Legal

Privacy Policy

Last updated: March 30, 2026

1. Introduction

Prometheus ("Company," "we," "us," or "our") respects your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use Prometheus CI ("Service"). By using the Service, you consent to the practices described in this policy.

2. Information We Collect

Account Information

When you create an account, we collect your name, email address, company name, and billing information. If you sign up via a third-party provider (e.g., Google), we receive your name and email from that provider.

Usage Data

We collect data about how you use the Service, including pages viewed, features used, queries made to Argus, competitors tracked, and interaction patterns. This data helps us improve the Service and provide better recommendations.

Competitor Data

You may input information about your competitors, including company names, websites, and other publicly available data. This data is used solely to provide competitive intelligence services to you.

Technical Data

We automatically collect technical information including your IP address, browser type and version, operating system, referring URLs, and device identifiers. We use cookies and similar technologies for authentication and to remember your preferences.

3. How We Use Your Information

We use your information to:

  • Provide, maintain, and improve the Service
  • Process your transactions and manage your subscription
  • Send you intelligence alerts, digests, and product updates
  • Respond to your inquiries and support requests
  • Analyze usage patterns to improve the product experience
  • Detect, prevent, and address security issues and abuse
  • Comply with legal obligations

We do not sell your personal information or Customer Data. We do not use your Customer Data to train general-purpose AI models.

4. Third-Party Services

We use the following third-party services to operate the Service:

  • Supabase — Database hosting and authentication. Your account data and application data are stored on Supabase's infrastructure.
  • Stripe — Payment processing. Your billing information is handled directly by Stripe; we do not store your full credit card number on our servers.
  • Resend — Email delivery. Used to send intelligence alerts, digest emails, and transactional emails.

Each of these providers has their own privacy policies governing how they handle your data. We encourage you to review their policies.

5. Data Retention

We retain your account information for as long as your account is active. If you cancel your subscription, we retain your data for 90 days in case you decide to return. After 90 days, your data is permanently deleted.

Competitive intelligence data (signals, battlecards, reports) is retained for as long as your account is active. Aggregated and anonymized usage data may be retained indefinitely.

6. Data Security

We implement industry-standard security measures to protect your data, including encryption in transit (TLS) and at rest, access controls, and regular security audits. However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

7. Your Rights (GDPR)

If you are located in the European Economic Area (EEA), you have the following rights regarding your personal data:

  • Access — Request a copy of the personal data we hold about you
  • Rectification — Request correction of inaccurate personal data
  • Erasure — Request deletion of your personal data
  • Portability — Request a copy of your data in a machine-readable format
  • Restriction — Request that we limit processing of your personal data
  • Objection — Object to our processing of your personal data

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

8. Your Rights (CCPA)

If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with the following rights:

  • Right to Know — Request information about the categories and specific pieces of personal information we collect about you
  • Right to Delete — Request deletion of your personal information
  • Right to Opt-Out — We do not sell personal information, so this right does not apply
  • Non-Discrimination — We will not discriminate against you for exercising your privacy rights

To exercise your rights, contact us at [email protected].

9. Cookies

We use essential cookies for authentication and session management. We do not use advertising or tracking cookies. You can control cookie settings through your browser, but disabling essential cookies may affect your ability to use the Service.

10. Children's Privacy

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child, we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on the Service and updating the "Last updated" date. Your continued use of the Service after changes take effect constitutes acceptance of the revised policy.

12. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, contact us at [email protected].