ProductAnalyst.ai

Privacy Policy

Last updated March 2026

This privacy notice for Juttuco OÜ (doing business as Product Analyst AI) ("we," "us," "our") describes how we collect, store, use, and share your information when you use productanalyst.ai and our Slack app ("Services").

Questions? [email protected]

1. What we collect

Information you provide: name, email address, company/workspace info, and analytics event data you connect to the platform (via CSV upload or webhook integration).

Automatically collected: standard server logs — IP address, browser type, usage timestamps.

Slack data: when you install the Slack app, we receive your workspace ID and bot token. We process messages that @mention our bot in order to answer your questions.

2. How we use it

  • Answer natural language questions about your analytics data
  • Deliver alert notifications to your configured Slack channels
  • Maintain and improve the platform
  • Communicate with you about your account

3. PII anonymization

User identifiers (such as email addresses, user IDs, or distinct IDs) are cryptographically hashed on ingestion before being stored in our database. This means raw personally identifiable information (PII) is never persisted in our systems. Hashing is one-way and irreversible — we cannot recover the original identifiers from stored data.

4. AI & LLM data handling

We use Anthropic's API to power AI-driven analysis. The following safeguards apply:

  • Zero data retention: Anthropic operates a zero-retention policy on API requests. Your prompts, analytics context, and AI responses are not stored, logged, or retained by Anthropic after processing.
  • No model training: Anthropic is contractually prohibited from using any customer data to train, improve, or fine-tune AI models.
  • Anonymized context only: Only aggregated and anonymized analytics data is sent to the AI provider. Because PII is hashed on ingestion, raw personal data never reaches the LLM.
  • No cross-customer data sharing: Each customer's data is processed independently. No data is shared between customers.

5. Data isolation

All customer data is isolated using row-level security (RLS) policies at the database level. Each company's data is scoped to their tenant and cannot be accessed by other customers, even in the event of application-level bugs.

6. Who we share it with

Sub-processors used to operate the service (see full sub-processor list for details):

  • Anthropic — AI-powered analysis (zero data retention)
  • Supabase — database and authentication
  • Slack — message delivery and app platform
  • Vercel — application hosting
  • Resend — transactional email
  • Hetzner — infrastructure hosting (EU)

We do not sell, trade, or rent your data to third parties.

7. Retention

We retain your data for as long as your account is active. Upon termination, data is deleted within 30 days, except where law requires otherwise. AI-processed data is ephemeral — Anthropic retains zero data from API requests.

8. Your rights

If you are in the EU, UK, or EEA, you have the right to access, correct, or delete your personal data. US residents may have additional rights under applicable state privacy laws (CCPA and similar). Contact us at [email protected] to exercise any rights.

9. Security

We apply appropriate technical and organizational measures to protect your data, including encryption in transit (TLS) and at rest, PII anonymization on ingestion, company-scoped database isolation, and zero-retention AI processing. For full details, see our Security & Data Privacy page.

10. Data Processing Agreement

We offer a Data Processing Agreement (DPA) for customers who require one. Contact us at [email protected] to request a DPA.

11. Contact

Juttuco OÜ · Veskiposti 2, Kesklinna, 10138 Harju maakond, Estonia · [email protected]

Privacy Policy - Product Analyst AI