Privacy Policy.

Effective Date: July 7, 2026

Bullwhip, Inc. (“Bullwhip,” “we,” “us”) runs the website at bullwhip.so and the application at app.bullwhip.so. One policy covers both. It tells you what we collect, why we collect it, who handles it, and how to tell us to stop.

Our customers run real operations on Bullwhip: SOPs, verification records, team messages. We treat all of it as confidential operational data. This page is that commitment, in writing.

1. Who we are

Bullwhip, Inc.
1522 Western Ave, STE 82527
Seattle, Washington 98101, United States
privacy@bullwhip.so

We answer privacy inquiries within 10 business days, and formal rights requests within the timeframes the law sets.

2. What we collect

CategoryWhatWhyHow long
Account detailsName, email, organization, job title, preferred language. Your mobile number, if you turn on text messaging.Creating and running your account, support, pilot requestsLife of your account, plus a short wind-down after termination or a verified deletion request
Sign-inOAuth tokens, magic-link tokens, session cookies. Sign-in is single sign-on or an emailed magic link; we do not collect or store passwords.Verifying it's youLife of your account; sessions expire on schedule
Your contentSOP documents (PDF, DOCX, PPTX, images) and photos submitted for visual verificationThe core service: document comprehension, answers, translation, verificationUntil you delete it or your account is terminated
MessagesContent of SMS and WhatsApp exchanges with the service, delivery metadata, your opt-in recordSo your team can ask and get answers by text (Section 4)Life of your account; consent records as long as the law requires
People you loop inNames, contact details, and replies of contacts your workspace designatesRouting questions to the person you name, following up, recording the answerLife of the workspace; removal on request
UsageQuestions asked, answers received, documents viewed, verification resultsRunning and improving the serviceLife of your account, plus a short wind-down
Site and networkPages visited, browser type, referring URL, pseudonymous identifiers, IP addressSecurity, diagnostics, cookieless traffic measurementRaw server logs are short-lived, held for days, not months. Analytics identifiers are discarded within a day; what remains is aggregate, with no personal identifiers.

Everything above comes from you, your workspace, or your use of the service, with one exception: the contacts your workspace designates, whose details come from your workspace and whose replies come from them. If that's you and you want your information out, email privacy@bullwhip.so.

We do not request or intentionally collect sensitive personal information: no biometric identifiers, no precise geolocation, no data about race, ethnicity, religion, or sexual orientation. We do not collect or process consumer health data.

Photo verification compares images of fulfillment work (packaging, labeling, shipment prep) against your documented standards. It does not capture, extract, store, or analyze biometric identifiers. If a photo happens to include a person, we do not use it to identify, profile, or build a biometric template of anyone. And if your uploads incidentally contain sensitive details (a visible name badge, document metadata), we process them solely to provide the service.

3. How we process your content

When you upload SOPs, submit photos, or ask questions, we send that content to our AI processing providers via API and return the result to the application. Their terms and our configuration agree on the important part: your content is never used to train their models. Providers may hold API inputs and outputs for a limited period, currently up to 30 days, for service integrity and abuse prevention, then delete them. If that changes materially, this policy changes first, and you hear about it before it does.

To answer questions and keep your knowledge base searchable, we also store material derived from your content: extracted text, summaries, and numerical representations (embeddings).

Documents, derived data, and generated responses live in our database, isolated to your organization by row-level security policies. Every customer's data is separated the same way.

Bullwhip uses artificial intelligence to interpret SOPs, answer questions, translate, and check photos against your standards. Its outputs are informational and reviewed by your team. It sends outbound messages only to people your workspace designates, within the approval settings your workspace controls. It does not autonomously make employment, financial, or legal decisions about anyone.

4. Text messaging (SMS and WhatsApp)

Text messaging is optional and per person, with an affirmative opt-in that we record. Message frequency varies with your team's use. Message and data rates may apply. Reply STOP at any time to stop, or HELP for help.

SMS travels through our messaging provider and the telecommunications carriers between us and your phone. WhatsApp messages are delivered through the WhatsApp Business Platform and are also subject to WhatsApp's own terms and privacy policy.

We do not share mobile phone numbers or opt-in information with third parties or affiliates for their marketing or promotional purposes.

5. What we never do

We do not sell your personal information. Not outright, not as “sharing,” not dressed up as anything else. We do not use your content to train AI models. We do not hand your content or account information to other customers, or to third parties for their own commercial purposes. We run no advertising trackers and no visitor-identification tools; our website analytics are cookieless, aggregate, and do not follow you across sites. We honor Global Privacy Control signals as a valid opt-out under applicable state law. Older Do Not Track browser signals never got a settled meaning; since we do not track anyone across sites, there is nothing for them to turn off.

One caveat, and it's just how delivery works: an email or text can't reach you without passing through our communications providers, the carriers, and, for WhatsApp, the WhatsApp Business Platform. They process it to deliver your messages and for limited operational purposes (security, abuse prevention, legal compliance) under their own terms. Not for advertising.

And we do not use your personal information for any purpose materially different from this policy without telling you first.

6. Service providers

These categories of providers process personal information on our behalf under their respective terms:

CategoryPurposeData processed
Cloud database and authenticationDatabase storage, authentication, file storageAccount information, uploaded documents, derived data, messages, usage data, sign-in tokens
AI processingDocument comprehension, Q&A, translation, visual verification, search indexingUploaded content, questions, verification photos, text derived from your content
Document conversionConverting uploaded documents between formats so they can be processedUploaded documents, transiently: files are deleted from the conversion service within 24 hours, and we keep no copies there
Single sign-onOAuth-based authenticationEmail address, name (when using SSO)
Email deliveryPilot requests, account email, workspace-approved outbound email, receiving repliesNames, email addresses, message content, including the message you submit with a pilot request
Text messaging (SMS and WhatsApp)Delivering and receiving text messagesPhone numbers, message content, delivery metadata, opt-in records
AnalyticsWebsite traffic measurement (cookieless)Aggregated, anonymized usage metrics
Hosting and CDNWebsite and application hosting, edge deliveryServer logs (IP address, browser info), request metadata
Bot protectionVerifying that form submissions come from peopleBrowser signals used for the verification challenge (IP address, browser characteristics); the provider also uses these signals to improve its own bot detection, under its own terms

We protect our forms from bots with Cloudflare Turnstile. The details live in the Turnstile Privacy Addendum, which you acknowledge by using our forms.

A current list of our other sub-processors is available on request at privacy@bullwhip.so. We may update our providers from time to time.

7. Cookies

Session cookies keep you signed in to the application; the service doesn't work without them. That's the whole list. This website sets no analytics cookies and shows no cookie banner because there is nothing to consent to.

8. Your rights

Depending on where you live, state privacy law may give you the right to know what we've collected about you, to delete it (subject to legal exceptions), to correct it, and to opt out of sharing. We will never treat you worse for exercising any of these. They apply whether we collected your information from you directly or because a workspace designated you as a contact.

To exercise them, email privacy@bullwhip.so, yourself or through an authorized agent; if an agent writes, we verify with you directly before acting. We verify your identity and respond within 45 days. If we decline, we explain why and how to appeal, where applicable.

9. Security and breaches

No system is completely secure, and anyone who promises otherwise is selling something. We implement reasonable safeguards and won't pretend they're absolute. If we confirm a breach involving unauthorized access to personal information that is reasonably likely to cause harm, we notify affected users and regulators as applicable law requires. If you think your account is compromised, write privacy@bullwhip.so.

10. Retention and deletion

We keep personal information only as long as reasonably necessary for the purposes in this policy; the table in Section 2 has the specifics. Residual copies may persist in encrypted backups for a limited period, per our backup rotation. To request deletion, email privacy@bullwhip.so.

11. Where this applies

Bullwhip is a U.S. company serving U.S. customers; we do not direct the service toward individuals outside the United States, and if that changes, this policy changes first. If you visit the site from abroad, analytics and server-log data is processed in the United States. The service is not directed at children under 16 and we do not knowingly collect their information; if you believe we have, contact us.

12. Changes

When we make material changes, we update the effective date and notify affected users by email before the changes take effect. No silent edits. The current version always lives at bullwhip.so/privacy.

If Bullwhip merges with or is acquired by another company, personal information may transfer as part of that transaction. It stays subject to this policy until the policy is changed the way this section describes.

13. Governing law

Disputes arising from this policy are governed by the laws of the State of Washington, United States. Nothing here limits your rights under applicable state consumer privacy laws.