Pillar
Pillar

Data & privacy

Where your data is stored, what we collect, and how to export or delete it.

Updated · April 2026

Your data is yours. Pillar's job is to make it useful, not to own it. This page explains what we store, where, and what you can do about it.

What we store#

Against your organization, we store:

  • Lists, projects, tasks, notes, outreach campaigns — everything you create in-product.
  • Saved parcel selections and filters.
  • Uploaded files (memos, PDFs, site plans).
  • Agent session transcripts for 90 days.

Against your user account, we store:

  • Profile — name, email, password hash, avatar (optional).
  • Preferences — basemap, dark mode, notification settings.
  • Session tokens for authentication.

We don't store credit card numbers — those live with Stripe.

Where it's stored#

  • Primary database: Supabase (Postgres) in AWS us-east-1.
  • File storage: Supabase Storage plus an S3 backup.
  • Analytics: ClickHouse on Hetzner in Germany (anonymized event data only).
  • Stripe holds billing data.

All data at rest is encrypted. All data in flight is encrypted via TLS 1.2+.

What we don't store#

  • Your contact list from other systems unless you import it.
  • Your phone/email provider credentials.
  • Chat with people outside Pillar.
  • PII beyond what you give us.

Analytics#

We collect anonymized product analytics via PostHog (hosted on our own infrastructure for EU-friendly posture). What we track:

  • Page views (no PII).
  • Feature usage (which filters get used, which actions are taken).
  • Performance (how long things take).

What we don't track:

  • Content of your notes, outreach copy, or agent conversations.
  • Identifiable user behavior without a legitimate product reason.

You can opt out of analytics in Account → Privacy.

Exporting your data#

From Account → Privacy → Export, request a full export. We'll generate a ZIP containing:

  • Every list as CSV.
  • Every project as CSV plus attached notes.
  • Uploaded files.
  • Agent conversation history (last 90 days).

Exports are emailed as a signed download link within 24 hours (usually minutes, longer for very large orgs).

Deleting your data#

Two scopes:

  • Delete a specific artifact — any list, project, file, or session can be deleted from within the app.
  • Delete the entire organization — admins can request org deletion from Account → Privacy → Delete organization. There's a 7-day grace period for recovery; after that, data is permanently purged.

Individual members can delete their user account from Account → Privacy → Delete account. If you're the only admin, you'll need to invite and promote another admin first, or delete the org.

GDPR / CCPA#

If you're a California or EU resident and want to exercise your rights under CCPA or GDPR, email privacy@pillar.codes. We'll handle verified requests within 30 days.