Privacy Policy
This Privacy Policy describes how LetsApp™ (“Company”) collects, uses, processes, and discloses information in connection with QuoteLogic™, a Configure, Price, Quote (CPQ) software service provided by Company (the “Services”).
By accessing or using the Services, User acknowledges that they have read and understand this Privacy Policy.
1. Scope
This Privacy Policy applies to information collected through the Services, including:
- Account registration and authentication
- Use of the QuoteLogic™ web application
- Interactions with Company through the Services
This Privacy Policy does not apply to third-party websites, services, or applications that may be accessed through or integrated with the Services.
2. Information We Collect
2.1 Account and Authentication Information
We may collect:
- Name
- Email address
- Account identifiers
- Authentication identifiers provided by third-party identity providers
Authentication is currently provided through the third-party identity provider WorkOS.
2.2 User Content
We may process data submitted by Users, including:
- Pricing data
- Product configurations
- Quotes and related business data
- Contact or customer-related information
User Content is controlled by the User and processed solely to provide the Services.
User Content is currently stored and processed using the third-party backend and database provider Convex.
2.3 Usage and Technical Data
We may collect limited technical data such as:
- Device and browser type
- Log data and usage patterns
- Application performance data
- Error reports and diagnostic information
Usage analytics and monitoring are currently provided through third-party tools, PostHog and Sentry.
2.4 Payment Information
For paid Services, payment processing is currently provided through the third-party payment processor Stripe.
Company does not store full payment card information.
3. How We Use Information
We use information to:
- Provide, operate, and maintain the Services
- Authenticate Users and manage accounts
- Process transactions and subscriptions
- Improve functionality, performance, and user experience
- Monitor usage and detect security issues
- Comply with legal obligations
4. Device Storage and Offline Data
The Services may utilize local device storage to enable offline functionality and improve performance.
User acknowledges:
- Device storage may persist temporarily and may be cleared upon logout, session expiration, or device/browser actions
- Device storage is not controlled or secured by Company
- Device storage may be modified, accessed, or deleted outside the Services
Users are responsible for managing and securing data stored on their devices.
5. How We Share Information
We do not sell, rent, or trade User data.
We may share information in the following circumstances:
5.1 Service Providers
We share information with third-party service providers that support the operation of the Services.
These providers currently include:
- Convex, which provides backend infrastructure and database services
- WorkOS, which provides authentication and identity services
- Stripe, which provides payment processing services
- PostHog and Sentry, which provide analytics, monitoring, and application performance services
These providers process information on behalf of Company and are subject to their own privacy and security practices.
5.2 Legal Requirements
We may disclose information if required to:
- Comply with applicable law, regulation, or legal process
- Enforce the Terms of Service or this Privacy Policy
- Protect the rights, property, or safety of Company, Users, or others
5.3 Business Transfers
Information may be disclosed as part of a merger, acquisition, financing, or sale of assets.
In such cases, information may be transferred as part of the transaction, subject to applicable confidentiality obligations.
6. Data Security
Company implements commercially reasonable administrative, technical, and organizational safeguards designed to protect information processed through the Services.
These measures may include:
- Encryption of data in transit using industry-standard protocols
- Access controls designed to limit unauthorized access
- Monitoring and logging to support system integrity and security
However:
- No method of transmission or storage is completely secure
- Company cannot guarantee absolute security of information
Users are responsible for:
- Maintaining the confidentiality of their account credentials
- Securing their devices and access to the Services
- Implementing any additional safeguards required for their use case
7. Data Retention
Company retains information for as long as necessary to provide the Services and fulfill the purposes described in this Privacy Policy.
Retention periods may vary depending on:
- The type of information
- The nature of the Services provided
- Legal, accounting, or operational requirements
User Content may be retained:
- For the duration of the User’s account
- As required to maintain system integrity and functionality
- As required to comply with legal obligations
User Content may be deleted:
- Upon account termination
- Following periods of inactivity
- Due to system limitations, storage constraints, or operational requirements
Company is not obligated to retain User Content for any specific period unless explicitly agreed in writing.
Retention terms for certain enterprise customers may be defined in a separate written agreement, such as a Master Services Agreement (MSA) or similar agreement.
Users are responsible for exporting or retaining any data they wish to preserve.
8. User Responsibilities
Users are responsible for:
- The accuracy, completeness, and legality of User Content
- Ensuring that any personal data submitted to the Services is collected and used in compliance with applicable laws and regulations
- Implementing appropriate safeguards for any sensitive or regulated data
- Managing access to accounts and controlling who can view or modify data within the Services
Company does not control the content submitted by Users and is not responsible for how Users collect, use, or share data through the Services.
9. International Data Transfers
The Services may be operated using infrastructure located in the United States or other jurisdictions.
As a result, information may be transferred to, stored, and processed in locations outside of the User’s country or jurisdiction, which may have different data protection laws.
By using the Services, User acknowledges and consents to such transfers, storage, and processing of information.
10. Children’s Privacy
The Services are not intended for individuals under the age of 18.
Company does not knowingly collect personal data from children. If Company becomes aware that personal data from a child has been collected, Company will take reasonable steps to delete such information.
11. Third-Party Services
The Services rely on third-party providers to support functionality, including authentication, infrastructure, analytics, and payment processing.
These providers currently include:
- Convex (backend infrastructure and database services)
- WorkOS (authentication and identity services)
- Stripe (payment processing)
- PostHog and Sentry (analytics, monitoring, and performance tools)
These third-party providers operate independently and have their own privacy policies and practices.
Company is not responsible for the privacy practices, security, or performance of third-party services. Users are encouraged to review the privacy policies of these providers.
12. Changes to This Privacy Policy
Company may update this Privacy Policy from time to time.
- Updated versions will be posted with a revised “Last Updated” date
- Changes will become effective upon posting, unless otherwise stated
- Company may, but is not obligated to, provide notice of material changes via email, in-app notification, or other reasonable means
User’s continued use of the Services after the effective date of the updated Privacy Policy constitutes acceptance of the changes.
13. Contact Information
If you have questions about this Privacy Policy, please contact LetsApp™ via our contact form.