Privacy Policy
Last updated: March 19, 2026
1. Introduction
SMAD Portal ("we", "us", or "our") is operated by Extant 2000, LLC. This Privacy Policy describes how we collect, use, and protect your personal information when you use our mission engineering platform and related services.
By using SMAD Portal, you agree to the collection and use of information as described in this policy.
2. Information We Collect
Account Information
When you create an account, we collect your name, email address, organization name, and password. If you sign up through a third-party provider (Google, Microsoft), we receive your name and email from that provider.
Mission Data
You may upload or enter mission engineering data including requirements, risk items, design parameters, trade studies, and related technical content. This data is stored securely and is accessible only to you and your authorized team members.
Usage Data
We automatically collect information about how you interact with the platform, including pages visited, features used, timestamps, and browser/device information. This data is used to improve the service.
Payment Information
Payment processing is handled by Stripe. We do not store credit card numbers on our servers. Stripe's privacy policy governs the handling of your payment data.
3. How We Use Your Information
- Provide, maintain, and improve the SMAD Portal platform
- Process transactions and send billing-related communications
- Send product updates, security alerts, and support messages
- Respond to your requests and provide customer support
- Detect, investigate, and prevent fraudulent or unauthorized activity
- Comply with legal obligations
4. Data Sharing
We do not sell, rent, or trade your personal information. We may share data with:
- Service providers: Stripe (payments), Supabase (database hosting), Vercel (application hosting), and email delivery services
- Team members: If you belong to a company account, authorized team members can access shared mission data
- Legal requirements: When required by law, subpoena, or government request
5. Data Security
We implement industry-standard security measures to protect your data:
- Encryption at rest and in transit (TLS 1.2+)
- Role-based access controls with 12 mission-level roles
- Audit logging of all data access and modifications
- Regular security assessments and vulnerability scanning
- Two-factor authentication (TOTP) available for all accounts
- Web application firewall with mission-specific rules
6. Data Retention
We retain your account and mission data for as long as your account is active. If you delete your account, we will remove your personal data within 30 days. Anonymized usage data may be retained for analytics purposes.
7. Your Rights
You have the right to:
- Access the personal data we hold about you
- Request correction of inaccurate data
- Request deletion of your data (GDPR data export available on Enterprise plans)
- Object to processing of your data
- Export your data in a structured, machine-readable format
To exercise these rights, contact us at privacy@extant2000.com.
8. Cookies
We use essential cookies for authentication and session management. We use analytics cookies to understand usage patterns. You can manage cookie preferences through our cookie banner or your browser settings.
9. Children's Privacy
SMAD Portal is not directed at children under 16. We do not knowingly collect personal information from children. If you believe we have collected data from a child, please contact us and we will delete it promptly.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by posting a notice on the platform or sending an email. Continued use of the service after changes constitutes acceptance of the updated policy.
11. Contact
If you have questions about this Privacy Policy, contact us at:
Extant 2000, LLC
United States