Privacy Policy

Last updated: 3/2/2026

1. Introduction

Whitepaper ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service at whitepaperapp.com ("the Service").

By using the Service, you consent to the data practices described in this policy. If you do not agree with the data practices described in this Privacy Policy, you should not use the Service.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address, password, and team affiliation
  • Profile Information: Professional details you choose to add to your profile
  • Content: Engineering calculations, documents, notes, and any other content you create or upload
  • Payment Information: Billing details processed through our payment processor (Stripe)
  • Communications: Information you provide when contacting support or providing feedback

2.2 Information Automatically Collected

  • Usage Data: Features used, pages visited, time spent on pages, and interaction patterns
  • Device Information: Browser type, operating system, device type, and screen resolution
  • IP Address: For security, fraud prevention, and geographic analytics
  • Cookies and Similar Technologies: Session cookies for authentication and preferences
  • Activity Logs: Actions performed within the application for audit trails

3. How We Use Your Information

We use the collected information for the following purposes:

  • Providing, maintaining, and improving the Service
  • Creating and managing your account
  • Processing transactions and sending billing information
  • Enabling collaboration features within teams
  • Sending service-related emails (password resets, product updates)
  • Responding to support requests and customer service inquiries
  • Monitoring and analyzing usage patterns to improve user experience
  • Detecting, preventing, and addressing technical issues
  • Protecting against fraudulent or illegal activities
  • Complying with legal obligations

4. Data Privacy and Visibility

4.1 Your Content is Private

We do not access, view, or review your engineering calculations, documents, or any content you create within the Service. Your application data is private and we maintain strict policies against accessing user content. Access to your content is limited to you and authorized members of your team.

4.2 Our Privacy Commitment

We are committed to protecting your privacy. We do not monitor, analyze, or review your content. Technical access to databases is strictly limited to essential maintenance and is governed by strict access controls and audit logs. We will only access user content if legally required to do so by valid legal process, and in such cases, we will notify you unless legally prohibited from doing so.

4.3 Within Your Team

Content you create within a team workspace may be accessible to other team members based on permissions set by team administrators. This is the only sharing that occurs with your content.

5. How We Share Your Information

We do not sell, trade, or rent your personal information. We may share limited information (excluding your content) in the following situations:

5.1 Service Providers

We work with third-party service providers to help us operate the Service:

  • Stripe: Payment processing
  • Cloud Infrastructure: Data hosting and storage
  • Analytics Services: Usage analytics (anonymized data only)
  • Email Services: Transactional email delivery

5.2 Legal Requirements

We may disclose your information if required by law, court order, or governmental authority, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred. We will provide notice before your information becomes subject to a different privacy policy.

6. Data Security

We implement appropriate technical and organizational security measures to protect your personal information:

  • Encryption of data in transit using TLS/SSL
  • Encryption of sensitive data at rest
  • Regular security audits and vulnerability assessments
  • Access controls and authentication mechanisms
  • Regular backups to prevent data loss
  • Employee training on data protection practices

While we strive to protect your information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security.

7. Data Retention

We retain your personal information for as long as necessary to provide the Service and fulfill the purposes described in this Privacy Policy. Specifically:

  • Account information is retained until you delete your account
  • Content you create is retained until you or your team administrator deletes it
  • Activity logs are retained for 12 months for security and audit purposes
  • Billing records are retained as required by applicable tax laws
  • After account deletion, we may retain anonymized data for analytics

8. Your Rights and Choices

8.1 Access and Correction

You can access and update your account information through your account settings. For other information, contact us at [email protected].

8.2 Data Portability

You can export your content at any time through the Service's export features. We provide data in commonly used formats for easy portability.

8.3 Account Deletion

You can request account deletion by contacting support. Upon deletion, your personal information will be removed from our active databases, subject to retention requirements.

8.4 Communications

You can opt out of promotional emails through the unsubscribe link in those emails. Service-related emails (security alerts, billing) cannot be opted out of while you maintain an account.

8.5 Cookies

You can control cookies through your browser settings. Note that disabling cookies may affect the functionality of the Service.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. By using the Service, you consent to such transfers.

We ensure appropriate safeguards are in place to protect your information when it is transferred internationally, including standard contractual clauses where required.

10. Children's Privacy

The Service is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will take steps to delete such information.

11. Canadian Privacy Rights

If you are a Canadian resident, you have specific rights under Canadian privacy laws, including the Personal Information Protection and Electronic Documents Act (PIPEDA). These rights include:

  • The right to know what personal information we have about you
  • The right to request correction of inaccurate information
  • The right to know how we use and disclose your information
  • The right to withdraw consent for certain uses of your information
  • The right to complain to the Privacy Commissioner of Canada

12. California Privacy Rights

If you are a California resident, you may have additional rights under the California Consumer Privacy Act (CCPA), including:

  • The right to know what personal information we collect, use, and disclose
  • The right to request deletion of your personal information
  • The right to opt-out of the sale of personal information (we do not sell your information)
  • The right to non-discrimination for exercising your privacy rights

13. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR):

  • The right to access your personal data
  • The right to rectification of inaccurate data
  • The right to erasure ("right to be forgotten")
  • The right to restrict processing
  • The right to data portability
  • The right to object to processing
  • The right to lodge a complaint with a supervisory authority

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. For significant changes, we will provide additional notice via email.

Your continued use of the Service after changes become effective constitutes acceptance of the revised Privacy Policy.

15. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Whitepaper

Email: [email protected]

Data Protection Officer: [email protected]

For privacy complaints that cannot be resolved directly with us, Canadian residents may contact the Office of the Privacy Commissioner of Canada at www.priv.gc.ca.