Privacy by design, transparency by default
We collect only what is needed to operate Stonesight, keep workspaces secure, and deliver reliable research outputs.
Our privacy commitments
What we collect
- Workspace account details such as name, work email, and organization
- Research inputs and source links submitted by authorized users
- Operational telemetry used for reliability, security, and performance monitoring
How we use it
- Run research workflows and generate report outputs requested by your team
- Protect accounts through access controls, logging, and abuse detection
- Provide support, billing administration, and service communications
How we share
- With audited subprocessors that provide hosting, identity, and monitoring services
- When required by law or valid legal process
- Never sold to advertisers and never used to train third-party models
Data lifecycle and user controls
Retention and deletion
Workspace data is retained according to your plan and contract settings. Administrators can request deletion, and we provide confirmation once removal workflows are completed.
Access and correction
Authorized users can review and update account information directly in the product. Privacy requests for access, correction, or deletion are handled through our support and legal operations process.
International transfers
Where data crosses jurisdictions, we apply contractual and technical safeguards appropriate to the destination and applicable privacy regulations.
Security alignment
Privacy controls are paired with encryption, least-privilege access, and audit trails. See our Security page for implementation details and governance practices.
Privacy questions?
Contact our team at privacy@stonesight.research for policy requests, data subject rights inquiries, or DPA support.