Privacy Notice

How Data Insight Out handles personal data.

This notice explains what personal data Data Insight Out collects, why we use it, how long we keep it, and the choices available to people who use the service. It is designed as a practical baseline notice for our live product and should be read together with any customer contract, data processing agreement, or enterprise order form that applies to your workspace.

Last updated April 26, 2026

Who we are

Data Insight Out is a web application for building scroll-based data stories, dashboards, and published reports. If you have questions about this notice or need help with a privacy request, contact support@datainsightout.com.

Where a customer organization uploads business datasets and invites its own users, that organization may also act as a controller for the data it places in the platform.

What we collect

Account data such as name, email address, authentication identifiers, and workspace membership.
Workspace content such as projects, uploaded datasets, report configurations, theme assets, comments, and feedback you submit.
Billing data such as workspace subscription status, Stripe customer or subscription references, and related transaction metadata.
Technical and security data such as session identifiers, log events, IP-derived request data, browser metadata, and abuse-prevention signals.

Why we use personal data

To create accounts, authenticate users, and keep workspaces secure.
To store, render, publish, and share the stories, dashboards, and uploaded files you choose to place in the service.
To provide billing, subscription management, support, and service communications.
To monitor reliability, investigate incidents, prevent abuse, and improve the product.
To provide optional AI-assisted story drafting and related productivity features when you choose to use them.

Legal bases

We generally rely on one or more of these legal bases, depending on the feature being used: performance of a contract, legitimate interests in operating and securing the service, compliance with legal obligations, and consent where consent is specifically required.

If a customer workspace uploads third-party data, that customer is responsible for ensuring an appropriate legal basis exists for that processing.

How data is shared

We share data only where needed to run the service, complete a payment, or comply with law. Our core service providers currently include hosting and delivery providers, cloud infrastructure providers, authentication and database providers, and payment processors.

Examples of current providers

Vercel for frontend hosting and delivery.
Google Cloud Run and related Google Cloud services for backend infrastructure.
Supabase for authentication, database, and file storage services.
Stripe for billing, checkout, and subscription management.
Google Gemini or other configured AI providers when you actively use AI generation features.

We may also disclose information where required by law, to enforce our terms, or to protect the rights, safety, and security of our users and the service.

International transfers

Some providers process data in more than one country. Where personal data is transferred internationally, we aim to use appropriate safeguards such as contractual protections, regional hosting choices, and provider commitments that support lawful transfers.

Retention

Account and workspace data is generally kept while the account or workspace remains active, plus a reasonable backup and recovery period.
Uploaded datasets and project content stay in the service until you delete them or request account/workspace deletion, unless we need to retain them longer for security or legal reasons.
Billing and financial records may be retained for longer periods where accounting, tax, fraud-prevention, or legal obligations require it.
Operational logs are retained for shorter periods and rotated according to security and reliability needs.

Your rights

Depending on where you live, you may have rights to access, correct, delete, restrict, object to, or export personal data, and to lodge a complaint with a supervisory authority. You can request help by emailing support@datainsightout.com.

If you belong to a customer workspace, some requests may need to be handled with that workspace owner because they control the data placed into the platform.

Security and children

We use administrative, technical, and organizational safeguards designed to protect the service and the data placed into it, including access controls, session management, transport security, and monitoring. No system can promise absolute security, so customers should avoid uploading data they are not comfortable handling in a cloud workflow unless they have completed their own review.

Data Insight Out is intended for professional or business use and is not designed for children under 16. If you believe a child has provided personal data to the service, contact us so we can investigate and take appropriate action.