Privacy

Threshld collects project intake, uploaded files, payment metadata, email address, and report history to generate and deliver strategic plan packages.

Storage

Order metadata is stored in Cloudflare D1. Uploaded files and generated reports are stored in private Cloudflare R2 storage. Report downloads are delivered through short-lived signed links after dashboard authentication.

Access

Dashboard access uses email magic links, short-lived login links, and secure sessions. Report access is limited to the email address used for the original order unless support manually assists with an ownership change.

Processors

Stripe processes payments. Resend handles transactional email. Genspark and OpenAI may process project context to generate deliverables when configured.

Retention

Project data is retained for dashboard history and regeneration unless deletion is requested. Expired login links and sessions are automatically cleaned up. Security audit logs are retained for operational review and then removed on a rolling basis.

Confidentiality

Threshld does not sell project files or intake content. Do not upload materials that require a separate NDA, regulatory handling, or restricted data-room controls unless a written agreement is in place.