Privacy Policy

DonePages (“DonePages,” “we,” “us,” or “our”) provides software that turns your job photos and notes into proof pages, PDFs, social assets, and review requests. This Privacy Policy applies to donepages.com and the DonePages application (the “Service”). By using the Service, you agree to the practices described here.

We collect the following categories of information:

• Account information. Your name, email address, and password (stored hashed) when you create an account, plus your business or workspace details (business name, industry, logo, contact info, service areas).
• Content you provide. The photos, notes, project details, and any customer information (such as a customer’s first name or email for a review request) that you upload to create proof pages.
• Payment information. When you subscribe, payments are processed by Stripe. We do not store your full card number — we receive limited billing details and a customer identifier from Stripe.
• Usage and analytics. How you and visitors interact with the Service and your published pages (for example, page views, CTA clicks, and review clicks), plus device and log data such as IP address and browser type.
• Cookies. We use essential cookies to keep you signed in and remember your active workspace. See “Cookies” below.

• Provide, operate, and maintain the Service.
• Generate proof pages, PDFs, captions, and review requests from the photos and notes you provide.
• Process subscriptions and send service-related communications.
• Measure performance of your pages and improve the Service.
• Detect, prevent, and address security issues, fraud, and abuse.
• Comply with legal obligations.

To generate written content, the notes and project details you submit are sent to our AI provider for processing. This processing is performed under terms that do not permit your inputs to be used to train the provider’s models. AI output is a draft based on what you provide — DonePages is designed not to invent facts, but you are responsible for reviewing content before publishing.

We share information with vendors who process it on our behalf, only as needed to run the Service:

• Supabase — database, authentication, and file storage.
• Vercel — application hosting and content delivery.
• Stripe — subscription billing and payments.
• Resend — transactional and review-request emails.
• OpenAI — AI generation of page content from your notes.

These providers are bound by their own agreements to protect your information and use it only to provide their services to us.

When you publish a proof page, portfolio, or collection, the content you include (photos, project descriptions, and your business details) becomes publicly accessible at its URL and may be indexed by search engines. Do not publish information you don’t have the right to share. You are responsible for obtaining any necessary consent from customers before including their information or photos of their property.

We do not sell your personal information. We disclose information only: to the service providers listed above; when you choose to publish content publicly; to comply with the law or a valid legal request; to protect our rights, users, or the public; or in connection with a merger, acquisition, or sale of assets (with notice to you).

We keep your information for as long as your account is active or as needed to provide the Service. After you delete content or close your account, we remove or anonymize your data within a reasonable period, except where we must retain it to comply with legal obligations, resolve disputes, or enforce our agreements.

We use industry-standard measures — including encryption in transit, access controls, and trusted infrastructure providers — to protect your information. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

Depending on where you live, you may have the right to access, correct, export, or delete your personal information, and to object to or restrict certain processing. You can manage most account and workspace data directly in the app, or contact us to exercise these rights. We will not discriminate against you for exercising them.

DonePages is operated from the United States. If you access the Service from outside the U.S., your information may be transferred to and processed in the United States and other countries where our providers operate, which may have different data-protection laws than your own.

The Service is intended for businesses and is not directed to anyone under 18. We do not knowingly collect personal information from children.

We use a small number of cookies that are essential to the Service — for example, to keep you signed in and remember your selected workspace. We do not use third-party advertising cookies. Blocking essential cookies may prevent parts of the Service from working.

We may update this Privacy Policy from time to time. When we make material changes, we will update the “Last updated” date above and, where appropriate, notify you in the app or by email.

Questions about this policy or your data? Email us at privacy@donepages.com.