Privacy Policy
Last updated: May 2026
Who we are
AIDR (“we”, “us”, “our”) is a service that provides personalised AI opportunity reports for small and medium-sized businesses. We are operated by [Company Name] (full legal name and registered address to be supplied by legal counsel). Your data is processed on EU-based infrastructure operated by [Company Name].
Full legal text to be supplied by legal counsel.
What data we collect
We collect only the data necessary to deliver your report:
- —Email address — used to send you a magic link to access the service and to deliver your report.
- —Interview answers — your responses to the AI-guided interview, including business description, industry, size, and goals.
- —Payment data — processed directly by Stripe. We do not store card details.
- —Language preference — the language in which you wish to receive your report.
We do not collect location data. We do not use analytics or tracking cookies. We do not place third-party tracking pixels on any interview or report pages.
Full legal text to be supplied by legal counsel.
How we use your data
Your data is used solely to generate and deliver your AI Discovery Report. Specifically:
- —Interview transcript is sent to Anthropic’s API to generate the analysis.
- —Anonymised business category keywords may be sent to Tavily for web research to supplement the analysis.
- —Your email address is used by AgentMail to deliver the report notification.
- —Your email address and payment amount are processed by Stripe to complete the purchase.
Full legal text to be supplied by legal counsel.
Data retention
Your report data (interview answers, generated report, PDF) is retained for 30 days after report delivery, then automatically and permanently deleted on the scheduled deletion date. The deletion date is shown in your dashboard. After deletion, only anonymised aggregate statistics may be retained.
Full legal text to be supplied by legal counsel.
Your rights (GDPR)
If you are located in the European Economic Area, you have the following rights under the General Data Protection Regulation (GDPR):
- —Right of access — request a copy of the data we hold about you.
- —Right to rectification — request correction of inaccurate data.
- —Right to erasure — request deletion of your data. You can trigger this from your dashboard.
- —Right to data portability — export your data via your dashboard.
- —Right to object — object to processing of your personal data.
Full legal text to be supplied by legal counsel.
Sub-processors
We use the following third-party sub-processors:
| Processor | Purpose | Data sent |
|---|---|---|
| Anthropic | LLM processing | Interview transcript + business description |
| Stripe | Payment processing | Email address, payment amount |
| AgentMail | Transactional email | Email address + report notification |
| Tavily | Web research | Anonymised business category keywords only |
All other components (database, file storage, queue, AI model infrastructure, analytics, and observability tooling) are self-hosted on EU-based infrastructure and are not third-party sub-processors.
Full legal text to be supplied by legal counsel.
Contact
For privacy-related requests or questions, contact us at [privacy@yourdomain.com] (to be updated by legal counsel).
Full legal text to be supplied by legal counsel.