InsightGig Privacy Policy

Effective Date: 15th Aug 2025

1. What This Policy Covers

This Privacy Policy applies to:

  • Visitors to our website
  • Users of the InsightGig Operating Layer
  • Trial and beta program participants
  • Clients who upload data to InsightGig
  • Anyone interacting with our services or communications

This Policy does not apply to third-party services or platforms integrated with InsightGig.

2. Information We Collect

a. Account and Profile Information:

  • Email Address and Password
  • Name, Date of Birth, Company Name, Designation, and Department

b. Usage and Log Data:

  • Pages visited, time spent, actions performed within the Operating Layer

c. Uploaded Content and Documents:

  • Any files, transcripts, survey data, or research content you upload
  • Associated metadata (e.g., file names, formats)

d. AI Interaction Data:

  • Prompts, queries, and inputs provided to AI agents
  • Outputs generated by InsightGig (stored within your private workspace)

e. Support and Communication Records:

  • Emails, chat support messages, feedback submissions
3. How We Use Your Data

We use your data to:

  • Provide and maintain the Operating Layer
  • Deliver AI-assisted insight generation
  • Respond to user support requests
  • Improve product performance and reliability
  • Enforce terms and detect abuse
  • Send feature updates, onboarding tips, and feedback requests

We do not use your data to train public AI models. We do not sell or rent your data.
When required to meet the end objective of a task, InsightGig may use web search tools of trusted third-party providers that access trusted, publicly available information. All external sources will be cited wherever web search contributes to the output.

4. Data Ownership and Privacy by Design

We do not sell your personal information to third parties.
– You own all content you upload and the insights generated from it.
– Your workspace is logically and securely segregated from others.
– We do not access your content unless:

  • You give us explicit permission (e.g., support request)
  • We’re required to comply with legal obligations
  • Abuse or security violations are suspected
5. Use of AI Models

InsightGig does not use customer data or outputs to train public, commercial, or third-party AI models. All AI processing is confined to your private workspace or routed securely to trusted providers under strict data processing agreements.

  • InsightGig may leverage third-party LLMs (e.g., OpenAI, Anthropic) to power certain features.
  • Your data is routed securely and governed by both InsightGig and third-party model providers’ terms.
  • We maintain audit trails of agent interactions and model/tool usage through Langfuse tracing for a period of 30 days. Each data region has an individual tracing endpoint deployed in it to ensure adherence to strict data residency. We access the tracing data only when a user faces an issue and requests us to check or troubleshoot the error. Beyond the said time period, all tracing data is permanently deleted.

We do not scrape external websites or use your inputs or outputs to build datasets for any public or commercial model training.

6. Third-Party Integrations

To enhance the functionality of our application and provide you with a more powerful and streamlined experience, we offer integrations with various third-party services. This section outlines how we handle data when you choose to connect your account with these services.

6.1. User-Controlled Integration
Connecting the Operating Layer to a third-party service is entirely optional and initiated by you. Before any data is exchanged, we will explicitly ask for your authorization through the third-party’s consent screen. This screen will detail the specific permissions and data access we are requesting. You are not required to authorize any integration to use our core services.

6.2. Purpose and Data Minimization
We are committed to the principles of Purpose Limitation and Data Minimization. This means we will:

  • Only request access to the data that is strictly necessary for the integration to function as intended.
  • Only use the data obtained from a third party for the specific and explicit purpose of that integration, which will be disclosed to you before you grant consent.

Examples of such purposes include:

  • Authentication: Allowing you to sign in using services like Google, Microsoft or LinkedIn (Single Sign-On).
  • Data Import: Enabling you to import survey responses, contact lists, or datasets from services like CRMs, survey tools (e.g., SurveyMonkey, Typeform), or cloud storage (e.g., Google Drive, OneDrive, Sharepoint, etc).
  • Productivity: Connecting your calendar (e.g., Google Calendar, Outlook Calendar) to schedule meetings or set reminders based on certain activities.

6.3. Strict Prohibitions on Data Use
We want to be unequivocally clear about what we do not do with data obtained through third-party integrations.

Data obtained via these integrations is used exclusively to provide the direct, user-requested functionality. This data is NEVER:

  • Used to develop, improve, or train any generalized or proprietary artificial intelligence (AI) or machine learning (ML) models.
  • Sold, rented, leased, or shared with any unaffiliated third parties for their own marketing or commercial purposes.
  • Used for advertising, ad-targeting, or building user profiles beyond the context of our direct service to you.
  • Analyzed for any purpose unrelated to the specific feature for which you granted consent.

Our access and use of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

6.4. Third-Party Policies
When you authorize an integration, the data held by the third-party service remains governed by their own privacy policies and terms of service. Our privacy policy governs how we handle that data once it is accessed from our end. We encourage you to review the privacy policies of any third-party service before connecting it to your account.

We use Google Workspace APIs strictly to support core platform features: enabling users to sign in using their Google accounts (Google SSO) and allowing them to schedule meetings via Google Calendar. We do not use any data obtained through Google Workspace APIs to develop, improve, or train generalized artificial intelligence (AI) or machine learning (ML) models. All access is limited to providing user-requested functionality and is governed by user consent.

If you connect third-party services (e.g., CRMs, survey tools), their use of data is governed by their privacy policies. We only access third-party data with your authorization.

7. Payments and Financial Information
Payments are processed by third-party payment providers. We do not store your credit or debit card information. All payment data is handled securely by the payment processor and governed by their respective privacy policies. Please refer to their documentation for more information on how your financial data is protected.
8. Data Retention and Deletion

Uploaded data and generated outputs remain in your workspace until you delete them or your account is terminated.

If you choose to delete your account, all associated data will be permanently and irretrievably deleted immediately, with no option for recovery. A clear warning will be displayed to confirm your intent before the deletion is executed.

Please note that residual copies of deleted content may remain in system backups for up to 30 days before being permanently purged.

9. Your Rights

Depending on your jurisdiction, you may have rights to:

  • Access, update, or delete your data
  • Withdraw consent for marketing communications
  • Request data export or portability

To exercise these rights, contact us at [Insert Email].

10. Privacy Request Verification
To safeguard your personal data, we may require you to verify your identity or authorization before fulfilling any request to access, correct, or delete personal information (e.g., via ID or email confirmation). If a request is made on behalf of another individual, we may also require written authorization (e.g., power of attorney) and direct contact with the data subject before proceeding.
11. Children’s Privacy
InsightGig is a solution for working professionals and is not intended for individuals under the age of 18. We do not knowingly collect personal data from children.
12. Data Security

We implement technical and organizational safeguards such as:

  • Encryption at rest and in transit
  • Role-based access control
  • Workspace-level isolation
  • Regular vulnerability assessments and logging
13. International Data Transfers
We do not transfer user data across regions. Users have full control over where their data is stored and can choose to move their data to another region from the provided options themselves through their account.
14. Responsible Use Reminder
Do not enter personal identifiers (e.g., Social Security Numbers, bank account details) or confidential business information into AI prompts or uploads.
15. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. Updates will be posted on this page, and we will notify you via email or notification within the Operating Layer if changes are significant.
16. AI Outputs and Responsibility
InsightGig utilizes generative AI to support research workflows. Outputs are generated based on your inputs and data and are meant for informational use only. We recommend that users review, validate, and exercise professional judgment before relying on AI-generated results for decision-making.
17. Cookies and Tracking
We use cookies and similar technologies to improve functionality, analyze traffic, and personalize content. You may disable cookies in your browser settings, though some features of the Operating Layer may not function as intended.
18. Governing Law and Jurisdiction
The laws of the United States govern this Privacy Policy. Any disputes arising from or relating to this Privacy Policy will be subject to the exclusive jurisdiction of the courts located in Delaware.
19. Contact Us

If you have any questions or concerns about this policy or your data:
Email: hello@insightgig.com
Address: 651 N Broad St, Suite 201, Middletown, New Castle County, DE 19709.