Privacy Policy
Effective May 24, 2026
The short version. We collect only the information needed to run Dossie. We store your dossiers and documents in encrypted cloud storage. We do not sell your data. We do not share it with marketers or affiliates. AI features are powered by Anthropic, and your data is not used to train their models. You can export or delete your data anytime by emailing us.
1. Who we are
References to "Dossie", "we", "us", and "our" refer to the operator of the Service. This Policy describes how we handle information collected through the Dossie websites and workspace at meetdossie.com (the "Service"). Questions or privacy requests? Email info@meetdossie.com.
2. Information we collect
- Account information. Name, email address, phone number, brokerage, market area, and role, provided when you sign up or update your profile.
- Authentication data. Sessions and tokens issued by our authentication provider (Supabase). We do not store passwords in plaintext — Supabase handles password hashing.
- Transaction (dossier) data you enter. Property details, contract dates, party names and contact information, deal notes, checklist progress, and email drafts you create inside the workspace.
- Documents you upload. Contracts, addenda, and supporting files. These are stored in private cloud storage and accessible only to your account.
- Usage data. Login times, feature usage, IP address, browser type, timestamps, and basic event logs — used to operate the Service, prevent abuse, and debug issues.
- Payment information. If you subscribe, billing is handled by Stripe. We receive your subscription status, name, email, and the last four digits of your card from Stripe — we do not store full card numbers.
3. How we use information
- To provide, maintain, and improve the Service.
- To authenticate you and keep your account secure.
- To process payments and manage your subscription.
- To send transactional notifications (sign-in links, deadline reminders, billing receipts, account notices). We do not send marketing emails without your consent.
- To respond to support requests.
- To comply with legal obligations and enforce our Terms.
4. AI processing disclosure
Several Dossie features (chat, drafting, contract data extraction, summaries) use third-party large language models — primarily Anthropic's Claude API. When you use one of these features, the relevant content (such as the text of a contract or your chat message) is sent to Anthropic for processing under their API terms.
Your data is not used to train Anthropic's models. Anthropic's API terms prohibit training on customer inputs and outputs, and Anthropic does not retain your inputs beyond the time needed to return a response (subject to limited abuse-detection windows defined in their terms).
We do not use customer data to train any of our own models. If we ever begin doing so in the future, we will obtain your explicit opt-in consent before any such use.
5. Who we share data with (subprocessors)
We share information only with vetted service providers ("subprocessors") who help us run the Service, under contracts that require them to handle data confidentially. The current list:
| Provider | Purpose | Data processed |
|---|---|---|
| Supabase | Database, authentication, file storage | All account, dossier, and document data |
| Anthropic | AI text generation (Claude API) | Chat messages, dossier context, generated drafts |
| Resend | Transactional email | Recipient email + content of system emails |
| Stripe | Payment processing | Billing info, card last 4, name, email |
| Vercel | Web hosting + serverless functions | Server logs, IP addresses |
| ElevenLabs | Voice synthesis (Morning Brief, voice features) | Text being synthesized (no PII typically) |
| Creatomate | Marketing video rendering | Marketing media only — no customer data |
| HCTI | Marketing card image rendering | Marketing card content only — no customer data |
| Pexels | Stock video assets | None — we only fetch public assets |
We do NOT sell customer data. We do NOT share data with marketers, advertisers, or affiliates. We may disclose information when required by law (subpoena, court order) or to protect the rights, safety, or property of Dossie, our users, or the public.
6. Data retention
We retain your account, dossier, and document data for as long as your subscription is active. After cancellation we retain your data for 90 days to allow easy reactivation, then permanently delete it — except for limited records we are required to keep for tax, billing, or legal purposes (such as Stripe invoices). You may request earlier deletion at any time by emailing info@meetdossie.com.
7. Your rights
- Access. You can request a copy of the personal data associated with your account.
- Correction. Most data fields are editable directly in the workspace. For anything you can't edit yourself, email us.
- Deletion. You can request deletion of your account and associated data at any time. We will delete or anonymize your data within 30 days, except where we are required to retain records for legal or accounting reasons.
- Portability. You can request your data in a portable format.
- Marketing opt-out. Any marketing emails we send (if you've opted in) include an unsubscribe link.
If you are a California resident, you have rights under the CCPA — including the right to opt out of any "sale" of personal information, though as noted above we do not sell personal information. If you are in the EEA or UK, you have rights under the GDPR/UK GDPR including access, rectification, erasure, restriction of processing, data portability, and objection. To exercise any of these rights, email info@meetdossie.com.
8. Security
We use industry-standard safeguards: TLS in transit, encrypted storage at rest, scoped database access via row-level security, and least-privilege service-role keys held only on our servers. No system is perfectly secure — please use a strong, unique password and notify us immediately at info@meetdossie.com if you believe your account has been compromised.
9. Children
Dossie is a professional tool for licensed real estate agents and transaction coordinators. The Service is not directed to children under 18 and we do not knowingly collect information from anyone under 18. If you believe a child has provided us information, contact info@meetdossie.com and we will delete it.
10. Changes to this policy
We may update this Privacy Policy from time to time. Material changes will be announced by email or in the workspace at least 14 days before they take effect. The "Effective" date at the top reflects the most recent revision.
11. Contact
Privacy questions or requests? Email info@meetdossie.com.