dealcruxSign in

Privacy Policy

Last updated: 4 March 2026

1. Introduction

DealCrux ("we", "us", or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and share your information when you use the DealCrux service ("Service").

2. Information We Collect

Account Information

When you sign in via Google or Microsoft, we receive your name, email address, and profile picture from the authentication provider. We use this to create and manage your account.

Data You Provide

This includes deal information, contact details, company records, notes, and any other data you enter into the Service. You control what data you input, and it remains yours.

Usage Data

We automatically collect information about how you interact with the Service, including pages visited, features used, browser type, device type, IP address, and approximate geographic location. We use PostHog for product analytics to understand and improve the Service.

Payment Information

Payment processing is handled by Stripe. We do not store your credit card details on our servers. Stripe's use of your data is governed by their privacy policy.

3. How We Use Your Information

We use your information to:

  • Provide, operate, and maintain the Service
  • Authenticate your identity and manage your account
  • Process billing and subscription management
  • Communicate with you about the Service (e.g. support, updates, and security notices)
  • Analyse usage patterns to improve features and user experience
  • Detect, prevent, and address technical issues or abuse
  • Comply with legal obligations

4. Data Sharing & Third Parties

We do not sell your personal data. We share data only with the following categories of third parties, as necessary to operate the Service:

  • Authentication providers (Google, Microsoft) — to verify your identity
  • Payment processor (Stripe) — to handle billing
  • Hosting & infrastructure (Vercel, Neon) — to host and run the Service
  • Analytics (PostHog) — to understand usage and improve the Service

We may also disclose information if required by law, regulation, or legal process, or to protect the rights, property, or safety of DealCrux, our users, or the public.

5. Data Storage & Security

Your data is stored in secure, encrypted databases. We use industry-standard security measures including encryption in transit (TLS), encryption at rest, and secure authentication to protect your data. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

Our databases are hosted in the EU. Data may be processed in other regions where our infrastructure providers operate, subject to appropriate data protection safeguards.

6. Data Retention

We retain your account data for as long as your account is active. If you delete your account, we will delete your personal data and user-generated content within 30 days, except where retention is required by law (e.g. billing records).

Usage analytics data is retained in aggregated, anonymised form and is not subject to deletion requests.

7. Your Rights

Depending on your location, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Export your data in a portable format
  • Object to or restrict certain processing of your data
  • Withdraw consent where processing is based on consent

To exercise any of these rights, contact us at hello@dealcrux.com. We will respond within 30 days.

8. Cookies & Tracking

We use essential cookies to maintain your session and authentication state. These are strictly necessary for the Service to function and cannot be disabled.

We use PostHog for product analytics, which may use cookies or similar technologies to track usage patterns. You can opt out of analytics tracking by using browser extensions that block tracking scripts (e.g. ad blockers).

9. Children's Privacy

The Service is not directed at children under 18. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it.

10. International Data Transfers

If you access the Service from outside the region where our servers are located, your data may be transferred across borders. We ensure appropriate safeguards are in place for such transfers, including standard contractual clauses where applicable.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. We encourage you to review this page periodically.

12. Contact

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at hello@dealcrux.com.