Underwrote.AI (“we,” “us,” or “Underwrote”) operates the platform at underwrote.ai. This Privacy Policy explains what information we collect, how we use it, and your rights regarding your data.
When you sign up, we collect your name, email address, and optionally your company and phone number. This is stored in our Supabase Postgres database.
Deals you create, edit, and save are stored on our servers under your user account. This includes wizard inputs, generated proforma outputs, IC memos, and any documents you upload.
When you upload a document — an offering memorandum (OM), STR Report, Kalibri Report, Operating P&L, or proforma xlsx — the file is stored privately in Supabase Storage scoped to your user account. We extract structured data from the document via the Anthropic API (see Section 3), and the extracted data is attached to the deal you uploaded it for.
You can delete uploaded documents from the Source Files panel on any deal. Deleted files are recoverable for 30 days, after which they’re permanently removed by an automated sweep.
Payment information is processed by Stripe and never touches our servers. We store the Stripe customer ID and subscription state (active, trialing, canceled) so we can grant or revoke Pro features.
We collect server logs (request paths, timestamps, error stack traces) for security and reliability. Errors are sent to Sentry for debugging — Sentry receives stack traces and environment metadata, never the contents of your deals or uploaded documents.
We do not sell your data. We do not use your deal data or uploaded documents to train AI models — neither ours nor third parties’.
When you upload a document, we send it to the Anthropic API for structured extraction. Anthropic processes the document content according to its Privacy Policy and Commercial Terms of Service. As of this Privacy Policy’s effective date, Anthropic does not train models on commercial-tier API inputs and outputs by default.
IC memo generation, when you click the Generate button on a deal, sends the proforma output (numerical results) plus optional comp-set + historical data to the Anthropic API, which produces the narrative sections. Numerical values in the memo always come from your proforma engine output, never from the model.
We log per-call usage (token counts, durations) for cost accounting. We do not log document contents or generated memo text beyond what is stored on the deal record itself.
We share your data only with vendors that operate the platform:
Each vendor has its own privacy policy. We do not share your data with advertisers, data brokers, or marketing-analytics services.
If you create an MCP token (Settings → Integrations) to connect Claude or another MCP-compatible client to your workspace, that client gains read-only access to the resources the token’s scopes permit (deals, comparables, underwriting defaults, audit history). Tokens are bcrypt-hashed at rest; revoke at any time from Settings → Integrations. Anthropic does not receive your data unless you explicitly query it via Claude.
Captured outcomes (closed deals, killed deals, T12 actuals) stay within your workspace. Cross-workspace aggregation (industry calibration benchmarks) is not active in this release; it requires explicit opt-in via a future feature and will not happen without your direct consent.
Workspace activity (deal mutations, exports, MCP tool calls) is logged to an audit trail and retained for 7 years per hospitality investment industry record-keeping norms. See _handoff/data-retention.md in our internal documentation for the full retention matrix.
When a broker (broker-mode user) sends a listing handoff to a sponsor email, that listing’s data is delivered to the recipient. The sender is responsible for ensuring they have authorization to share that data. Recipients can decline a handoff without accepting any data into their workspace.
You can export, edit, or delete your deal data at any time from within the application. To delete your entire account and all associated data, email support@underwrote.ai and we will process the request within 14 days.
Residents of California, the EU, and other jurisdictions with statutory data rights can request access, correction, or deletion via the same email. We will respond within the timelines required by applicable law.
You can cancel your Pro subscription at any time through the Customer Portal accessible from your account screen. Cancellations take effect at the end of the current billing period; you retain Pro access until that date.
After cancellation your account stays active on the Lite tier. Your saved deals, uploaded documents, and IC memos remain on your account. Re-subscribe at any time to restore Pro features.
We use industry-standard practices: TLS for all traffic, RLS (row-level security) for database access, signed webhooks from Stripe, environment-isolated secrets, and automated daily Supabase backups. We do not guarantee against all forms of attack — no service can — but we treat security incidents as critical and notify affected users without delay.
We may update this Privacy Policy. Material changes will be announced via email to active users at least 14 days before they take effect. The “Effective” date at the top of this page always reflects the most recent version.
Questions about this policy or your data: support@underwrote.ai.