Privacy Policy
Last updated: March 20, 2026
GovMatrixIQ is operated by DRx Consulting Group LLC.
1. Introduction
GovMatrixIQ ("we," "our," or "us"), operated by DRx Consulting Group LLC, provides a government contracting intelligence platform at app.govmatrixiq.com (the "Platform"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information. By accessing the Platform, you consent to the practices described herein.
2. Information We Collect
2.1 Information You Provide: Name, email, phone, company name, job title, CAGE code, UEI, EIN, SAM.gov registration details, NAICS codes, small business certifications (8(a), HUBZone, SDVOSB, WOSB), pipeline data, capture plans, proposal notes, bid/no-bid decisions, CO contacts, AI prompts, and payment information (processed by Stripe).
2.2 Automatically Collected: Device/browser info, IP address, OS, usage data (pages visited, features used, session duration, search queries), AI token consumption, authentication tokens, session identifiers.
2.3 From Third-Party Sources: SAM.gov entity data, USASpending.gov award records, Federal Register notices, FOIA.gov request data, SBA size standards. All third-party data is publicly available federal records.
3. CUI Prohibition — CRITICAL
Contact compliance@govmatrixiq.com for information on our FedRAMP authorization roadmap.
4. How We Use Your Information
- Provide, operate, and maintain the Platform
- Personalize opportunity matching based on NAICS codes and certifications
- Score contract opportunities against your company profile
- Process payments and manage subscriptions via Stripe
- Send transactional notifications (bid deadlines, registration expiry, system alerts)
- Generate anonymized community intelligence signals (no individual firm identified)
- Maintain audit logs for compliance and security purposes
- Improve Platform performance and user experience
- Comply with legal obligations
5. How We Share Your Information
We do not sell your information. We do not sell, rent, or trade your personal information to third parties for marketing. We share with service providers bound by data processing agreements:
- Supabase — database hosting (US)
- Clerk — authentication (US)
- Stripe — payment processing (US, PCI DSS)
- Anthropic — AI inference via Claude API (US, stateless, zero-retention)
- Render — application hosting (US)
- Resend — transactional email (US)
- Twilio — SMS notifications (US)
AI Data Processing: AI features use Anthropic's Claude API in stateless mode. Prompts are transmitted for inference only and never stored. Anthropic's API policy prohibits using customer data for model training.
6. Data Retention
- Account data: retained during subscription + 90 days post-termination
- AI prompts: not retained (stateless processing)
- Audit logs: 3 years for compliance
- Payment records: per financial regulations (typically 7 years)
- Anonymized analytics: retained indefinitely for improvement
Request data deletion at privacy@govmatrixiq.com. Processed within 30 days, subject to legal retention requirements.
7. Data Security
- TLS 1.2+ encryption in transit
- AES-256 encryption at rest
- Row-Level Security for multi-tenant data isolation
- JWT authentication with short-lived token expiry
- FIDO2/WebAuthn MFA support
- Automated audit logging
- Role-based access controls (least privilege)
- Regular security assessments and dependency auditing
8. Your Rights
All Users: Access, correct, delete, or export your data. Object to processing for specific purposes.
California Residents (CCPA/CPRA): We do not sell personal information. Exercise rights at privacy@govmatrixiq.com.
GDPR: We process data under legitimate interest and consent. Contact dpo@govmatrixiq.com for data protection inquiries.
9. Cookies
See our Cookie Policy for details on cookies and local storage.
10. Children's Privacy
The Platform is not intended for individuals under 18. We do not knowingly collect data from children.
11. International Transfers
All data is processed in the United States. EEA users: we rely on Standard Contractual Clauses.
12. Changes
Material changes require 30 days' email notice. Continued use after notice constitutes acceptance.
13. Google User Data & Limited Use
GovMatrixIQ offers optional companion add-ons for Google Workspace™. If you choose to install and authorize them, they access the following Google™ user data, solely to provide the features you request:
- Gmail™ add-on — reads the content of email messages you open it on, and (only when you take that action) composes draft emails. This lets the add-on identify federal contract opportunities in your inbox, add them to your GovMatrixIQ pipeline, and draft replies. Scopes:
gmail.readonly, Gmail add-on contextual message access, and Gmail compose-draft. - Google Sheets™ add-on — reads and writes the spreadsheet you run it in, so it can export your opportunity pipeline and federal award data into your sheet. Scopes:
spreadsheetsanddrive.file(limited to files you open with the add-on). - Sign-in — your Google™ account email address (
openid,userinfo.email), to verify your identity and link your GovMatrixIQ account.
Limited Use. GovMatrixIQ's use and transfer to any other app of information received from Google™ APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:
- We use Google™ user data only to provide and improve the user-facing features described above.
- We do not transfer or sell Google™ user data to third parties, except as necessary to provide or improve these features, to comply with applicable law, or as part of a merger/acquisition with your notice.
- We do not use Google™ user data for advertising, and we do not use it to train generalized or third-party AI/ML models.
- We do not allow humans to read your Google™ user data unless we obtain your affirmative consent for specific messages, it is necessary for security purposes (such as investigating abuse) or to comply with applicable law, or the data is aggregated and anonymized.
You can revoke GovMatrixIQ's access at any time from your Google™ Account permissions page. Google™, Gmail™, Google Sheets™, and Google Workspace™ are trademarks of Google LLC; GovMatrixIQ is independent and not affiliated with, sponsored by, or endorsed by Google LLC.