SalesNext

Legal

Privacy policy

Last updated May 16, 2026

1. Scope

This Privacy Policy describes how SalesNext, Inc. (“SalesNext”, “we”, “us”) collects, uses, and shares personal information when you use our website at salesnext.ai and our hosted product, including the SalesNext Copilot and any associated browser, inbox, or workspace integrations (collectively, the “Service”).

When SalesNext processes personal information about end users on behalf of a customer (for example, the procurement organization that authorized you to use the Service), we act as a processor and the customer is the controller. This policy describes our role when we act as a controller for our own collection.

2. Data we collect

We collect the following categories of data:

  • Account data — name, work email, password hash or single sign-on identifier, profile photo, role, and organization membership.
  • Usage data — pages viewed, actions taken, IP address, device and browser metadata, and timestamps. Used for security and product analytics.
  • Email and supplier-thread content — message bodies, attachments, and metadata from the inbox(es) you authorize the Copilot to access, limited to the scopes you grant during OAuth setup. See Section 3 for details.
  • Procurement Memory — structured records extracted from the above: parsed quotes, supplier dossiers, negotiation history, award decisions, and the audit log. Stored per customer in your organization’s tenant.
  • Customer content — RFQs, supplier records, attachments, internal notes, and any other content you submit. Treated as your data per our Terms.

We do not collect Social Security numbers, payment card numbers, or protected health information. We do not collect biometric or location data.

3. Email and inbox access

The Copilot connects to Gmail or Microsoft 365 through standard OAuth flows. We request the smallest set of permissions that lets the product work and observe the following commitments:

  • Scoped access. You can narrow the Copilot to specific labels or folders during setup. We do not read mail outside the scope you authorized.
  • No bulk exports. We fetch messages on-demand for the features that require them — parsing a new supplier reply, populating Procurement Memory at setup, sending a Copilot-drafted reply. We do not export your mailbox at rest.
  • Send is delegated and policy-checked. When the Copilot sends on your behalf, the message clears a policy check before it leaves our servers and is logged in your organization’s audit trail.
  • Revocable. You can disconnect the Copilot from inside Gmail or Microsoft 365 at any time. After disconnect, we immediately stop fetching new mail. Existing structured data in Procurement Memory remains under your organization’s control and can be exported or deleted as described in Section 7.

4. How we use data

We use personal information to:

  • Provide, secure, and improve the Service for you;
  • Authenticate users, enforce policies, and prevent abuse;
  • Communicate with you about your account, transactional notices, and material product updates;
  • Comply with legal obligations.

We do not sell personal information. We do not share personal information with advertisers for targeted advertising. We do not train shared AI models on your data — see Section 5.

5. AI processing and Autopilot

The Service uses the SalesNextAI engine to parse RFQs, supplier quotes, and email threads, and to produce the drafts and scoring you see in the product. When you use these features:

  • Relevant text and document content are transmitted over TLS to the SalesNextAI engine, scoped to the request that requires it.
  • We do not train shared models on customer data, ever.
  • Prompt and completion content is not retained beyond the request lifecycle except inside your organization’s audit log.
  • Each AI input and output is recorded inside your organization’s audit log so you can review what the model was asked and what it returned.
  • Autopilot. When you enable Autopilot for a specific request, the Copilot may send messages on your behalf inside the policy bounds you set (target, ceiling, auto-approve threshold, time window). Every outbound message clears a policy check before it leaves our servers. You can disable Autopilot at any time at any layer (single RFQ, supplier, category, or organization).
  • You can disable AI features organization-wide from settings.

6. Sharing and sub-processors

We share personal information with sub-processors that help us run the Service. Current categories include:

  • Cloud hosting, database, and storage providers.
  • AI processing (SalesNextAI).
  • Transactional email delivery.
  • Error monitoring and product analytics.
  • Payment processing (paid plans only).

A current sub-processor list, along with contractual safeguards and data residency options, is available on request to privacy@salesnext.ai.

We do not share customer content with other customers. Optional anonymized network benchmarks (for example, category price medians) are available only when you explicitly opt in and never include identifying detail.

7. Retention and deletion

Account data is retained for the lifetime of your account, plus 30 days. Customer content and Procurement Memory entries are retained as you direct in the Service and deleted (or de-identified) within 60 days of account termination, except where retention is legally required.

Audit-log entries are retained for at least 12 months for security and compliance purposes. On request to privacy@salesnext.ai, we will provide a one-time export of your Customer Data and Procurement Memory before deletion.

8. Your rights

Depending on where you live, you may have rights to access, correct, delete, port, or object to processing of your personal information. To exercise these rights, email privacy@salesnext.ai. We will respond within 30 days.

If you are an end user using SalesNext on behalf of an employer customer, we will direct your request to that customer where they are the controller.

9. Cookies

We use first-party cookies that are strictly necessary for authentication and session management, plus a small set of analytics cookies. We do not use advertising cookies.

You can clear cookies from your browser at any time; doing so will sign you out of the Service.

10. Security

We maintain administrative, physical, and technical safeguards designed to protect personal information. See our Security page for the architectural detail, including OAuth scopes, per-tenant encryption, and our compliance roadmap.

11. Contact

Questions or requests can be sent to privacy@salesnext.ai. Postal: SalesNext, Inc., 1209 Orange Street, Wilmington, DE 19801, USA.