Penroll

Legal

Privacy Policy

Last updated: May 2026

This Privacy Policy explains what data Penroll collects, why we collect it, and how we handle it. We try to be plain-English about this — no dark patterns, no buried disclosures.

What we collect

Document inputs. When you generate a document, we send your form inputs (job title, company name, country, salary range, etc.) to our AI provider to produce the output. Inputs are not stored on our servers — they exist for the lifetime of a single generation request.

License data. If you subscribe to Pro or Team, we store your billing email, Stripe customer ID, and a device fingerprint to enforce one-device-per-license. This data is held by Stripe and tagged on your customer record.

Usage counter. The free-tier monthly counter is stored in your browser's localStorage. It does not leave your device.

No tracking pixels. Penroll does not use Google Analytics, Facebook Pixel, or third-party advertising trackers. We may use privacy-respecting product analytics (Plausible / Fathom) — these do not use cookies and do not track users across sites.

AI processing

Generated documents are produced by a third-party large language model. The provider may retain inputs briefly for safety and abuse monitoring per their data policy; we do not train models on your data. We use enterprise-tier API access, which has stricter data-handling commitments than the free consumer products.

Cookies

Penroll uses one cookie: a session cookie set by Stripe during checkout. This is necessary to complete payment. We do not set advertising or tracking cookies.

Your rights (GDPR / CCPA)

You can request a copy of your data, ask us to delete it, or request a correction. Email privacy@penroll.com and we will respond within 30 days.

Stripe holds the bulk of your billing data — for subscription cancellations and payment method updates, use the "Manage in Stripe" button on the Billing page.

Data retention

Documents you generate are not stored by us. License data is retained as long as your subscription is active and for 90 days after cancellation, after which we anonymise the record (Stripe retains its own copy per their retention policy).

Contact

Privacy questions: privacy@penroll.com
General support: support@penroll.com

→ Terms of Service