Privacy Policy

Last Updated: 2026-01-21

1. Introduction

This Privacy Policy explains how Pillar ("we," "our," or "us") handles personal data when you interact with our website (trypillar.com), platform, SDK, APIs, or any other online properties we own and operate (collectively, the "Services").

This policy applies to:

  • Customers — Businesses and individuals who use our platform to deploy the Product Assistant
  • End Users — Individuals who interact with a Pillar-powered Product Assistant deployed by our Customers
  • Website Visitors — Anyone who visits our marketing website

2. Who We Are

Pillar Labs is the "doing business as" (DBA) name for Double Finance Inc., a Delaware corporation. For the purpose of this policy, all references to "Pillar," "we," or "us" refer to this legal entity.

  • Contact for Privacy: [email protected]
  • Address:
    2261 Market Street STE 5932
    San Francisco, CA 94114
    United States

3. What Personal Data We Collect

We collect information to provide and improve our Services. The types of data we collect depend on how you interact with us.

For Customers (Platform Users)

  • Account Information: When you create a Pillar account, you provide us with information like your name, business email, organization name, and billing details.
  • Customer Content: To power your Knowledge Base, we ingest content you provide or direct us to crawl, including:
    • Help articles and documentation from your existing help centers
    • Documentation site content (Mintlify, GitBook, ReadMe, etc.)
    • Support ticket conversations (Zendesk, Intercom, etc.)
    • Uploaded documents and files
  • SDK Configuration: Information about how you configure the Product Assistant, including Actions you define, branding settings, and integration parameters.
  • Usage Information: We automatically log technical data about how you use the dashboard, including feature engagement, API calls, and configuration changes.

For End Users (Your Users)

When End Users interact with a Pillar-powered Product Assistant, we may collect:

  • Conversation Data: Questions asked, AI responses provided, and Actions triggered. This data is stored to provide conversation history, enable analytics for our Customers, and improve response quality.
  • Context Data: If the Customer has configured context sharing, we may receive information about the End User's current page, feature, user role, or other context the Customer chooses to share with us.
  • Feedback: Ratings or feedback End Users provide on AI responses (e.g., thumbs up/down).
  • Technical Data: Browser type, device information, and IP address for security and analytics purposes.

Important: We act as a data processor on behalf of our Customers for End User data. Our Customers are the data controllers and are responsible for providing appropriate privacy disclosures to their End Users.

For Website Visitors

  • Cookies and Trackers: We use cookies and similar technologies to:

    • Essential cookies: Keep you logged in and remember your preferences
    • Analytics cookies: Measure site traffic and understand how visitors use our website (e.g., Google Analytics)
    • Functional cookies: Enable enhanced functionality and personalization

    You can control cookies through your browser settings. Disabling certain cookies may affect functionality. For users in the EU/UK, we obtain consent before setting non-essential cookies.

  • Contact Information: When you sign up for our waitlist, request a demo, or contact us, we collect the information you provide.

Information from Third Parties

  • OAuth Sign-In: If you sign in with Google or Microsoft, we receive your basic profile information and authentication token.
  • Integrations: If you connect third-party services (Zendesk, Intercom, etc.), we receive data necessary to ingest your content.
  • Payment Information: We use a third-party payment processor. We do not store your full credit card details, but we may receive metadata such as the card type and last four digits.

4. How We Use Your Personal Data

We use the data we collect for the following purposes:

  • To Provide the Services:

    • Build and maintain your Knowledge Base from ingested content
    • Generate AI responses to End User questions
    • Facilitate Action execution through the SDK
    • Display analytics in your dashboard

  • To Improve Our Services:

    • Analyze usage patterns to improve the Product Assistant's accuracy and relevance
    • Research and develop new features
    • Train and improve our AI models (see "AI Training" section below)

  • To Communicate With You:

    • Send transactional notices (invoices, security alerts, product updates)
    • Respond to support requests
    • With your consent, send marketing communications

  • To Secure Our Services:

    • Detect, investigate, and prevent fraud, abuse, or violations of our policies
    • Monitor for security threats

  • To Comply with Legal Obligations:

    • Meet our legal, tax, and regulatory requirements
    • Defend our legal rights

If you are located in the European Economic Area or United Kingdom, we process your personal data based on the following legal grounds:

  • Contract Performance: Processing necessary to provide the Services you requested (account management, Knowledge Base indexing, AI response generation).
  • Legitimate Interests: Processing for our legitimate business purposes, such as improving our Services, preventing fraud, and ensuring security, where these interests are not overridden by your rights.
  • Consent: Where you have given us explicit consent (e.g., for marketing communications). You may withdraw consent at any time.
  • Legal Obligation: Processing required to comply with applicable laws.

5. AI Training and Model Improvement

Your Customer Content:

  • We do not use your Customer Content (help articles, documentation, support tickets) to train AI models for other customers.
  • Your Customer Content is used solely to generate AI responses for your End Users and to power your specific Knowledge Base.

Aggregated and Anonymized Data:

  • We may use aggregated, anonymized usage data (e.g., common query patterns, response quality metrics) to improve our general AI models and Services.
  • This data is stripped of identifying information and cannot be traced back to you or your End Users.

Opt-Out:

  • If you wish to opt out of even anonymized data usage for model improvement, please contact us at [email protected].

6. How We Share and Disclose Data

We take your privacy seriously and we do not sell your personal data. We only disclose it in the following limited circumstances:

  • To Service Providers: We use carefully vetted third-party companies to help us operate our business:

    • Cloud infrastructure (Google Cloud Platform, Vercel)
    • LLM providers (OpenAI, Anthropic, Google) for generating AI responses
    • Payment processors (Stripe)
    • Customer support tools
    • Email providers

    These providers are bound by strict confidentiality and data-processing terms.

  • To Our Affiliates: We may share data with our parent companies, subsidiaries, or other companies under common control with Pillar, for the purposes outlined in this policy.

  • With Your Consent: If you direct us to share data with a third-party integration.

  • To Your Customers (for End User Data): End User conversation data and analytics are made available to our Customers through their dashboard, as they are the data controllers.

  • For Legal Reasons: We may disclose data if required by law, subpoena, or a court order, or to protect the rights, safety, or property of Pillar, our users, or the public.

  • In a Business Transfer: If Pillar is involved in a merger, acquisition, financing, or sale of all or a portion of our assets, your data may be transferred as part of that transaction, subject to continued protection under this policy.

7. Data Security

We employ industry-standard administrative, technical, and physical controls to protect your data. This includes:

  • Encryption in transit (TLS) and at rest
  • Strict access controls and multi-factor authentication for our internal systems
  • Regular security monitoring and vulnerability scanning
  • An incident response plan to address any potential data breaches

8. Data Retention

We keep personal data only for as long as necessary to provide the Services and for the purposes outlined in this policy.

We retain personal data for no longer than 12 months from the date of collection or your last interaction with the Services, except:

  • Billing and tax records may be retained longer to meet legal and regulatory requirements.
  • Aggregated or anonymized data (which cannot identify you) may be retained indefinitely for analytics and service improvement.

You may request deletion of your data at any time by contacting [email protected].

9. Your Privacy Rights

Depending on your location (e.g., California, EU/EEA), you may have specific rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Correct: Ask us to update or correct inaccurate information.
  • Delete: Request that we delete your personal data where we no longer have a lawful reason to retain it.
  • Port: Request a copy of your data in a machine-readable format.
  • Opt-Out: You can opt-out of marketing communications at any time using the "unsubscribe" link in our emails.

For End Users: If you are an End User of a Pillar-powered Product Assistant, please contact the company whose product you were using to exercise your privacy rights. They are the data controller and can direct us to fulfill your request.

Pillar does not "sell" or "share" personal data as defined by California privacy statutes. To exercise any of your rights, please email us at [email protected]. We will need to verify your identity before processing your request.

10. International Data Transfers

Our Services are operated in, and we store and process data, primarily in the United States. If you are accessing the Services from another region (including the EU/EEA), your personal data may be transferred to the United States.

For transfers from the EU/EEA, we rely on:

  • Standard Contractual Clauses approved by the European Commission
  • Our data processing agreements with sub-processors

11. Children's Privacy

Our Services are intended for business professionals and are not directed at anyone under the age of 16. We do not knowingly collect personal data from children.

12. Third-Party AI Providers

The Product Assistant uses third-party large language models (LLMs) to generate AI responses. When an End User asks a question:

  1. The query and relevant context from your Knowledge Base are sent to our LLM provider (OpenAI, Anthropic, or Google, depending on your configuration).
  2. The LLM generates a response based on your content.
  3. We do not send personal identifying information about End Users to LLM providers unless it is contained in the query itself.

Our agreements with LLM providers prohibit them from using your data to train their models.

13. Changes to This Policy

We may revise this Privacy Policy from time to time. If we make a change that materially alters your rights, we will provide conspicuous notice, such as by email or an in-app alert, before the change takes effect.

14. Contact Us

If you have any questions about this Privacy Policy, please contact us in writing at:

Pillar Labs
2261 Market Street STE 5932
San Francisco, CA 94114
United States
[email protected]