ListMatchGenie

Privacy Policy

Last updated: April 13, 2026

1. Introduction

ListMatchGenie ("we," "us," or "our") operates the ListMatchGenie platform at listmatchgenie.com (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

We are committed to protecting your privacy and have designed our architecture with data protection as a core principle — not an afterthought. Our database is PII-free by design, and uploaded files are stored in region-specific storage that you control.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Email address (used for authentication and communications)
  • Name (optional, for display purposes)
  • Password (stored as a bcrypt hash — we never store plaintext passwords)
  • Selected data region preference (US, EU, or UK)

2.2 Uploaded Files

When you upload CSV or Excel files for matching, we store them in Amazon S3 in your selected region:

  • US region: AWS us-east-1 (N. Virginia)
  • EU region: AWS eu-central-1 (Frankfurt)
  • UK region: AWS eu-west-2 (London)

Your uploaded files may contain personally identifiable information (PII) belonging to your data subjects. This data is stored only in S3 and is never written to our application database. Our database stores only metadata about your files (file name, size, column headers, row counts) — never the actual data rows.

2.3 Usage Data

We automatically collect certain information about how you use the Service:

  • Match job metadata (timestamps, row counts, match rates, processing duration)
  • Feature usage (which match profiles you use, AI questions asked)
  • Login history (timestamps, IP addresses, user agent strings)
  • Error logs for debugging and service improvement

2.4 Payment Information

Payment processing is handled entirely by Stripe. We do not store credit card numbers, bank account details, or other payment credentials on our servers. We store only your Stripe customer ID and subscription status for billing management.

3. How We Process Your Data

3.1 PII-Free Database Architecture

Our application database (hosted on Railway) is designed to be PII-free. When you upload a file:

  • The file is uploaded directly to your region-specific S3 bucket
  • Our database stores only the S3 key, file metadata (name, size, column headers, row count), and job configuration
  • The matching engine reads files from S3, processes them in memory, and writes results back to S3
  • No individual data records from your files are ever written to the database

3.2 AI Processing

When you use AI-powered features (data health narratives, match summaries, AI questions), we send only schema-level information to AWS Bedrock (Amazon's AI service):

  • Column names, data types, and statistical summaries (counts, percentages, distributions)
  • Match rate statistics and quality metrics
  • We never send raw data rows, individual records, or PII to the AI model

AWS Bedrock does not use your data to train or improve foundation models. AI processing occurs in the same AWS region as your data storage.

4. Data Retention and Deletion

We retain your data according to the following policies:

  • Uploaded files: Retained in S3 until you delete them or delete your account. Files from expired or deleted jobs are automatically purged after 90 days.
  • Match results: Retained in S3 alongside the source files and follow the same deletion policy.
  • Account data: Retained until you delete your account. Upon account deletion, all associated data (files, job metadata, configurations) is permanently deleted within 30 days.
  • Usage logs: Retained for 12 months for debugging and service improvement, then automatically purged.

5. Third-Party Services

We use the following third-party services to operate ListMatchGenie:

  • Amazon Web Services (AWS): S3 for file storage (regional), Bedrock for AI processing. AWS is SOC 2 Type II, ISO 27001, and GDPR compliant.
  • Stripe: Payment processing. Stripe is PCI DSS Level 1 certified and handles all payment card data. See Stripe's Privacy Policy.
  • Vercel: Hosting for our web applications. See Vercel's Privacy Policy.
  • Railway: Hosting for our application database and background processing services. See Railway's Privacy Policy.

6. GDPR Rights

If you are located in the European Economic Area (EEA) or the United Kingdom, you have the following rights under the General Data Protection Regulation (GDPR):

  • Right of access: You can request a copy of the personal data we hold about you.
  • Right to rectification: You can request that we correct inaccurate personal data.
  • Right to erasure: You can request deletion of your personal data. Deleting your account removes all associated data within 30 days.
  • Right to data portability: You can export your data at any time through the application. All match results are downloadable as CSV files.
  • Right to restrict processing: You can request that we limit how we process your data.
  • Right to object: You can object to processing of your personal data for certain purposes.
  • Regional data storage: EU and UK customers can select their data region during account setup, ensuring all uploaded files remain within their jurisdiction.

To exercise any of these rights, contact us at privacy@listmatchgenie.com. We will respond within 30 days.

7. Cookies

We use the following cookies:

  • Session cookie: An HTTP-only, secure cookie containing your JWT session token. Essential for authentication. Expires when you log out or after 7 days of inactivity.
  • Region preference: Stores your selected data region (US/EU/UK) to route requests correctly. Essential for service operation.

We do not use advertising cookies, tracking pixels, or third-party analytics cookies. We do not sell your data to third parties.

8. Data Security

We implement industry-standard security measures to protect your data. For a detailed overview, see our Security Practices page. Key measures include:

  • Encryption at rest (AES-256 on S3) and in transit (TLS 1.2+)
  • PII-free database architecture
  • bcrypt password hashing with appropriate work factor
  • File validation and malware scanning on upload
  • CSV injection sanitization

9. Children's Privacy

Our Service is not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child under 16, we will take steps to delete that information.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. For significant changes, we will send an email notification to the address associated with your account.

11. Contact Us

If you have questions about this Privacy Policy, your data, or want to exercise your GDPR rights, contact us at: