Pigeon is a done-for-you investor update service for startup founders. We are the data controller for the personal data you provide when using our platform. Our registered address is available on request.
If you have any questions about how we handle your data, contact us at privacy@pigeon.so.
| Data | Why we collect it | Legal basis |
|---|---|---|
| Your name and email address | To create your account, address emails to you by first name, and send your monthly reminder | Contract performance |
| Your company name and description | To generate investor updates that accurately describe your business | Contract performance |
| Your company logo | To brand your investor updates if you choose to upload one | Consent (optional upload) |
| Your investors' names and email addresses | To send investor updates on your behalf when you instruct us to | Contract performance; legitimate interests of maintaining investor relationships |
| Business metrics you enter (MRR, runway, etc.) | To generate your investor update. We do not analyse or sell this data. | Contract performance |
| Your update content (highlights, challenges, asks) | To write your investor update. Stored so you can access your archive. | Contract performance |
| Payment information | To process your subscription. We use Stripe; we never see or store your card details. | Contract performance |
| Usage data (pages visited, features used) | To understand how people use Pigeon so we can improve it | Legitimate interests |
When you add investors to Pigeon, you are providing us with their personal data (name and email address) to send communications on your behalf. You are responsible for ensuring you have a lawful basis for sharing this data with us and for sending them updates.
We store this data only to fulfil the service you have asked for. We do not contact your investors for any other purpose, we do not sell their data, and we do not use it for marketing. When you delete an investor from your list, or delete your account, their data is removed from our systems within 30 days.
The content you enter into Pigeon (your metrics, highlights, challenges, and asks) is sent to Anthropic's Claude API to generate your investor update. Anthropic processes this data on our behalf as a data processor. They do not use your data to train their models. You can read Anthropic's privacy policy at anthropic.com/privacy.
We never share your business metrics or update content with any other third party for any purpose other than generating your update.
We share data only where necessary to operate the service:
We do not sell your data. We do not share it with advertisers. We do not share it with anyone not listed above unless required to by law.
Your data is stored within the European Economic Area (EEA). Where we use processors outside the EEA (for example, Anthropic is a US company), we ensure appropriate safeguards are in place, including Standard Contractual Clauses where required.
We keep your data for as long as your account is active. If you delete your account, we delete your personal data within 30 days, except where we are required to keep it for legal or financial compliance purposes (for example, billing records, which we keep for seven years as required by UK law).
Your archived investor updates are stored indefinitely while your account is active, as they form part of the service. You can delete individual updates or your entire archive at any time from within the app.
You have the following rights in relation to your personal data:
To exercise any of these rights, email privacy@pigeon.so. We will respond within one calendar month.
If you are not satisfied with our response, you have the right to complain to the Information Commissioner's Office (ICO) at ico.org.uk.
Pigeon uses only the cookies necessary to keep you logged in and to remember your preferences. We do not use third-party advertising cookies or tracking pixels. We do not use Google Analytics or any other behavioural analytics tool that shares your data with third parties.
You can disable cookies in your browser settings, but this will prevent you from staying logged in.
We take reasonable technical and organisational measures to protect your data, including encrypted connections (HTTPS), hashed passwords, and access controls. No system is completely secure, but we take our responsibility to protect your data seriously.
If you believe your account has been compromised, change your password immediately and email us at privacy@pigeon.so.
Pigeon is not intended for anyone under the age of 18. We do not knowingly collect data from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.
If we make material changes to this policy, we will notify you by email at least 14 days before the changes take effect. The date at the top of this page always reflects when the policy was last updated.
Continuing to use Pigeon after a policy change takes effect constitutes acceptance of the updated policy.
For any privacy-related questions or requests, contact us at privacy@pigeon.so. We aim to respond within five working days.