Privacy Policy

Last updated April 2026. This policy describes how Mitria Technologies collects, uses, and protects your information.

Information We Collect

  • Account information you provide when registering (name, email, campaign details).
  • Voter and constituent data you upload or sync through integrations (CSV files, CRM data, contact lists).
  • Communication data processed through the platform (inbound/outbound messages, emails, SMS).
  • Usage data including how you interact with the platform, feature usage, and session information.
  • Device and browser information collected automatically for security and performance purposes.

How We Use Your Information

  • To operate and provide the Mitria platform and its features, including message triage, voter intelligence, and communication management.
  • To process and classify inbound and outbound communications on your behalf.
  • To generate analytics, sentiment analysis, and strategic recommendations for your campaign.
  • To improve the platform, fix issues, and develop new features.
  • To communicate with you about your account, updates, and support requests.

Voter Registration Data

  • Voter registration data uploaded to or processed by Mitria is used solely for campaign, election, and voter outreach purposes as authorized by the campaign that owns the data.
  • We do not sell, lease, loan, or otherwise transfer voter registration information to any third party for purposes unrelated to campaign operations.
  • Voter data is processed in compliance with applicable state regulations governing the use of voter registration information, including the California Secretary of State's regulations on access to voter registration information (2 CCR §§ 19000–19010).
  • Voter data is logically segregated by campaign. Users can only access voter data belonging to campaigns they are explicitly authorized to access.
  • We maintain audit records of voter data access, including who accessed or used voter data, when, for which campaign, and for what action. These records are available for review upon request.
  • Campaigns are responsible for ensuring that voter data uploaded to Mitria was lawfully obtained from the source agency and that its use through the platform falls within the approved purposes for which the data was originally obtained.

Data Ownership

  • Your campaign data belongs to you. Voter files, donor records, volunteer lists, and communication histories uploaded or processed through Mitria remain your property.
  • We do not sell, rent, or share your campaign data with third parties for their own purposes.
  • We do not use your campaign data to train general-purpose AI models.
  • You may export or delete your data at any time by contacting us.

Data Sharing

  • We share data with third-party service providers only as necessary to operate the platform (e.g., cloud hosting, SMS delivery, email delivery).
  • All service providers are bound by data processing agreements that limit their use of your data.
  • We may disclose information if required by law, regulation, or valid legal process.
  • We do not share data between campaigns on the platform.

Data Security

  • All data is encrypted in transit (TLS 1.2+) and at rest (AES-256).
  • Access to production systems is restricted using least-privilege access controls and is continuously audited.
  • User authentication is required to access all campaign data. Access is restricted to authenticated users who are explicitly associated with the campaign.
  • User sessions are automatically locked or signed out after no more than 15 minutes of inactivity to prevent unauthorized access from unattended devices.
  • We conduct regular security reviews and vulnerability assessments.
  • Our infrastructure is built on managed cloud services with encryption at every layer.

Data Processing Agreement

  • Mitria is willing to enter into a Data Processing Agreement (DPA) with any customer who requires one. A DPA formalizes our obligations regarding the processing of personal data on your behalf, including data handling, breach notification, sub-processor management, and data deletion.
  • To request a DPA, contact us at privacy@mitria.com.

Secure Data Transfer

  • For uploading sensitive data such as voter files, we support secure transfer methods including encrypted file transfer services (e.g., Dropbox Transfer) and direct upload through the platform over TLS-encrypted connections.
  • We do not recommend transferring sensitive voter data via unencrypted email attachments.

Data Retention

  • We retain your data for the duration of your account plus 90 days after termination to allow for export.
  • After the retention period, data is permanently deleted from our systems.
  • You may request early deletion at any time.

Your Rights

  • Access the personal data we hold about you.
  • Request correction of inaccurate data.
  • Request deletion of your data.
  • Export your data in a machine-readable format.
  • Withdraw consent where processing is based on consent.

Contact

  • For privacy-related inquiries, contact us at privacy@mitria.com or write to: Mitria Technologies, Palo Alto, California.