Privacy Policy

When you use Prism, we collect information you voluntarily submit through the assessment: your name, email address, and company details.

We collect usage analytics through PostHog to understand how people interact with the assessment and improve the experience. This includes page views, feature usage, and general navigation patterns.

We do not store passwords. Authentication is handled via email-based access only.

Your submitted information is used to generate your AI Readiness Report and benchmark your organization against industry data.

We use aggregated, anonymized data to improve our assessment methodology and industry benchmarks over time.

If you request a copy of your report via email, we use your email address to deliver it. We do not send unsolicited marketing emails.

Your data is stored on Supabase, a managed Postgres database with encryption at rest. Our application is hosted on Vercel.

IP addresses captured for analytics purposes are HMAC-hashed before storage — we cannot reverse them to identify individuals.

We use row-level security policies on our database to ensure data is only accessible to authorized service roles.

We use PostHog for product analytics. PostHog helps us understand how the assessment is being used so we can improve it.

We do not sell personal data to third parties. Analytics data is used solely for internal product improvement purposes.

You can opt out of analytics tracking by enabling Do Not Track in your browser or contacting us directly.

You have the right to request deletion of your data at any time. Contact us at privacy@provectia.com and we will remove your records within 30 days.

You may opt out of analytics at any time without affecting your ability to use the assessment.

You may request an export of your data in a machine-readable format by contacting us.

We use the following third-party services to operate Prism:

• Supabase — database and storage

• Vercel — application hosting and edge functions

• PostHog — product analytics

• Stripe — payment processing for paid tiers

• Resend — transactional email delivery

Each provider operates under their own privacy policy and data processing agreements.

For privacy-related inquiries, data deletion requests, or questions about how your data is handled, please contact us at:

privacy@provectia.com

Note: This privacy policy is a working draft and should be reviewed by qualified legal counsel before being treated as a binding legal document.