Fintel AnalyticsFintel Insight by Fintel AnalyticsGet your Fintel Insight report →

Privacy Policy

Last updated: June 2026  ·  Effective immediately

1. Who we are

Fintel Insight is a product of Fintel Analytics. References to "we", "us", or "our" in this policy refer to Fintel Analytics. Our contact address is info@fintel-analytics.com.

2. What data we collect and why

Email address

We collect your email address at the start of the audit flow. It is used solely to deliver your PDF report. We do not use it for marketing, and we do not share it with third parties except as required to send the report (via our transactional email provider).

Database credentials

When you connect a cloud warehouse (BigQuery, Snowflake, Redshift, MotherDuck, or Supabase), you provide read-only credentials. These credentials are:

  • Encrypted at rest using AES-256 before being stored in our session database.
  • Used only to collect schema metadata (table names, column names, row counts, query patterns). We never read, copy, or transmit your actual data rows.
  • Permanently and irrecoverably deleted immediately after the audit completes or fails — typically within 10 minutes of submission.

Schema metadata

We collect structural information about your data infrastructure: table names, column names, data types, row counts, query patterns, and GitHub file contents (SQL, dbt YAML). This metadata — never raw data values — is sent to AI providers for analysis (see section 4). It is not retained after the audit report is generated.

Payment information

Payments are processed by Stripe. We never see or store your card number, CVV, or billing details. Stripe provides us only with a payment confirmation and your email address. Stripe's own privacy policy governs their handling of your payment data.

Session data

An anonymous session ID is stored in your browser's sessionStorage (not a cookie, not localStorage) for the duration of your audit session. It is used to track the progress of your audit and is not linked to any personal profile.

3. Legal basis for processing (GDPR)

Where the GDPR applies, we process your personal data on the following bases:

  • Contract performance — processing your email and credentials is necessary to deliver the audit report you purchased.
  • Legitimate interests — maintaining session state and preventing abuse of the service.

4. AI sub-processors

Your schema metadata is analysed by the following AI providers. They receive structural metadata only — table names, column names, query patterns, and code from your connected GitHub repository. They do not receive raw data values, credentials, or personal data about your customers.

If you have concerns about data leaving your jurisdiction, please contact us before purchasing.

5. Infrastructure sub-processors

  • Stripe — payment processing (USA)
  • Supabase — session and audit state storage (AWS, various regions)
  • Render — backend API hosting (USA)
  • Vercel — frontend hosting (USA / edge)

6. Data retention

  • Credentials: deleted immediately after the audit completes or fails.
  • Schema metadata: not retained after the report is generated.
  • Email address: retained for report delivery only. Not added to any mailing list.
  • Session records: retained for up to 30 days for support purposes, then purged.
  • Payment records: retained by Stripe per their legal obligations.

7. Your rights

Under GDPR and applicable data protection law, you have the right to access, correct, or request deletion of your personal data. Given the transient nature of our processing, most personal data is already deleted by the time you would exercise these rights. To exercise any right, email info@fintel-analytics.com and we will respond within 30 days.

8. Security

Credentials are encrypted at rest using AES-256 and transmitted over TLS. Access to credential storage is restricted to the backend service role only. We follow the principle of least privilege throughout. If you discover a security issue, please disclose it responsibly to info@fintel-analytics.com.

9. Changes to this policy

We may update this policy from time to time. Material changes will be reflected in an updated "Last updated" date at the top. Continued use of the service after changes constitutes acceptance of the updated policy.

10. Contact

Questions about this policy: info@fintel-analytics.com