Insight EngineBack

Privacy Policy

Last updated · 2026-05-17

This Privacy Policy explains what information Insight Engine ("we") collects, how we use it, and what choices you have.

What we collect

  • Account data. Email address, optional name, password hash, and any linked OAuth account identifiers.
  • Idea content. The idea text you submit, the founder profile data you save, and the reports generated for your account.
  • Usage data. Timestamps for sign-ins, analyses, and account actions, plus your credit balance and transaction history.
  • Payment metadata. Stripe handles card payments. We receive checkout confirmation data such as amount, email, and Stripe session identifiers. We never receive your full card number.

How we use it

  • To run the analysis you requested and show you the result.
  • To bill credits correctly and prevent abuse or fraud.
  • To send account email such as verification or password-reset messages when outbound email is configured for this deployment.
  • We do not sell your data, share it with advertisers, or use your idea content to train our own models.

Third-party processors

To deliver the service, data may pass through these providers:

  • Hosting + database. Application servers and PostgreSQL run on a self-hosted VPS in the European Union.
  • Payments. Stripe handles checkout and stores payment instruments.
  • Research engine.Idea content and founder profile data are sent to Google's generative language APIs so the system can browse the open web and produce a structured report.
  • Transactional email. Email is sent through a third-party provider only when that feature is configured.

What you control

  • Access. Current product surfaces let you review your analyses, founder profile, and credit history inside the app.
  • Export. You can export your current account data from the settings page as JSON, including recent billing history.
  • Deletion. You can permanently delete your account from the settings page. This removes your account data from the live app database, while operational logs may remain temporarily for support, security, or fraud-prevention work.
  • Consent. You can sign out at any time. We do not use third-party analytics, ad cookies, or tracking pixels.

Cookies

We set a first-party session cookie for authentication. We do not set advertising or analytics cookies. Signing out clears the active session, and persistent sessions expire automatically.

Data retention

  • Account data and reports are kept while your account remains active.
  • Operational logs and analysis artifacts are retained only as needed to operate, support, and debug the service, and may be pruned periodically.
  • Payment, ledger, and anti-abuse records may be retained for as long as required for accounting, fraud prevention, or legal obligations.

Where the data lives

Primary application data is stored in the European Union. Some vendors we rely on operate globally, so cross-border transfers can occur under their published terms and transfer mechanisms.

Children

Insight Engine is not directed at children under 16, and we do not knowingly collect personal data from them.

Changes

We may update this policy as the product changes. Material updates may be shown in-product or sent by email when that channel is configured.

Contact

Privacy questions or data requests should be directed to the support form on this site.