Privacy draft placeholder

Privacy placeholder for ProcessPrism

This privacy page is MVP planning copy for ProcessPrism data flows. It is not a final legal policy and must be reviewed against the real production stack before public paid launch.

Legal review required

Draft placeholder notice

MVP planning copy only: this page is a draft placeholder and requires legal review before production use, public paid launch, app-store submission, or customer contract reliance.

MVP scope

Placeholder coverage for launch planning

These sections identify the issues the final reviewed documents need to cover. They deliberately avoid attorney-like finality.

Current status

  • This is an MVP draft placeholder, not a final privacy policy or legal notice.
  • Qualified legal review is required before production/public paid launch.
  • The final policy must be checked against actual production vendors, data flows, retention settings, and support workflows.

Contact and lead capture data

  • ProcessPrism contact and corporate-demo paths may collect name, work email, company or organization, role/title, industry or segment, interest type, approximate team size, message text, consent-to-contact status, source page, and operational intake metadata.
  • Lead data is treated as private business-development context. Free-text messages should not include customer plant records, inspection files, passwords, payment details, or other sensitive information.
  • Lead capture currently supports validation and a persistence-ready backend path; CRM, email delivery, and long-term retention rules still require launch review.

Account, auth, and learning data

  • Future account flows may collect authentication identifiers such as email address, name, company, role/title, session metadata, entitlement state, organization membership, and learning progress.
  • Learning progress should be visible only to the learner, authorized organization administrators, and Quantum operators who need it for support or product operations.
  • ProcessPrism MVP is not intended to collect customer plant records, inspection reports, CML/TML data, or facility-specific operating data.

Billing data

  • Planned billing uses Stripe-hosted checkout and billing surfaces so ProcessPrism does not handle card numbers, CVV, or raw payment credentials.
  • ProcessPrism may store Stripe customer, checkout, subscription, invoice, entitlement, and webhook metadata needed to provide access and support billing questions.
  • Payment, refund, subscription, tax, and receipt wording remains placeholder copy until the billing launch path is legally and operationally reviewed.

Analytics and event tracking

  • The current analytics foundation is vendor-free by default and drops events unless explicitly enabled.
  • Allowed analytics events are designed around page paths, CTA labels, module keys, route states, access states, and guided-tour progress, not raw PII.
  • Future analytics vendors, cross-device identifiers, advertising pixels, or externally sent events require privacy review and updated disclosure before launch.

Cookies and local storage

  • ProcessPrism may use browser storage for sessions, runtime preferences, local progress placeholders, diagnostics, or analytics controls where relevant.
  • Non-essential cookies, analytics storage, or marketing pixels should not be enabled broadly until consent and disclosure requirements are reviewed.
  • This placeholder does not implement a cookie consent banner or production consent-management workflow.

User rights and deletion requests

  • Users should have a support path to request access, correction, export, or deletion of account, lead, and learning data where applicable.
  • For MVP, deletion/export may be a manual verified support process rather than self-service.
  • Retention windows, identity verification steps, legal holds, backup deletion behavior, and CRM deletion behavior must be finalized before production launch.