Privacy Policy

This Privacy Policy applies to BadgerSignal (the GuruBoxAI product website, API, and related analysis services). It explains how we collect, use, store, and share data when you use AI Product Insight.

Account data: when you sign in with Google, we receive profile information such as your name, email address, avatar, and account identifier through Supabase authentication.

Product and report data: we store your input direction, task status, generated summary, opportunity records, and export history so you can view and manage analysis results.

Integration data: if you connect Google Docs export, we store Google OAuth tokens (access token, optional refresh token, expiry time, and scope) to create documents in your own Google Drive.

Operational data: we process logs, technical diagnostics, cookies/session identifiers, security events, and product analytics needed to run and protect the service.

We use data to authenticate users, queue and run analysis tasks, generate opportunity reports, show account history, export PDF/Google Docs files, detect abuse, and improve reliability.

We do not sell personal information to third parties.

To produce analysis results, your input and intermediate prompts may be processed by configured AI providers, including OpenAI, Anthropic, and/or Alibaba DashScope (Qwen), depending on runtime model settings.

AI outputs can be inaccurate, incomplete, or outdated. You should independently evaluate important decisions.

Our current technical stack includes Next.js services, Supabase (authentication and database), Redis/BullMQ (task queue), Google APIs (optional Docs export), Sentry (error monitoring), and Vercel Analytics (product analytics).

These providers may process data under their own terms and privacy notices.

Account and report records are retained while your account is active, unless deletion is requested or required by law.

When you delete a report in the product, it is soft-deleted from normal views. Related data may remain for a limited period in operational logs, caches, or backups before final removal.

We apply reasonable technical and organizational measures, including access controls, row-level security policies in Supabase, transport encryption, secret management, and security monitoring.

No method of storage or transmission is fully secure, and we cannot guarantee absolute security.

You can manage language preferences and report deletion in product features, and you may request access, correction, export, or deletion of your personal data by contacting us.

If you enabled Google Docs export, you can revoke app access in your Google account settings at any time.

Because our providers may operate in multiple countries, your data may be processed outside your location.

We may update this policy from time to time. Material changes will be reflected by updating the date above.

Privacy questions: [email protected]