Privacy Policy

Plain-English: this covers everything you give us through bridger.levenhall.com and any subdomains we operate. It applies whether you’re a contractor, a service provider, a lobbyist, an admin, or just a visitor.

This Privacy Policy applies to the collection, use, retention, and disclosure of personal information by Levenhall LLC (“Bridger,” “we,” “us”) in connection with the Bridger platform, the marketing site at bridger.levenhall.com, related APIs, and any properties that link to this policy (collectively, the “Service”).

Plain-English: account info you give us, your cap-statement data, content you upload, conversations inside the platform, basic device/browser metadata, and OFAC/Entity-List screening results at signup.

Account information

Email, full name, organization name, and authentication factors (password hash, OAuth identifier where applicable). For non-individual users (organizations), the legal entity name, country of incorporation, and registration identifiers.

Cap-statement & profile data

NAICS codes, capability descriptions, target agencies, past performance details, certifications (CMMC, 8(a), HUBZone, WOSB, SDVOSB, allied-equivalent registrations), CAGE code, UEI number, NCAGE code, foreign-equivalent business identifiers, clearance level, and any free-text capability narrative you submit.

Content you create or transmit

Pipeline entries, draft proposals, messages exchanged with other users (providers, lobbyists, contractors), watchlist configurations, search queries, and notes. Content remains your property; see How we use your data below.

Technical & usage data

IP address, user agent, page-view events, feature usage events, error reports, and authentication-session metadata. Used for security, abuse detection, and product improvement.

Sanctions & export-control screening

At signup, we screen the registering organization against the US Treasury OFAC Specially Designated Nationals list and the US Bureau of Industry and Security Entity List. The screening result (passed / flagged for review) is stored on your account. We do not redistribute these results.

Payment information

Payment-method data is collected and processed by Stripe, Inc. We do not store card numbers, bank-account numbers, or full financial credentials on our servers. Stripe’s Privacy Policy governs that data: stripe.com/privacy.

Plain-English: to run the platform, to personalise the intelligence we deliver to your firm, to keep you informed via email, to detect fraud / abuse, to comply with law, and never to train external AI models.

• Operate the Service. Authenticate you, render pages, score appropriations + opportunities against your profile, deliver email digests you’ve subscribed to.
• Personalise intelligence. Your NAICS, tech areas, and target agencies feed the relevance engine that ranks bills, opportunities, and assessments for you. The output is shown to you only.
• Communicate with you. Account notifications, daily/weekly briefs you opt into, security alerts, and occasional product announcements. You can opt out of marketing emails at any time; transactional emails (security, billing) cannot be opted out of while your account is active.
• Detect abuse. Rate limiting, anomaly detection, and review of suspicious activity to prevent scraping, credential stuffing, and platform misuse.
• Comply with law. Maintain audit logs as required by SOC 2 / FedRAMP readiness obligations; respond to lawful subpoenas, court orders, or government requests.

What we do NOT do. We do not sell your data. We do not license your data. We do not share aggregated or de-identified contractor-level data with primes, providers, lobbyists, or third parties without your written consent. We do not use your data to train external AI models, including third-party LLMs.

Plain-English: only with the sub-processors we need to run the platform (Vercel, Neon, Stripe, Resend, Anthropic for the proposal-agent), and only with whoever you explicitly direct us to share with (e.g., a teaming partner you accept).

Sub-processors

We use the following sub-processors. The full list with DPA references and data-residency notes is at /trust/sub-processors.

• Vercel, Inc. — application hosting + edge network
• Neon, Inc. — Postgres database
• Stripe, Inc. — payment processing + Connect Express
• Resend, Inc. — transactional + marketing email delivery
• Anthropic, PBC — LLM inference for the proposal-agent (Pathfinder + Enterprise tiers only)

Other users you direct us to share with

When you initiate a teaming request, accept a teaming partner, open a provider engagement, or accept a lobbyist engagement, the relevant counterparty receives the data necessary to fulfill that engagement. You control which engagements proceed.

Compelled disclosures

We disclose data when required by valid US legal process. Where permitted, we will notify you before disclosure so you can seek a protective order.

Plain-English: you can export everything we have on you (GDPR Art. 20), delete your account with a 30-day grace period (Art. 17), correct inaccurate data, and opt out of marketing email at any time.

• Right of access. Request a copy of all personal data we hold about you. Self-serve at /settings/security.
• Right to erasure (right to be forgotten). Initiate a soft-delete from /settings. The account enters a 30-day grace period during which you can restore it; after 30 days, your data is permanently deleted from operational systems and removed from backups within 90 days.
• Right to rectification. Update profile data in /profile, /settings, or by emailing the operator.
• Right to portability. Same self-serve export as right of access; the export is a machine-readable JSON archive.
• Right to object. Disable marketing email and product-announcement email from /settings/notifications. You cannot opt out of transactional emails (security alerts, billing notices) while your account is active.

EU/UK residents may also lodge a complaint with their local supervisory authority. US residents in California may exercise CCPA/CPRA rights including the right to know, delete, correct, and opt out of “sale” or “sharing” (Bridger does neither).

Plain-English: as long as you have an account, plus 90 days after account deletion for backups. Audit logs kept 365 days. Aggregated analytics indefinitely.

• Account + profile data. Lifetime of the account. After erasure request: removed from production within 30 days, from backups within 90 days.
• Audit logs. 365 days for security investigation. Cannot be deleted by operator on request during that window.
• Email delivery logs. 90 days at Resend.
• Aggregated, de-identified analytics. Indefinitely. Cannot be reverse-attributed to your account.

Plain-English: TLS in transit, AES-256 at rest, strict CSP, same-origin CSRF protection, bcrypt-hashed passwords, 365-day audit logging, and an active SOC 2 Type II program.

Full security posture is documented at /trust and /trust/security. We disclose security vulnerabilities responsibly via /.well-known/security.txt.

The Service is hosted in the United States. If you access the Service from outside the US, your data is transferred to and processed in the US under Standard Contractual Clauses (for EU/UK data subjects) referenced in our Data Processing Addendum at /legal/dpa. By using the Service you consent to that transfer.

The Service is not directed to children under 16, and we do not knowingly collect personal data from children. If you believe a child has provided us personal data, contact the operator and we will delete it.

Material changes to this Privacy Policy will be communicated to account holders by email at least 30 days before they take effect. Non-material changes (clarifications, link updates) are published here without notice. The effective date at the top indicates the version in force.