Legal

Privacy Policy

Effective Date: January 1, 2026 · Last Updated: January 1, 2026

Prickly Cactus Software, a sole proprietorship ("we," "us," or "our"), develops software applications for professionals. This Privacy Policy explains how we collect, use, disclose, and safeguard your information across all our applications and services.

1. Scope

This Privacy Policy applies to all applications and services provided by Prickly Cactus Software, including but not limited to:

  • Pro Cohere – Professional relationship management
  • Any future applications we develop
  • Our websites and online services

2. Information We Collect

2.1 Account Information

When you create an account with any of our applications, we collect:

  • Email address
  • Display name
  • Password (securely hashed, never stored in plain text)
  • Profile photo (optional)

2.2 Application Data

Data you create within our applications is stored locally on your device by default. This may include:

  • Records, notes, and documents you create
  • Settings and preferences
  • Any other content you enter
Important: Your local data stays on your computer unless you use optional cloud backup or sync features, connect to a shared database, or use AI-powered features that require processing your queries.

2.3 Subscription and Billing Information

For paid subscriptions, payment processing is handled by Stripe. We store:

  • Subscription status and plan type
  • Billing history, including dates and amounts

We do not store your credit card number. Stripe handles all payment details securely.

2.4 Usage Analytics

With your consent, we may collect anonymous usage analytics, including:

  • Feature usage patterns
  • Error reports and crash logs
  • Performance metrics

You can disable analytics in each application's settings.

2.5 AI Feature Data Processing

When you use AI-powered features in our applications:

  • Your queries and relevant context may be sent to third-party AI providers
  • AI providers process your request and return a response
  • We do not store your AI conversations on our servers
  • AI providers may retain data in accordance with their own privacy policies

3. How We Use Your Information

We use your information to:

  • Provide and maintain application functionality
  • Authenticate your account
  • Process subscription payments
  • Send important service notifications
  • Provide AI-powered assistance, where available
  • Improve our products using anonymous analytics, if enabled
  • Respond to support requests
  • Comply with legal obligations

4. How We Protect Your Information

4.1 Local Data Security

  • Application data is stored locally in your user profile folder
  • Sensitive credentials are encrypted using the Windows Data Protection API
  • Passwords are hashed using industry-standard algorithms

4.2 Network Security

  • All communication with our servers uses HTTPS and TLS encryption
  • Authentication tokens are stored securely and expire regularly
  • We use industry-standard cloud providers for authentication services

4.3 Third-Party Security

  • Payment processing is handled by Stripe, which is PCI DSS compliant
  • AI providers maintain their own security standards
  • We share only the minimum data necessary with third parties

5. Data Sharing and Disclosure

We do not sell your personal information. We may share data only as follows:

Stripe Payment processing Email address and subscription details
AI providers AI feature processing Query text and relevant context
Authentication providers Authentication Email address and hashed credentials
Law enforcement Legal compliance Data as required by law

5.1 AI Provider Data Handling

AI features may be processed by providers, including:

  • Google (Gemini), subject to Google's Privacy Policy
  • OpenAI, subject to OpenAI's Privacy Policy
  • Anthropic, subject to Anthropic's Privacy Policy

You may be able to choose your preferred AI provider in application settings.

6. Data Retention

  • Account information is retained until you delete your account
  • Local application data is retained indefinitely under your control
  • Subscription records are retained for seven years to meet tax and legal requirements
  • Support tickets are retained for three years
  • Anonymous analytics data is retained for two years

7. Your Rights and Choices

7.1 Access and Portability

  • You may export your data from within each application
  • You may request a copy of your account data by contacting support

7.2 Correction

  • You may edit your data directly within our applications
  • You may update account information in application settings

7.3 Deletion

  • You may delete individual records within applications
  • You may delete your account through application settings
  • You may request complete data deletion by contacting support

7.4 Opt-Out Options

  • You may disable anonymous analytics in application settings
  • You may disable AI features if you prefer not to use third-party AI processing

8. Children's Privacy

Our applications are designed for business professionals and are not intended for children under the age of 16. We do not knowingly collect personal information from children under 16. If you believe a child has provided us with personal information, please contact us.

9. International Data Transfers

Your data may be processed in:

  • The United States, where our servers and primary operations are located
  • The European Union through certain cloud services
  • Other regions based on third-party provider infrastructure

We ensure appropriate safeguards for international data transfers, including the use of Standard Contractual Clauses where applicable.

10. California Privacy Rights (CCPA)

California residents have additional rights, including:

  • The right to know what personal data is collected
  • The right to request deletion of personal information
  • The right to opt out of the sale of personal information (we do not sell personal data)
  • The right to non-discrimination for exercising privacy rights

To exercise these rights, contact service@pricklycactus.com.

11. European Privacy Rights (GDPR)

Residents of the European Union and European Economic Area have additional rights, including:

  • The right to access personal data
  • The right to correct inaccurate data
  • The right to request deletion of data
  • The right to data portability
  • The right to object to certain processing activities
  • The right to withdraw consent at any time

Our legal basis for processing personal data includes contract performance, legitimate interests in improving our products, and user consent for optional analytics and AI features.

12. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes by:

  • Posting an updated policy with a new "Last Updated" date
  • Sending email notifications for significant changes
  • Displaying in-application notices where applicable

13. Contact Us

For privacy questions or to exercise your rights:

Prickly Cactus Software, a sole proprietorship
United States

Summary

  • Your data location: Stored locally on your device by default
  • What we collect: Email address, name, subscription status
  • Payment information: Handled by Stripe and not stored by us
  • AI queries: Sent to AI providers and not stored by us
  • Data selling: We do not sell personal information
  • Your control: You may export, edit, or delete your data at any time

Questions? Contact service@pricklycactus.com