Last updated: March 1, 2026
DuePilot Inc. ("DuePilot," "we," "us," or "our") operates the DuePilot accounts receivable automation platform. This Privacy Policy explains how we collect, use, disclose, and protect information about you when you use our services.
By using DuePilot, you agree to the collection and use of information as described in this policy. If you disagree with any part of this policy, please do not use our services.
Account information: When you register, we collect your name, email address, company name, and billing information. This information is required to provide the service.
Financial data via QuickBooks: When you connect QuickBooks Online, we access your open invoices, customer contact records, and payment history via read-only OAuth. We do not access or store your QuickBooks credentials.
Usage data: We collect information about how you use DuePilot, including pages visited, features used, and actions taken within the platform. This helps us improve the product.
Email event data: When collection emails are sent on your behalf, we record delivery status, open events, and click events to improve sequence effectiveness.
Customer data you provide: Contact information and communication records for your customers that you import or that DuePilot accesses via integrations.
To provide, maintain, and improve the DuePilot service
To process and send collection emails on your behalf
To generate AI-drafted email content and classify customer replies
To calculate customer payment scores and AR analytics
To send service-related communications (receipts, security alerts, product updates)
To diagnose and fix technical issues
To comply with legal obligations
We do not use your data for advertising purposes. We do not sell your data to third parties.
We share data only with the following categories of service providers, all of whom are bound by data processing agreements:
Supabase — database hosting and authentication
Anthropic — AI model API for email drafting and reply classification
OpenAI — AI model API (used for specific classification tasks)
Google — Gmail OAuth and Google Workspace email sending
Postmark — transactional email sending and delivery tracking
Stripe — payment processing and payment link generation
PostHog — anonymized product analytics
We may disclose your information if required by law, court order, or to protect the rights, property, or safety of DuePilot, our customers, or the public.
Active accounts: We retain your data for the duration of your active subscription, plus any legally required retention period.
Canceled accounts: Upon cancellation, we retain your data for 90 days to allow for reactivation or data export. After 90 days, all data is permanently deleted from our systems and backups.
Immediate deletion: You may request immediate deletion of your account and all associated data at any time by emailing privacy@duepilot.ai. Deletion is typically completed within 7 business days.
Depending on your location, you may have the following rights regarding your personal data:
Access: Request a copy of the personal data we hold about you
Correction: Request correction of inaccurate personal data
Deletion: Request deletion of your personal data
Portability: Request an export of your data in a machine-readable format
Opt-out: Opt out of certain types of processing (e.g., analytics)
To exercise any of these rights, email privacy@duepilot.ai. We respond to all requests within 30 days. California residents have additional rights under the CCPA.
We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, destruction, or alteration. These include TLS encryption in transit, AES-256 encryption at rest, Row Level Security on all database tables, and restricted employee access controls. For details, see our Security page at /security.
We use essential cookies for session management and preferences. We use PostHog for anonymized product analytics. We do not use advertising cookies. For details, see our Cookie Policy at /cookies.
We may update this Privacy Policy from time to time. We will notify you of significant changes by email and by posting the updated policy on this page with a new "Last updated" date. Your continued use of DuePilot after changes are posted constitutes your acceptance of the updated policy.
For privacy-related questions, data requests, or concerns:
Email: privacy@duepilot.ai
DuePilot Inc., San Francisco, CA