OpticBid — Federal Contract Intelligence for SDVOSBs

1. Overview

OpticBid ("we," "our," or "us") is operated by ColeHart Enterprises. This Privacy Policy describes how we collect, use, and protect information when you use our website at opticbid.com and our AI-powered government contract intelligence platform (collectively, the "Service"). By using the Service, you agree to the practices described here.

2. Information We Collect

Account information: When you register, we collect your email address and the password you choose (stored as a secure hash via Firebase Authentication). If you sign in with Google, we receive your name and email from Google.

Company profile: To match you with relevant government contracts, we collect the information you voluntarily provide: company name, location, NAICS codes, certifications (e.g., SDVOSB, 8(a), HUBZone), services description, past performance summary, and team size.

Usage data: We collect information about how you use the Service, including pages visited, features used, scan timestamps, and contract interactions (e.g., which contracts you mark as "Track it" or "Not for us"). This data powers the behavioral learning feature that improves your AI scores over time.

Payment information: Billing is handled entirely by Stripe. We do not store credit card numbers or banking details. We store your Stripe Customer ID so we can manage your subscription and billing portal access.

3. How We Use Your Information

To match your company profile against active federal and state government contracts
To score and rank contracts using Gemini AI (Google Vertex AI) based on your profile
To send daily email digests of scored opportunities to paid subscribers
To improve scoring accuracy through your Track it / Not for us feedback signals
To process payments and manage your subscription via Stripe
To communicate service updates, security notices, and support responses
To analyze aggregate usage patterns and improve the Service

We do not sell your personal information to third parties. We do not use your data for advertising.

4. Third-Party Services

The Service relies on the following third-party providers, each with their own privacy practices:

Google Firebase & Cloud: Authentication, database (Firestore), and AI processing (Vertex AI / Gemini). Google Privacy Policy
Stripe: Payment processing and subscription management. Stripe Privacy Policy
Resend: Transactional and digest email delivery. Resend Privacy Policy
Vercel: Frontend hosting and content delivery. Vercel Privacy Policy
SAM.gov (GSA): Public contract data is fetched from the U.S. General Services Administration's public API. No personal data is sent to SAM.gov.

5. Data Retention

We retain your account and profile data for as long as your account is active. If you delete your account, your profile, NAICS codes, certifications, scored opportunities, and behavioral learning data are preserved for 180 days to allow account restoration. If you re-register with the same email address within 180 days, your profile is automatically restored. After 180 days, all data is permanently and irreversibly deleted. Stripe may retain billing records as required by applicable law. Aggregated, anonymized usage statistics may be retained indefinitely.

6. Data Security

All data is encrypted in transit (TLS) and at rest via Google Cloud's default encryption. Access to your data is controlled by Firebase Security Rules and authenticated API tokens. We restrict internal access to user data to personnel who need it to operate or improve the Service. No security system is perfect, however, and we cannot guarantee absolute security.

7. Your Rights and Choices

Update your profile: You can edit your company profile at any time from the Onboarding page.
Email preferences: Daily digest emails can be disabled from your Account settings (Growth plan) or by contacting support.
Behavioral learning: You can disable or reset the learning feature from your Account page at any time.
Account deletion: Contact us at support@colehartenterprises.com to request deletion of your account and all associated data.
Data export: Contact us to request an export of your profile and scored opportunity data.

8. Children's Privacy

The Service is intended for businesses and is not directed to individuals under the age of 18. We do not knowingly collect personal information from minors.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will post the updated policy with a new "Last updated" date. Continued use of the Service after changes constitutes your acceptance of the updated policy. For material changes, we will notify you via email or an in-app notice.

10. Contact Us

Questions or concerns about this Privacy Policy? Contact us at:
ColeHart Enterprises
Email: support@colehartenterprises.com
Website: colehartenterprises.com