Privacy Policy

Last updated: March 5, 2026

Introduction

At InsightScan, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our market intelligence platform. Please read this policy carefully. If you do not agree with the terms of this privacy policy, please do not access the site.

InsightScan provides AI-powered competitor and market intelligence. This includes analysis of publicly available business data, social media signals, and website content to help you understand your competitive landscape.

Information We Collect

We collect information that you provide directly to us, including:

Account information (name, email address, password)
Business information (company name, industry, location, niche, business size)
Analysis inputs and search queries
Payment information (processed securely through Stripe — we do not store card details)
Competitor base entries and custom list configurations
Communication preferences and customer support inquiries

We also automatically collect certain information when you use our platform:

Device information (IP address, browser type, operating system)
Usage data (pages viewed, features used, analyses run)
Credit transaction history (purchases and analysis deductions)
Analytics and performance data
Cookies and similar tracking technologies

How We Use Your Information

We use the information we collect to:

Provide, maintain, and improve our services
Process your market analysis requests using AI technology
Manage your account, subscription tier, and credit balance
Process payments and send purchase receipts via email
Deliver transactional emails (receipts, auth confirmations, password resets)
Send you updates, feature announcements, and service notifications
Respond to your comments, questions, and customer service requests
Monitor and analyze usage patterns and trends to improve the platform
Detect, prevent, and address technical issues and security threats
Comply with legal obligations and enforce our terms of service

Data Security

We implement industry-standard security measures to protect your personal information:

Encryption of data in transit and at rest using TLS/SSL protocols
JWT-based authentication with Supabase session management
Row-level security (RLS) at the database layer to enforce per-user data isolation
Input validation and auth middleware on all backend API endpoints
User ownership checks enforced on all report and competitor base operations
Secure cloud infrastructure (Supabase PostgreSQL) with automatic backups

However, no method of transmission over the Internet is 100% secure. While we strive to protect your personal information, we cannot guarantee its absolute security.

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience:

Essential Cookies: Required for authentication (Supabase session tokens) and basic platform functionality
Preference Cookies: Remember your settings and display preferences
Analytics Cookies: Help us understand how you use our platform to improve it

You can control cookie preferences through your browser settings. Note that disabling certain cookies may limit your ability to use some features of our platform, including staying signed in.

Third-Party Services

We integrate with trusted third-party services to power our platform:

Anthropic Claude AI: Powers our market analysis, competitor scoring, SWOT generation, and strategic recommendations
Google (Gemini): Secondary AI provider for analysis with automatic failover
OpenAI: Tertiary AI provider with automatic failover
Outscraper (Google Maps API): Provides location-based business discovery data for competitor analysis
Social Media Platforms: LinkedIn, X (Twitter), YouTube, Facebook, and Instagram APIs provide public follower and profile data for competitor enrichment
Supabase: Database, authentication, and serverless edge functions
Stripe: Processes credit package purchases and subscription payments. We never store your full card details.
Resend: Delivers transactional emails including purchase receipts, report delivery, and authentication emails

These third parties have their own privacy policies governing how they handle data. We encourage you to review their policies to understand how they process your information.

Data Shared with Third-Party Services

To provide our services, we share certain data with third parties:

AI Providers (Anthropic, Google, OpenAI): Your analysis inputs (industry, location, niche, business size) are sent to AI providers to generate intelligence. We do not send your personal account details to AI providers.
Stripe: Your email address is shared with Stripe for payment processing. Stripe handles all card data under their PCI-compliant infrastructure.
Resend: Your email address and name are shared to deliver transactional emails you have requested (receipts, auth flows).
Outscraper: Your industry and location inputs are used to query business discovery data.

Data Sharing and Disclosure

We do not sell your personal information. We may share your information only in the following circumstances:

With your consent: When you explicitly agree to share information
Service providers: Third parties who perform services on our behalf (listed above)
Business transfers: In connection with mergers, acquisitions, or asset sales
Legal requirements: When required by law or to protect our rights and safety
Aggregated data: Anonymous, aggregated data for research and product improvement

Your Rights and Choices

You have the following rights regarding your personal information:

Access: Request a copy of your personal data we hold
Correction: Update or correct inaccurate information via account settings
Deletion: Request deletion of your account and associated personal data
Portability: Export your report data in JSON format
Opt-out: Unsubscribe from marketing communications at any time
Objection: Object to certain types of data processing

To exercise these rights, please contact us at privacy@insightscan.io or through your account settings.

Data Retention

We retain your personal information for as long as necessary to provide our services and fulfill the purposes outlined in this privacy policy. Specifically:

Analysis reports and competitor base data are retained until you delete them or close your account
Credit transaction records are retained for billing compliance purposes
When you delete your account, we will delete or anonymize your personal information within 30 days, except where we are required to retain it for legal or compliance purposes

Children's Privacy

Our services are not intended for children under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. We ensure appropriate safeguards are in place, including relying on the data handling standards of our third-party processors (Supabase, Stripe, Resend, Anthropic), each of which maintains appropriate cross-border data transfer safeguards.

Changes to This Privacy Policy

We may update this privacy policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. For significant changes, we may also notify you by email. We encourage you to review this privacy policy periodically.

Contact Us

If you have any questions about this Privacy Policy, please contact us:

Privacy inquiries: privacy@insightscan.io
General support: support@insightscan.io
Contact form: insightscan.io/contact