Security Policy

At OnPitch.io, owned and operated by OnPitch Holdings Inc., we are committed to protecting the security of our users' data. This Security Policy outlines the measures we take to safeguard your information.

We implement industry-standard security practices to protect your data. While we are a startup with limited resources, we prioritize the security of our platform and continuously work to improve it.

Access to user data is limited to authorized team members who require it to perform their duties. We use authentication protocols to prevent unauthorized access to sensitive information.

We use encryption to protect sensitive data during transmission. This ensures that your information remains secure when communicated across networks.

We utilize trusted, enterprise-grade service providers for hosting and data management (such as Supabase, AWS, and Stripe). We only partner with firms that adhere to rigorous security standards and strict data processing agreements.

We believe you should always be in control of your data. You have the following options to manage your personal information:

• Access & Portability: You may request a copy of your account data at any time.
• Correction: You can update your profile, email, or linked accounts directly in your Dashboard settings.
• Deletion: You may request the permanent deletion of your data by contacting us. We will process all deletion requests within 30 days, in accordance with our data retention policy.
• Communication Preferences: You can opt-out of notifications or marketing at any time through our one-click unsubscribe links.

Your information is stored on secure cloud servers located in the United States. We use logically isolated database environments, ensuring that your private information remains separate and secure from other users across our platform.

We encourage users to protect their own data by using strong, unique passwords and keeping their account credentials confidential.

In the event of a security incident, we are prepared to respond promptly. We maintain internal response procedures to investigate the issue, mitigate any risks, and notify affected users as required by applicable laws.

If you have any questions or wish to exercise your data protection rights, please contact us at: ian@onpitch.io.