Altiscope AI

Privacy Policy

Last updated: May 31, 2026

1. Who We Are

Altiscope AI ("Altiscope," "we," or "us") operates the institutional public-intelligence platform at altiscope.co. This policy describes what information we collect about you when you use the Service, how we use it, and the choices you have.

2. Information We Collect

We try to collect the minimum information necessary to deliver the Service. Specifically:

Information you provide:

  • Account info: email address, first and last name, and the organization (tenant) name you sign up under.
  • Billing info: we don't see or store your payment card details. Stripe, Inc. processes all payments and holds the card data. We retain a Stripe customer ID, the plan you're on, and billing-period metadata to manage your subscription.
  • Support requests: messages, attachments, and structured fields you submit via the Contact form (including Enterprise inquiries).
  • Preferences: selected industries, email digest frequency, watchlist items.

Information collected automatically:

  • Authentication + security: login timestamps, IP address at login, user agent, and JWT refresh-token metadata (for session management).
  • Service usage: credit consumption per Copilot query, plan-limit enforcement records, watchlist diffs. We'll log API errors and request metadata in our system logs for debugging.
  • Cookies: we use a small set of necessary cookies for authentication (httpOnly session cookies). We do not run advertising or third-party tracking cookies in the Service.

3. How We Use Information

We use the information we collect to:

  • Provide, operate, and improve the Service.
  • Process payments and manage your subscription (via Stripe).
  • Send transactional emails — notification digests, billing confirmations, password resets, inquiry follow-ups — via Resend.
  • Detect, investigate, and prevent abuse, fraud, or violations of our Terms.
  • Comply with legal obligations and enforce our agreements.

We don't sell your personal information. We don't use your data to train third-party AI models without your explicit consent.

4. Information We Share

We share information only with the service providers (sub-processors) we need to run the Service:

  • Stripe (payment processing) — your billing info and customer record.
  • Supabase / Postgres host (managed database) — your account, tenant, and Service data at rest.
  • Render (application hosting) — request handling, including logs that may contain IP, user agent, and email-shaped account identifiers.
  • Resend (transactional email) — recipient email address and message body for outbound mail.
  • Anthropic + OpenAI (AI inference) — the specific text of your Copilot query and the underlying public-record source material we pass into the model. We do not include your personal identifiers in inference payloads beyond what's strictly required.
  • Public-record sources — outbound HTTP requests to SEC EDGAR, USPTO, openFDA, USAspending, Congress.gov, and news APIs. These don't carry your identity.

We may also disclose information if required by law (subpoena, court order, lawful regulatory request) or to protect our or our users' rights, property, or safety.

5. Data Retention

We retain account, billing, and usage data for as long as your account is active and for a reasonable period afterward to satisfy our legal, audit, and dispute-resolution obligations. Authentication logs and IP addresses are typically retained for 90 days. You may request deletion as described in Section 7.

6. Security

We use industry-standard measures to protect your information, including encrypted transport (TLS), encrypted databases at rest, hashed passwords (bcrypt), short-lived JWTs with refresh-token rotation, and least-privilege access controls. No system is perfectly secure; please notify us promptly if you suspect any unauthorized access to your account.

7. Your Choices and Rights

You can:

  • Access and update your account info from your Account page.
  • Control email frequency in your account preferences. Notification emails can be turned off entirely.
  • Cancel your subscription via the Stripe Customer Portal.
  • Request a copy or deletion of your personal information by emailing research@altiscope.co. Deletion may be limited by data we're required to keep for legal or accounting reasons.

If you're in the EU/EEA, UK, or California, you may have additional rights under the GDPR, UK GDPR, or CCPA respectively. Email us to exercise them.

8. International Transfers

The Service is hosted in the United States. If you access it from outside the United States, your information will be transferred to and processed in the United States. By using the Service you consent to this transfer.

9. Children

The Service is for business users and not directed to children under 18. We don't knowingly collect personal information from children.

10. Changes to This Policy

We may update this policy from time to time. We'll post the updated version on this page and update the "Last updated" date. Material changes will be communicated via email or an in-app notice.

11. Contact

Privacy questions or requests? Reach us at research@altiscope.co.