Privacy Policy

Effective date: March 8, 2025

Overview

Brokerlytics is built for M&A advisors handling some of the most confidential documents in business. We take that seriously. This policy explains exactly what happens to your data when you use our service — in plain language.

What We Collect

  • Account information — your name and email address, collected when you sign in via Google through Clerk.
  • Usage data — number of analyses run per month, stored in your account metadata to enforce plan limits.
  • Payment information — billing details handled entirely by Stripe. Brokerlytics never sees or stores your card number.

We do not collect or store your documents. LOI and IOI files you upload are never written to any Brokerlytics database or file system.

How Document Processing Works

Understanding our architecture is important for evaluating the privacy of your deal documents:

  1. Text extraction happens in your browser. When you upload a PDF, the text is extracted locally on your device using a JavaScript library (pdfjs). The raw PDF file is never transmitted to our servers.
  2. Only extracted text is sent to our API. The extracted plain text is sent over an encrypted HTTPS connection to our analysis endpoint, which is protected by authentication.
  3. Text is passed to Anthropic's API for analysis. We use Claude (by Anthropic) to extract deal terms from your document text. This means your document content is transmitted to Anthropic's infrastructure. See “Third-Party Services” below for details.
  4. Results are returned to you and nothing is stored. Once the analysis is complete and your Excel file is generated, all document content is discarded from memory. Nothing is written to disk or a database.

Third-Party Services

Anthropic (Claude API)

Document text is processed by Anthropic's Claude API. By default, Anthropic may retain API inputs and outputs for up to 30 days for safety monitoring purposes. We are in the process of establishing a Zero Data Retention (ZDR) agreement with Anthropic, which would mean no data is retained after the API call completes. We will update this policy when ZDR is confirmed.

For details on Anthropic's data practices, see anthropic.com/privacy.

Clerk (Authentication)

We use Clerk to manage user accounts and authentication. Your name, email, and session data are stored by Clerk. See clerk.com/privacy.

Stripe (Payments)

Subscription billing is handled by Stripe. Payment card data is stored and processed by Stripe and never touches Brokerlytics systems. See stripe.com/privacy.

Data Retention

  • Document content: Not retained by Brokerlytics. Processed in memory and discarded after each analysis.
  • Account data: Retained while your account is active. Deleted upon account closure.
  • Billing records: Retained as required by Stripe and applicable financial regulations.

Your Rights

You may request deletion of your account and associated data at any time by contacting us at privacy@brokerlytics.io.

Changes to This Policy

We will update this policy as our data practices evolve — particularly as we finalize our Zero Data Retention arrangement with Anthropic. Material changes will be communicated via email.

Contact

Questions about this policy: privacy@brokerlytics.io