Last updated: February 8, 2026
This Privacy Policy describes how Nautis (PitchWitch Ventures LLC) ("we", "us", or "our") collects, uses, and protects your personal information when you use our platform.
1. Information We Collect
Information You Provide
| Category | Details |
|---|---|
| Account Information | Name, email address, password, phone number, designation |
| Organization Data | Company name, team member details, roles |
| Content | Messages, documents, files, forms, and other content you create |
| Payment Information | Billing details processed securely through Stripe |
Information Collected Automatically
| Category | Details |
|---|---|
| Usage Data | Pages visited, features used, interaction timestamps |
| Device Information | Browser type, operating system, IP address |
| Cookies | As described in our Cookie Policy |
2. How We Use Your Information
- Providing and maintaining the platform
- Processing transactions and sending related information
- Sending administrative notifications (security alerts, service updates)
- Responding to support requests
- Improving and personalizing the platform
- With your consent, sending marketing communications
3. Legal Basis for Processing (GDPR)
We process your data based on:
| Legal Basis | Description | Article |
|---|---|---|
| Contract Performance | Processing necessary to provide our services | Art. 6(1)(b) |
| Legitimate Interests | Security, fraud prevention, platform improvement | Art. 6(1)(f) |
| Consent | Marketing emails, analytics cookies | Art. 6(1)(a) |
| Legal Obligation | Tax records, regulatory compliance | Art. 6(1)(c) |
4. Data Sharing
We share your data only with:
| Category | Provider(s) | Data Shared |
|---|---|---|
| Payments | Stripe | Email, billing information |
| File Storage | AWS S3 | Uploaded files |
| AI Features | OpenAI, Anthropic, Google Gemini | Individual prompts only (no bulk data) |
| Analytics | Google Analytics | Usage data (with your consent) |
| Error Monitoring | Sentry | Anonymized error context |
We never sell your personal data to third parties.
5. Data Retention
| Data Type | Retention Period |
|---|---|
| Account Data | Retained while active, deleted within 30 days of account deletion |
| Audit Logs | IP addresses anonymized after 90 days, logs deleted after 3 years |
| Chat Messages | Retained while your account is active |
| Payment Records | Retained for 7 years per tax regulations |
| Data Exports | Available for 7 days after generation |
6. Your Rights
Under GDPR and applicable data protection laws, you have the right to:
| Right | Description |
|---|---|
| Access | Request a copy of your personal data |
| Rectification | Update or correct your data via your account settings |
| Erasure | Request deletion of your account and data |
| Portability | Export your data in machine-readable format (JSON/CSV) |
| Restrict Processing | Request limitation of processing |
| Object | Object to processing based on legitimate interests |
| Withdraw Consent | Withdraw previously given consent at any time |
7. Cookies
We use cookies as described in our Cookie Policy. You can manage your cookie preferences at any time through the cookie settings banner.
8. Security
We protect your data with:
| Measure | Details |
|---|---|
| Encryption at Rest | AES-256-GCM encryption for sensitive data |
| Password Hashing | bcrypt with appropriate cost factors |
| Two-Factor Authentication | TOTP-based 2FA with backup codes |
| Access Controls | Role-based access controls (RBAC) |
| Monitoring | Regular security audits and monitoring |
| Encryption in Transit | TLS/SSL encryption for all connections |
9. International Transfers
Your data may be processed in countries outside the European Economic Area. We ensure adequate protection through Standard Contractual Clauses or equivalent safeguards.
10. Changes to This Policy
We may update this policy from time to time. We will notify you of significant changes by email or through the platform.
11. Contact Us
For privacy inquiries or to exercise your rights:
Email: privacy@getnautis.com
Data Protection Officer: dpo@getnautis.com