Panoptic ("we," "our," or "us") operates the competitive intelligence platform at panoptic.so (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.
We are committed to protecting your privacy and handling your data in an open and transparent manner. This policy complies with the General Data Protection Regulation (GDPR) for users in the European Union and the California Consumer Privacy Act (CCPA) for California residents.
By using our Service, you agree to the collection and use of information in accordance with this policy.
2. Information We Collect
2.1 Information You Provide
Account Information: Email address, name, and profile information when you create an account
Payment Information: Billing details processed securely through our payment provider (Stripe). We do not store your full credit card number.
Company Data: Information about competitors you choose to track, including company names, domains, and monitoring preferences
Communications: Information you provide when contacting our support team
2.2 Information Collected Automatically
Usage Data: Features used, pages visited, actions taken within the Service
Log Data: IP address, access times, referring URLs
Cookies: See our Cookies section below for details
2.3 Information from Third-Party Integrations
If you connect third-party services to your account, we may receive information from those services as authorized by you.
3. How We Use Your Information
We use the information we collect for the following purposes:
Provide the Service: To operate, maintain, and improve our competitive intelligence platform
Process Payments: To process subscriptions and billing
Communications: To send service-related notifications, updates, and marketing (with your consent)
Analytics: To understand how users interact with our Service and improve user experience
Security: To detect, prevent, and address technical issues and security threats
Legal Compliance: To comply with legal obligations and enforce our terms
Legal Basis for Processing (GDPR)
We process your data based on:
Contract: Processing necessary to provide the Service you requested
Legitimate Interest: Analytics, security, and service improvement
Consent: Marketing communications (you can withdraw anytime)
Legal Obligation: Compliance with applicable laws
4. How We Share Your Information
We do not sell your personal information. We share your information only with service providers who help us operate the Service:
Provider
Purpose
Data Shared
Clerk
Authentication & user management
Email, name, profile
Supabase
Database & data storage
Account data, usage data
Stripe
Payment processing
Billing information
Vercel
Hosting & infrastructure
Request logs, IP addresses
Inngest
Background job processing
Job metadata
Resend
Email delivery
Email address, email content
Sentry
Error tracking
Error logs, device info
Anthropic
AI processing
Anonymized content for analysis
Apify
Web data collection
Public URLs to scrape
We may also share information:
To comply with legal obligations or valid legal processes
To protect our rights, privacy, safety, or property
In connection with a merger, acquisition, or sale of assets (with notice to you)
5. Data Retention
We retain your information for as long as necessary to provide the Service and fulfill the purposes described in this policy:
Account Data: Retained while your account is active, deleted within 30 days of account deletion
Usage Data: Retained for up to 24 months for analytics purposes
Payment Records: Retained for 7 years as required by tax and accounting laws
Support Communications: Retained for up to 3 years
6. Your Rights
6.1 Rights for All Users
Access: Request a copy of your personal data
Correction: Request correction of inaccurate data
Deletion: Request deletion of your personal data
Export: Request your data in a portable format
6.2 Additional Rights for EU Residents (GDPR)
Restrict Processing: Request limitation of processing in certain circumstances
Object: Object to processing based on legitimate interests
Withdraw Consent: Withdraw consent at any time where processing is based on consent
Lodge Complaint: File a complaint with your local data protection authority
6.3 California Residents (CCPA)
California residents have the following rights:
Right to Know: Request disclosure of personal information collected, used, and shared
Right to Delete: Request deletion of personal information
Right to Non-Discrimination: We will not discriminate against you for exercising your rights
We do not sell personal information. Therefore, we do not offer an opt-out of sale.
6.4 How to Exercise Your Rights
To exercise any of these rights, please contact us at privacy@panoptic.so. We will respond within 30 days (or as required by applicable law).
7. International Data Transfers
Your information may be transferred to and processed in countries other than your own, including the United States. These countries may have different data protection laws.
When we transfer data from the EU/EEA, we use appropriate safeguards such as Standard Contractual Clauses approved by the European Commission to ensure your data is protected.
8. Cookies and Tracking Technologies
We use cookies and similar technologies to:
Essential Cookies: Required for the Service to function (authentication, security)
Analytics Cookies: Help us understand how you use the Service
Preference Cookies: Remember your settings and preferences
You can control cookies through your browser settings. Note that disabling certain cookies may affect the functionality of the Service.
9. Security
We implement appropriate technical and organizational measures to protect your data, including:
Encryption of data in transit (TLS/SSL) and at rest
Regular security assessments and monitoring
Access controls and authentication requirements
Secure data storage with reputable cloud providers
While we strive to protect your information, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.
10. Children's Privacy
Our Service is not intended for individuals under the age of 16. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately at privacy@panoptic.so.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. For significant changes, we will provide additional notice (such as email notification). Your continued use of the Service after changes constitutes acceptance of the updated policy.
12. Contact Us
If you have questions about this Privacy Policy or our data practices, please contact us: