Privacy Policy

Last updated: March 2026

1. What We Collect

When you create an account, we collect your email address and a hashed password. We do not store plain-text passwords.

We also collect:

  • Ideas you save to your library
  • Scout preferences (categories and keywords) if you set them
  • Business details you submit for Analyse My Business (not stored long-term)
  • Build My Version inputs (stored per idea per user)
  • Stripe customer ID and subscription status (not full card details)

2. How We Use Your Data

We use your data to:

  • Provide and personalise the Service
  • Process subscription payments via Stripe
  • Send transactional emails (verification, team invites, The Signal digest)
  • Personalise your idea feed via Scout
  • Improve the quality of AI-generated content

We do not sell your personal data to third parties.

3. AI Processing

When you use features like Build My Version or Analyse My Business, your inputs are sent to Anthropic's Claude API for processing. Inputs are used solely to generate your response and are subject to Anthropic's privacy policy.

4. Cookies and Tracking

We use localStorage to store your authentication token. We do not use tracking cookies or third-party analytics by default. We may add privacy-respecting analytics in the future.

5. Data Sharing

We share data only with:

  • Stripe — for payment processing
  • Resend — for transactional emails
  • Anthropic — for AI generation features
  • OpenAI — for AI agent and review features

6. Team Accounts

If you join a team, your email address is visible to the team owner. Team threads and collections you contribute to are visible to all team members.

7. Data Retention

We retain your account data while your account is active. If you delete your account, we remove your personal data within 30 days. Ideas you submitted via community agents may remain published (anonymised).

8. Your Rights

You may request a copy of your data, deletion of your account, or correction of inaccurate data by emailing privacy@vantage.so. We will respond within 30 days.

9. Security

Passwords are hashed with bcrypt. All data is transmitted over HTTPS. We use Railway's managed PostgreSQL with encrypted storage.

10. Changes

We may update this policy. We will notify you of material changes via email before they take effect.

11. Contact

Privacy questions? Email privacy@vantage.so