Privacy Policy
Last updated: March 9, 2026
This privacy policy describes how Bell Software (org. no. 937 295 367), which operates Firepitch ("we", "us"), collects, uses, and protects personal data when you use our platform at firepitch.io.
1. Data controller
Bell Software (org. no. 937 295 367), which operates Firepitch, is the data controller for the personal data described in this policy. Contact information can be found at the bottom of this page.
2. What data do we collect?
User data
- Email address (upon registration and login)
- Name (optional, upon profile completion)
- Company affiliation via organization number
Company data
- Information from public business registries (publicly available: organization number, name, industry, address)
- Content from the company's website (scraped with user consent to build knowledge base)
Prospect data
- Public company information from business registries
- Content from the prospect's website (scraped to generate tailored pitch)
Usage data
- View data for shared pitches (anonymized: which sections are read, time spent ā no personal data stored about the viewer)
- Anonymized visit statistics via Vercel Analytics (cookieless, no personal data ā loaded only after consent)
- Technical error information via Sentry (email addresses are automatically removed)
3. Purpose and legal basis
| Purpose | Legal basis |
|---|---|
| Deliver the service (generate pitches) | Contract (GDPR Art. 6(1)(b)) |
| Manage user accounts and subscriptions | Contract (GDPR Art. 6(1)(b)) |
| Process payments via Stripe | Contract (GDPR Art. 6(1)(b)) |
| Error monitoring and performance tracking (Sentry) | Legitimate interest (GDPR Art. 6(1)(f)) |
| Anonymized visit statistics (Vercel Analytics) | Consent (GDPR Art. 6(1)(a)) |
| Fulfill legal obligations | Legal obligation (GDPR Art. 6(1)(c)) |
4. Third parties and data processors
We use the following third parties to deliver the service:
| Vendor | Purpose | Storage location |
|---|---|---|
| Supabase | Database, authentication | EU (eu-west-1) |
| Vercel | Hosting, analytics | EU |
| Stripe | Payment processing | EU/EEA |
| Anthropic | AI generation of pitches | USA (data processing agreement) |
| Firecrawl | Website scraping | USA (data processing agreement) |
| Resend | Email delivery (invitations) | USA (data processing agreement) |
| Sentry | Error monitoring and performance tracking | USA (data processing agreement) |
| Upstash | Performance optimization and abuse protection | EU/global |
Data sent to Anthropic and Firecrawl is used exclusively to deliver the service. The data is not used to train AI models and is not shared with others. Data sent to Sentry and Resend contains only what is necessary to deliver error monitoring and email delivery.
Data transfers outside the EU/EEA
Some of our data processors are located in the USA (Anthropic, Firecrawl, Sentry, Resend). These transfers are protected by:
- Standard Contractual Clauses (SCCs) ā EU-approved contract templates that ensure equivalent protection as within the EU/EEA
- Data minimization ā we only send data that is strictly necessary for the service
- No onward transfer ā the data is not used for other purposes and is not shared with third parties
Read more about international transfers at The Norwegian Data Protection Authority (Datatilsynet).
5. Storage and security
All data is stored primarily in the EU (Supabase EU region and Vercel EU region). We use encryption in transit (TLS) and at rest. Access control is handled with Row Level Security in the database.
Personal data is stored as long as you have an active account. Upon account deletion, your personal data is deleted within 30 days, except for data we are required to retain by law.
Retention period by data type
| Data type | Retention period |
|---|---|
| Account data (email, name) | As long as the account is active. Deleted within 30 days after account deletion. |
| Company and prospect data | As long as the account is active. Deleted upon account deletion. |
| Generated pitches | As long as the account is active. Deleted upon account deletion. |
| View statistics (pitch events) | Anonymized. Automatically deleted after 90 days. |
| Onboarding data (incomplete registrations) | Automatically deleted after 7 days if not completed. |
| Error logs (Sentry) | Maximum 30 days. Email addresses are automatically removed. |
6. Automated processing and AI
We use artificial intelligence (AI) to generate sales presentations based on information you provide about your company and prospects. This constitutes automated processing under GDPR Art. 13(2)(f).
What is automated?
- Generation of presentation content (text, structure, recommendations)
- Selection of relevant services to highlight in the presentation
- Selection of appropriate references from your knowledge base
Your rights regarding automated processing
- Editing ā you can edit all AI-generated content before it is shared
- Access ā you can contact us for an explanation of how the content was generated
- Objection ā you can object to automated processing by contacting us
The AI provider (Anthropic) does not use your data to train its models. Data is sent only to generate content and is not stored by the provider after processing.
7. Your rights
You have the right to:
- Access ā request a copy of the data we hold about you
- Rectification ā correct inaccurate information
- Erasure ā request that your data be deleted
- Data portability ā receive your data in a machine-readable format
- Restriction ā request that processing be restricted
- Objection ā object to processing based on legitimate interest
You can exercise several of these rights yourself via settings (data export and account deletion). For other requests, contact us at personvern@firepitch.no.
8. Cookies
We use necessary cookies for the service to function, and offer optional anonymized analytics that require your consent. Read more in our cookie policy.
9. Right to complain
If you believe we are processing your personal data in violation of the regulations, you can file a complaint with The Norwegian Data Protection Authority (Datatilsynet).
10. Contact
Bell Software (org. no. 937 295 367)
Email: personvern@firepitch.no