Privacy

What we store

When you submit the audit form, we store:

• The ingredient text you pasted (up to 5,000 characters; longer inputs are truncated server-side)
• The category you selected
• The classifier's output: warning Y/N, chemicals cited, confidence, rule(s) that fired
• A SHA-256 hash of your IP address combined with a salt — not the IP itself
• A timestamp

What we do NOT store

• Your raw IP address
• Any cookies (Plausible — our analytics — is cookieless; we use no marketing cookies; no consent banner is required)
• Any fingerprinting tokens
• No Google Analytics, no Meta pixel, no PostHog, no session-replay tools
• An email address — unless you choose to leave one via the follow-up form, in which case we store it alongside the audit ID

Analytics

We use Plausible Analytics (a privacy-friendly, cookieless analytics platform hosted in the EU) to understand how visitors navigate the site — which sections get scrolled, which CTAs get clicked, which FAQs get expanded. Plausible does not use cookies and does not collect any personal data. No identifiable information leaves your browser; we only see aggregate counts + the URL/referrer/UTM tags of each page-view.

Why we store the audit

The 14-day measurement window judges three demand metrics: audit-completion rate, follow-up-email rate, and pricing-interest rate. We need the persisted events to compute those rates. After the window closes, the data is retained only as long as needed to author the post-mortem; raw ingredient text is purged within 60 days.

Where the data lives

A single SQLite file on the backend host (Render free tier). No third-party processors. No data sharing.

How to ask us to delete it

Email privacy@generalamericanintelligence.com with the audit ID from your result (the UUID at the bottom of the result card). We'll delete the row + capture record within 48 hours.

Disclaimer

See /disclaimer for the not-legal-advice language. This is not a substitute for counsel.