Inspector

Privacy Policy

Policy describing how INSPECTOR collects, uses, discloses, stores, and protects the personal data of users.

Last Updated: March 26, 2026

This Privacy Policy (the “Policy”) describes how INSPECTOR (the “Company,” “we,” “us,” or “our”) collects, uses, discloses, stores, and protects the personal data of users (“you” or the “User”) when using the Service.

1. Information We Collect

We may collect the following categories of personal data:

1.1. Personal Data You Provide

  • Email address, username, and password;
  • Payment information (processed by third parties; we do not store full card details);
  • Profile information (such as avatar and settings);
  • Information provided when contacting support.

1.2. Data Collected Automatically

  • IP address;
  • Device information (such as device type, operating system, browser, and unique identifiers);
  • Usage metadata (such as access times and actions taken in the Service);
  • Logs (including requests, errors, and traces).

1.3. User Content

  • Input: text prompts, instructions, code, images, files, and other materials uploaded to or entered into the Service;
  • Output: content generated by the Service;
  • Projects, saved files, and related data.

1.4. Data from Other Sources

  • Data from payment providers (such as Stripe);
  • Data from analytics tools and third-party services.

2. How We Use Data

We use the data we collect for the following purposes:

  • To provide, maintain, and improve the Service;
  • To process requests and generate Output;
  • To ensure security and prevent abuse or violations of the Acceptable Use Policy;
  • To analyze usage and debug the Service;
  • To personalize the user experience, where applicable;
  • To process payments and subscriptions;
  • To comply with legal obligations and resolve disputes;
  • To communicate with you, including notices and support responses.

2.1. Use of Data to Improve AI Models

By default, we do not use your User Content (including Input, Output, and projects), personal data, or prompts to train, fine-tune, or improve our AI models.

We may use anonymized and aggregated data that cannot identify you for performance analysis, research, and Service improvement.

If we decide in the future to use data for model training, we will provide a clear opt-out mechanism in your account settings and notify you in advance.

2.2. Automated Decision-Making and Profiling

The Service may use automated processes to generate Output, moderate content, and prevent abuse. We do not make automated decisions that have significant legal or similarly significant effects on you without human oversight. You have the right to request an explanation of, or appeal, such decisions.

2.3. Cookies and Similar Technologies

We use cookies, pixels, beacons, and similar technologies for:

  • authentication and session management;
  • usage analytics;
  • personalization;
  • advertising, where applicable.

You can manage cookies through your browser settings or our consent banners where required by law. More details are available in our Cookie Policy, if separately published.

2.4. Payment Data

Payments are processed exclusively through third-party providers, such as Stripe, that comply with PCI DSS standards. We do not store full payment card details.

2.5. Data Security

We implement reasonable technical and organizational measures, including:

  • encryption of data at rest and in transit;
  • access controls;
  • backups;
  • threat monitoring.

However, we cannot guarantee absolute security against cyberattacks, intrusions, or other incidents.

2.6. User Responsibility

You are responsible for:

  • keeping your account credentials secure;
  • not disclosing confidential information in Input;
  • ensuring that uploaded Content complies with applicable laws.

2.7. Data Breaches and Notifications

In the event of an incident affecting your data, we will notify you and any relevant regulators within the timeframes required by applicable law, including U.S. federal and state law, the GDPR, the CCPA, and others where applicable.

2.8. Sharing Data with Third Parties and International Transfers

We may transfer data to:

  • payment providers (such as Stripe);
  • technical contractors and cloud service providers (such as AWS and Google Cloud);
  • AI model providers, where third-party LLMs are used;
  • law enforcement authorities, courts, or regulators where required by law.

Data may be transferred to and processed outside your country, including in the United States. We rely on Standard Contractual Clauses (SCCs), the EU-U.S. Data Privacy Framework, or other lawful mechanisms to ensure appropriate protection.

2.9. Data Retention

We retain data only for as long as necessary for the purposes described in this Policy:

  • Account and profile data: until account deletion plus 30 days;
  • Input, Output, and User Content: until deleted by the user or under our policy, typically up to 90 days after termination of use;
  • Logs and metadata: 90–180 days for security and debugging;
  • Payment transaction records: up to 7 years for tax and legal compliance;
  • Data needed to comply with law or resolve disputes: longer where required.

2.9.1. After account deletion, data is deleted within 30 days, except for backup copies and cases where retention is required by law.

2.10. User Rights

Depending on your jurisdiction, including under the GDPR, CCPA/CPRA, and other U.S. state laws, you may have the right to:

  • access your data;
  • correct inaccurate data;
  • delete data (right to be forgotten);
  • restrict processing;
  • data portability;
  • object to processing;
  • opt out of the sale or sharing of personal data under the CCPA;
  • not be subject to automated decisions with legal effects.

To exercise these rights, please contact us at [our email] or through the form in your account. We will respond within 30–45 days, depending on the applicable law. We may request identity verification.

3. Children’s Privacy

The Service is not intended for individuals under 13 years old, or under 16 in certain jurisdictions. We do not knowingly collect data from children. If you believe a child has provided data, please contact [our email] and we will delete it.

3.1. Third-Party Providers and Subprocessors

We use third-party providers, including:

  • payment systems (such as Stripe);
  • cloud providers (such as AWS);
  • analytics tools;
  • AI model providers, where applicable.

4.1. A current list of subprocessors is available upon request or on our website.

4.1.1. Changes to this Policy

We may update this Policy. Any updated version becomes effective 14 days after it is published on the website and/or communicated by email.

4.1.2. Contact Information

For privacy-related questions, please contact:

  • Email: [our email]
  • For rights requests: [our email]

4.1.3. Data Protection Officer

We will appoint a Data Protection Officer (DPO) where required by law.