Privacy Policy

Pitchr is a PR-as-a-service platform based in Melbourne, Victoria, Australia. In this policy, “we”, “us”, and “our” refer to Pitchr.

We are committed to protecting your personal information in accordance with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

We collect and process the following categories of personal information:

Account Information

• Name, email address, and password (for account creation)
• Company name, ABN, and business contact details
• Role and job title

Campaign & Business Data

• Campaign briefs and supporting materials you upload
• Business descriptions, brand voice, and key messaging
• Media releases generated through our platform
• Contact details of journalists and media outlets (provided by you or sourced through our research)

Payment Information

• Billing details processed securely by Stripe (we do not store card numbers)
• Subscription plan and payment history

Usage Data

• Authentication session data
• Pages visited and features used within the platform
• Browser type, device information, and IP address

We use your personal information for the following purposes:

• Providing and operating the Pitchr platform and services
• Processing your campaign briefs and generating AI-assisted press releases
• Managing your account, subscriptions, and billing
• Communicating with you about your campaigns, account, and service updates
• Improving our platform, features, and user experience
• Complying with legal obligations

Pitchr uses artificial intelligence (Anthropic Claude) to assist in generating press releases, research, and campaign recommendations. When you submit a campaign brief:

• Your business information and brief content are processed by our AI systems to generate tailored press releases and pitch strategies
• AI-generated content is always reviewed by our human PR team before being used in outreach
• We do not use your data to train AI models — your information is processed solely to deliver your campaign results
• AI processing is performed via Anthropic’s API, which operates under their enterprise data processing terms and does not retain your data for model training

Your data is stored securely with the following measures:

• Database: Supabase (PostgreSQL), hosted in the ap-southeast-2 (Sydney, Australia) region
• Encryption: All data is encrypted at rest and in transit (TLS 1.2+)
• Payments: Processed by Stripe, which is PCI DSS Level 1 compliant. We never store your credit card details.
• Access controls: Role-based access ensures only authorised team members can access your data
• Authentication: Secure session-based authentication via Supabase Auth

We share data with the following third-party service providers, solely to operate our platform:

We do not sell your personal information to any third party. Data is shared with providers only to the extent necessary to deliver our services.

We retain your personal information for as long as your account is active or as needed to provide services. Specifically:

• Account data is retained while your subscription is active
• Campaign data (briefs, releases, coverage) is retained for 12 months after campaign completion
• Payment records are retained as required by Australian tax law (typically 5 years)
• You may request deletion of your data at any time (see Your Rights below)

Under the Australian Privacy Act 1988, you have the right to:

• Access — request a copy of the personal information we hold about you
• Correction — request correction of inaccurate or incomplete information
• Deletion — request deletion of your personal information (subject to legal retention requirements)
• Complaint — lodge a complaint with the Office of the Australian Information Commissioner (OAIC) if you believe we have breached the APPs

For EU/EEA Users (GDPR)

If you are located in the European Union or European Economic Area, you additionally have the right to data portability, restriction of processing, and the right to object to processing. Our legal basis for processing is contractual necessity (to provide services you have requested) and legitimate interest (to improve our platform). To exercise any GDPR rights, contact us at the address below.

If you have questions about this privacy policy or wish to exercise your rights, contact us at:

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.