Privacy Policy

Supplement Tool LLC ("Company," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and software service at www.supplementtool.com (the "Service"). Please read this policy carefully. If you disagree with its terms, please discontinue use of the Service.

1. Information We Collect

Information you provide directly:

• Account information: name, email address, and authentication data when you sign in via Manus OAuth.
• Form inputs: vehicle details, claim numbers, insurance company names, adjuster names, damage descriptions, property addresses, and other information you enter to generate supplement letters.
• Payment information: billing details processed securely by Stripe. We do not store full card numbers or CVV codes on our servers.
• Communications: messages you send to our support email.

Information collected automatically:

• Usage data: pages visited, features used, letter generation events, timestamps, and session duration.
• Device and browser data: IP address, browser type and version, operating system, referring URLs, and device identifiers.
• Cookies and similar technologies: session cookies required for authentication and functionality. We do not use third-party advertising cookies.

2. How We Use Your Information

We use the information we collect to:

• Provide, operate, and improve the Service.
• Generate AI-assisted supplement letters and documents based on your inputs.
• Process payments and manage your subscription.
• Send transactional emails (e.g., subscription confirmations, account notices).
• Respond to your support requests and communications.
• Monitor usage patterns to improve product features and performance.
• Detect, investigate, and prevent fraudulent or unauthorized activity.
• Comply with legal obligations.

We do not sell your personal information to third parties. We do not use your claim data or damage descriptions to train AI models without your explicit consent.

3. How We Share Your Information

We may share your information with:

• Service providers: third-party vendors who assist us in operating the Service, including cloud hosting (database and storage), payment processing (Stripe), and AI inference providers. These providers are contractually obligated to protect your data and may only use it to provide services to us.
• Legal compliance: we may disclose your information if required by law, court order, or governmental authority, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
• Business transfers: in the event of a merger, acquisition, or sale of all or substantially all of our assets, your information may be transferred as part of that transaction. We will notify you via email or prominent notice on the Service before your information becomes subject to a different privacy policy.

4. Data Retention

We retain your account information and usage data for as long as your account is active or as needed to provide the Service. If you delete your account, we will delete or anonymize your personal data within 90 days, except where we are required to retain it for legal, tax, or compliance purposes. Generated letter content may be retained in anonymized form for service improvement purposes.

5. Data Security

We implement industry-standard security measures to protect your information, including TLS encryption for data in transit, encrypted storage for sensitive data at rest, access controls limiting employee access to personal data, and regular security reviews. However, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security.

6. Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal data:

• Access: request a copy of the personal data we hold about you.
• Correction: request that we correct inaccurate or incomplete data.
• Deletion: request that we delete your personal data, subject to legal retention requirements.
• Portability: request your data in a structured, machine-readable format.
• Opt-out of marketing: unsubscribe from marketing emails at any time using the link in any email we send.

To exercise any of these rights, please contact us at [email protected]. We will respond within 30 days.

7. Cookies

We use essential session cookies required for authentication and to keep you logged in. We do not use advertising or tracking cookies from third parties. You may disable cookies in your browser settings, but doing so may prevent you from using certain features of the Service that require authentication.

8. Children's Privacy

The Service is not directed to children under the age of 13, and we do not knowingly collect personal information from children under 13. If we learn that we have collected personal information from a child under 13, we will delete that information promptly. If you believe we may have collected information from a child under 13, please contact us at [email protected].

9. Third-Party Links

The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of those third parties. We encourage you to review the privacy policies of any third-party sites you visit.

10. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect, use, and share; the right to delete your personal information; and the right to opt out of the sale of your personal information. We do not sell personal information. To exercise your CCPA rights, contact us at [email protected].

11. International Users

The Service is operated from the United States. If you are accessing the Service from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your country. By using the Service, you consent to this transfer.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last Updated" date. We encourage you to review this policy periodically. Your continued use of the Service after any changes constitutes your acceptance of the revised policy.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy, please contact us at: