ULTRARIA
BETA — Everything is free during the beta. Real customers, real data, no charges until full launch.BETA — Everything is free during the beta. Real customers, real data, no charges until full launch.BETA — Everything is free during the beta. Real customers, real data, no charges until full launch.BETA — Everything is free during the beta. Real customers, real data, no charges until full launch.BETA — Everything is free during the beta. Real customers, real data, no charges until full launch.BETA — Everything is free during the beta. Real customers, real data, no charges until full launch.
e0cb4c0

Legal

Privacy policy

Last updated: April 25, 2026

This Privacy Policy explains how Ultraria ("we", "us") collects, uses, and discloses information about you when you use our website and the Ultraria service (the "Service"). By using the Service, you agree to the collection and use of information in accordance with this policy.

1. Information we collect

1.1 Information you provide

  • Account information — your email address, name, company name, and any subscription filter configuration you create (NAICS codes, keywords, set-aside preferences, geographic filters, deadline windows).
  • Payment information — billing address and payment method are collected and stored by our payment processor, Stripe. We do not store full credit card numbers on our servers.
  • Communications — when you contact us by email or through the contact form, we retain those messages for support and quality purposes.

1.2 Information collected automatically

  • Usage data — pages visited, features used, error events. Used to improve the Service.
  • Device data — IP address, user agent, referrer. Used for security and fraud prevention.
  • Cookies — strictly-necessary cookies for authentication and preferences. We do not use advertising or third-party tracking cookies.

2. How we use information

  • To provide the Service — running daily SAM.gov scans, matching opportunities to your filters, sending email digests, and operating the dashboard.
  • To process payments and manage subscriptions.
  • To respond to support requests and account inquiries.
  • To comply with legal obligations.
  • To detect, prevent, and address fraud, security incidents, and abuse.

We do not use your information to train machine-learning models. We do not sell or rent personal information to third parties.

3. How we share information

We share information only as needed to operate the Service:

  • Service providers — Stripe (payment processing), our hosting providers (Cloudflare Pages, Railway), our email-sending provider (Resend). Each is bound by its own privacy and security obligations.
  • Legal compliance — when required by law, subpoena, or other legal process, or to protect our rights or those of others.
  • Business transfers — in the event of a merger, acquisition, or sale of assets, your information may be transferred to the successor entity, subject to this policy or a successor policy with equivalent protections.

4. Data retention

We retain account and subscription data for as long as your account is active. After cancellation, we retain billing records for the period required by tax and accounting law (typically seven years in the United States) and delete other personal data within 90 days of cancellation, except where legal hold applies.

5. Your rights

Depending on your jurisdiction (in particular under the GDPR for EU/UK residents and the CCPA for California residents), you may have the right to:

  • Access the personal information we hold about you.
  • Correct inaccurate information.
  • Delete your information (subject to legal retention requirements).
  • Object to or restrict certain processing.
  • Export your information in a portable format.
  • Opt out of "sale" of personal information (we do not sell personal information).
  • Withdraw consent where processing is based on consent.

To exercise these rights, email privacy@ultraria.com. We will respond within 30 days. Verifying your identity may be required.

6. Security

We use industry-standard safeguards: TLS encryption in transit, encryption at rest, hashed passwords (we use email magic links rather than passwords for the dashboard, but all secrets are hashed), strict access controls, and continuous monitoring. No system is perfectly secure, and we will notify affected users without undue delay in the event of a confirmed data breach affecting personal data, consistent with applicable law.

7. International transfers

Ultraria is operated from the United States. If you access the Service from outside the United States, your information will be transferred to and processed in the United States. By using the Service, you consent to that transfer.

8. Children's privacy

The Service is not intended for individuals under 18, and we do not knowingly collect personal information from children under 18. If you believe a child has provided us with personal information, please contact us so we can delete it.

9. Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be communicated to active customers by email at least 30 days before they take effect. The "Last updated" date at the top of this page reflects the most recent revision.

10. Contact

For privacy questions, email privacy@ultraria.com. For general support, see the contact page.