Propelio

Legal

Privacy policy

Last updated: 29 May 2026

Rebellious Digital (“we”, “us”) operates the website at propelio.app and the workspace application at workspace.propelio.app in connection with Propelio, our proposal software product (“Propelio”). This policy explains what personal data we collect, how we use it, and your rights under the UK General Data Protection Regulation (UK GDPR).

1. Data we collect

We collect the following categories of personal data:

  • Account data: your name, email address, and password (hashed) when you create an account.
  • Billing data: billing address and payment method details, processed securely via our payment provider. We do not store full card numbers.
  • Proposal data: content you create, including proposal text, pricing, client names, and email addresses you enter.
  • Usage data: pages visited, features used, and interaction events, collected to improve the product.
  • Client signing data: when a proposal is signed, we record the signer’s name, email address, IP address, timestamp, and a hash of the signed document version.
  • Support data: messages you send us via email or in-app support channels.

2. How we use your data

We use your personal data to:

  • Provide and maintain the Propelio service.
  • Process billing and manage your subscription.
  • Send transactional emails (proposal sent/signed notifications, receipts).
  • Respond to support requests.
  • Improve the product based on aggregated usage analysis.
  • Comply with our legal obligations.

We do not sell your data to third parties. We do not use your data for advertising.

3. Data sharing

We share data only with the following categories of third parties, and only as necessary:

  • Infrastructure: cloud hosting and database providers who process data on our behalf under data processing agreements.
  • Payments: our payment processor handles billing data. We never see or store full card numbers.
  • Email delivery: a transactional email service to deliver proposal notifications and receipts.
  • Analytics: aggregated, anonymised product usage data to help us improve Propelio.

4. Data retention

We retain your account and proposal data for as long as your account is active, or as required by law. If you close your account, we will delete or anonymise your personal data within 90 days, unless we are required to retain it for legal or tax compliance reasons.

Signed proposal records (including the signing audit trail) may be retained for longer to support the legal validity of documents you have created.

5. Your rights

Under UK GDPR, you have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate data.
  • Request deletion of your data (“right to be forgotten”), subject to legal retention obligations.
  • Object to or restrict certain processing.
  • Data portability: receive your data in a structured, machine-readable format.
  • Withdraw consent where processing is based on consent.

To exercise any of these rights, contact us at hello@propelio.app.

6. Cookies and analytics

We use two categories of cookies and similar storage:

  • Strictly necessary: used to operate the service, including authentication sessions and security tokens. These are set only within the workspace application and are required for the service to function. They are not affected by your cookie preference.
  • Analytics: we use PostHog, a product analytics platform, to understand how visitors use the Propelio marketing site and workspace. PostHog records page views, button clicks, and feature usage. It does not track you across other websites and we do not use it for advertising. Data is stored on PostHog’s EU infrastructure and is not sold to third parties.

Marketing site (propelio.app): we collect anonymous, session-only pageview data from all visitors using PostHog in memory mode. Nothing is written to your browser storage and no data persists between sessions. When you first visit, a banner gives you the choice to accept or decline persistent analytics. If you accept, PostHog upgrades to localStorage so it can recognise you across sessions and provide more accurate usage analysis. If you decline, only the anonymous session data described above is collected. You can change your preference at any time by clearing local storage for propelio.app, which will display the banner again on your next visit.

Workspace (workspace.propelio.app): analytics are active for all signed-in users. This is necessary for us to understand how the product is used and to maintain and improve the service. By creating an account and accepting our terms of service, you acknowledge this usage. The legal basis for this processing is legitimate interest (UK GDPR Article 6(1)(f)). No analytics data from the workspace is used for advertising, and it is not shared with third parties beyond PostHog acting as our data processor.

In both contexts, PostHog stores data on EU infrastructure under a data processing agreement with Rebellious Digital.

7. Security

We use industry-standard measures to protect your data: TLS encryption in transit, encrypted storage at rest, access controls, and regular security reviews. No transmission over the internet is completely secure, and we cannot guarantee absolute security.

8. Children

Propelio is not directed at children under 16 and we do not knowingly collect data from children. If you believe a child has provided us with personal data, please contact us and we will delete it.

9. Changes to this policy

We may update this policy from time to time. We will notify you of material changes by email or via an in-app notice. The “last updated” date at the top of this page reflects the most recent revision.

10. Contact

Rebellious Digital is the data controller for personal data processed through Propelio. For privacy questions, contact us at hello@propelio.app.