannot guarantee absolute security. You use the Service at your own risk to the extent described in our Terms.
13. Your Privacy Rights and Choices
13.1 Choices available to everyone
Access and update: you can view and update your account information in the Service.
Delete: you can delete cases and your account in the Service, or ask us to do so at privacy@dealwithit.ai.
Email preferences: you can opt out of non-essential emails using the unsubscribe link or by contacting us; we may still send you essential account and service messages.
Disconnect Google/Gmail: you can revoke our access at any time as described in Section 7.
13.2 California residents (CCPA/CPRA)
If you are a California resident, you have the rights to know/access, delete, and correct your personal information; to opt out of the sale or sharing of personal information (we do not sell or share); to limit the use of sensitive personal information (we do not use it for purposes that trigger this right); and not to be discriminated against for exercising your rights. The categories of personal information we collect, their sources, and the categories of recipients are summarized below; we collect this information for the business purposes described in Section 5 and retain it as described in Section 11.
| Category (CCPA) | Examples | Sources | Disclosed to |
| Identifiers | Name, email, account ID, IP address | You; Google Sign-In; automatic | Cloud/auth, analytics, email, AI providers |
| Customer records | Contact details; legacy account credentials | You | Cloud/auth |
| Internet/network activity | Usage, log, and device data; product events | Automatic | Cloud, analytics |
| Audio/electronic information | Voice recordings and transcripts | You | Cloud, Gemini |
| Content and evidence you submit | Complaint text, uploaded files and extracted data (which you control and which may include other categories if you include them) | You | Cloud, AI providers; recipient you choose |
| Geolocation (approximate) | City/region inferred from IP | Automatic | Cloud, analytics |
| Commercial information (future) | Billing/transaction data if paid features launch | You | Stripe |
| Inferences | Case analysis we generate to help your matter | Created by us | Cloud, AI providers |
We do not use or disclose sensitive personal information for purposes other than those permitted under the CCPA (such as providing the Service you request and security). To exercise your rights, email privacy@dealwithit.ai or write to the address in Section 17. We will verify your request by confirming control of the email associated with your account or other reasonable means. You may use an authorized agent to submit a request on your behalf, subject to verification. We will not discriminate against you for exercising your rights. We do not offer financial incentives in exchange for the collection, sale, or sharing of personal information.
13.3 Residents of other U.S. states
Residents of states with comprehensive privacy laws (for example, Virginia, Colorado, Connecticut, Texas, and others) may have similar rights to access, correct, delete, and obtain a copy of their personal information, and to opt out of targeted advertising, sale, or certain profiling. We do not engage in those activities. To exercise any available rights, contact us at privacy@dealwithit.ai. You may appeal a decision by replying to our response.
13.4 California “Shine the Light”
We do not disclose personal information to third parties for their own direct-marketing purposes, so we have no information to provide under California Civil Code § 1798.83.
13.5 Where your information is processed; international users
The Service is operated in the United States, and we process and store information in the United States. The Service is currently intended for U.S. users; if you access it from outside the United States, you understand that your information will be processed in the United States, where data-protection laws may differ from those in your location. If we begin offering the Service to users in the European Economic Area or the United Kingdom, we will update this Policy to describe the legal bases for processing, international-transfer safeguards, and the additional rights available to those users.
14. Children’s Privacy
The Service is not directed to anyone under 18, and we do not knowingly collect personal information from anyone under 18. If you believe a person under 18 has provided us personal information, please contact us at privacy@dealwithit.ai and we will take steps to delete it.
15. Third-Party Links and Services
The Service may link to, or interoperate with, third-party websites and services that we do not control. This Privacy Policy does not apply to those third parties, and we are not responsible for their content or privacy practices. We encourage you to review the privacy policies of any third-party services you use.
16. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. If we make material changes, we will notify you by posting a prominent notice in the Service and/or by emailing the address associated with your account, and we will update the “Last Updated” date above. Material changes will take effect as stated in the notice; other changes take effect when posted. Your continued use of the Service after changes take effect means you accept the updated Policy.
17. Contact Us
If you have questions about this Privacy Policy or our privacy practices, or to exercise your rights, contact us at:
DealWithIt, Inc.
Attn: Privacy
1111B South Governors Ave, STE 81042f, Dover, Delaware 19904
Email: privacy@dealwithit.ai
© 2026 DealWithIt, Inc. · General & legal: support@dealwithit.ai · Privacy requests: privacy@dealwithit.ai