Privacy Policy
Last updated: January 28, 2026
1. Introduction
Intent AI ("Company," "we," "us," or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, applications, widgets, APIs, and services (collectively, the "Services").
Please read this Privacy Policy carefully. By accessing or using our Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.
2. Information We Collect
2.1 Information You Provide
We collect information you voluntarily provide when using our Services:
- Account Information: Name, email address, password, company name, job title
- Billing Information: Payment card details (processed by LemonSqueezy), billing address
- Profile Information: Avatar image, communication preferences
- Communications: Messages you send us, support tickets, feedback
- Integration Credentials: API tokens for third-party services (Jira, Slack, etc.)
2.2 Customer Feedback Data
As a feedback intelligence platform, we process feedback data submitted by your end users:
- Voice Feedback: Audio recordings and transcriptions
- Text Feedback: Written feedback and comments
- Screenshots: User-submitted images and screen captures
- Contextual Data: Browser type, operating system, page URL, session identifiers
- Device Information: Device type, screen resolution, language settings
Important: You are the data controller for feedback data collected from your end users. We act as a data processor on your behalf. You are responsible for providing appropriate privacy notices to your end users and obtaining necessary consents.
2.3 Automatically Collected Information
When you use our Services, we automatically collect certain information:
- Usage Data: Features used, actions taken, time spent, pages visited
- Device Information: IP address, browser type, operating system, device identifiers
- Log Data: Access times, error logs, referring URLs
- Cookies and Tracking: See our Cookie Policy for details
3. How We Use Your Information
We use the information we collect for the following purposes:
3.1 Service Delivery
- Provide, operate, and maintain our Services
- Process and analyze feedback data using AI technologies
- Generate insights, reports, and recommendations
- Process payments and manage subscriptions
- Enable integrations with third-party services
3.2 Communication
- Send transactional emails (account verification, password reset, invoices)
- Send product updates and feature announcements
- Respond to inquiries and support requests
- Send marketing communications (with your consent)
3.3 Improvement and Analytics
- Analyze usage patterns to improve our Services
- Develop new features and functionality
- Conduct research and analysis
- Monitor and analyze trends and usage
3.4 Security and Legal
- Detect, prevent, and address fraud and security issues
- Enforce our Terms of Service and other policies
- Comply with legal obligations
- Protect our rights and the rights of others
4. Legal Basis for Processing (GDPR)
If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we process your personal data based on the following legal grounds:
- Contract Performance: Processing necessary to provide our Services and fulfill our contractual obligations to you
- Legitimate Interests: Processing for our legitimate business interests, such as improving our Services, marketing, and fraud prevention, where such interests are not overridden by your rights
- Consent: Processing based on your explicit consent, such as for marketing communications
- Legal Obligation: Processing necessary to comply with applicable laws and regulations
5. Information Sharing and Disclosure
We may share your information in the following circumstances:
5.1 Service Providers
We share information with third-party service providers who perform services on our behalf:
| Provider | Purpose | Location |
|---|---|---|
| Neon | Database hosting | US/EU |
| Upstash | Cache and queue management | US/EU |
| Cloudflare | CDN and file storage | Global |
| LemonSqueezy | Payment processing | US |
| Resend | Email delivery | US |
| OpenAI | Speech-to-text processing | US |
| Anthropic | AI analysis | US |
| Railway | Application hosting | US |
| Sentry | Error monitoring | US |
5.2 Third-Party Integrations
When you enable integrations with third-party services (Jira, Slack, etc.), we share necessary data to enable those integrations. These services are governed by their own privacy policies.
5.3 Legal Requirements
We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., court orders, government requests).
5.4 Business Transfers
If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will provide notice before your information is transferred and becomes subject to a different privacy policy.
5.5 With Your Consent
We may share your information for other purposes with your explicit consent.
6. Data Retention
We retain your personal data for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.
- Account Data: Retained while your account is active, plus 30 days after deletion
- Feedback Data: Retained according to your subscription settings, or until you request deletion
- Billing Records: Retained for 7 years for tax and accounting purposes
- Usage Logs: Retained for 90 days for security and debugging
- Marketing Data: Retained until you unsubscribe or request deletion
7. Data Security
We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction:
- Encryption: Data encrypted in transit (TLS 1.2+) and at rest
- Access Controls: Role-based access with principle of least privilege
- Authentication: Strong password requirements, optional OAuth, account lockout
- Monitoring: Security event logging and intrusion detection
- Infrastructure: Secure cloud hosting with regular security updates
- Vendor Security: Due diligence on all third-party service providers
While we strive to protect your personal data, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.
8. International Data Transfers
Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those of your country.
When we transfer personal data from the EEA, UK, or Switzerland to countries that have not been deemed to provide an adequate level of data protection, we use appropriate safeguards such as:
- Standard Contractual Clauses (SCCs) approved by the European Commission
- Data Processing Agreements with our sub-processors
- Supplementary measures where required
9. Your Rights
Depending on your location, you may have certain rights regarding your personal data. For a comprehensive overview of your rights, please visit our Your Rights page.
9.1 GDPR Rights (EEA/UK/Switzerland)
- Access: Request a copy of your personal data
- Rectification: Request correction of inaccurate data
- Erasure: Request deletion of your data ("right to be forgotten")
- Restriction: Request limitation of processing
- Portability: Receive your data in a structured, machine-readable format
- Objection: Object to processing based on legitimate interests
- Withdraw Consent: Withdraw consent at any time where processing is based on consent
9.2 CCPA Rights (California)
- Know: Know what personal information is being collected
- Access: Request access to your personal information
- Delete: Request deletion of your personal information
- Opt-Out: Opt-out of the sale of personal information (we do not sell personal information)
- Non-Discrimination: Not be discriminated against for exercising your rights
Do Not Sell or Share My Personal Information
Intent AI does not sell or share your personal information for cross-context behavioral advertising. We do not engage in selling personal information as defined under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA). If you have any questions or concerns about your data, please contact us at privacy@intentai.com.
To exercise any of these rights, please contact us at privacy@intentai.com. We will respond to your request within 30 days (or as required by law).
10. Children's Privacy
Our Services are not directed to children under the age of 16. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us immediately. If we become aware that we have collected personal information from a child under 16, we will take steps to delete that information.
11. Do Not Track Signals
Some browsers have a "Do Not Track" feature that signals to websites that you do not want to have your online activity tracked. Our Services do not currently respond to Do Not Track signals. However, you can manage your cookie preferences through our cookie consent tool.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. For significant changes, we will also send you an email notification. We encourage you to review this Privacy Policy periodically.
13. Contact Us
If you have any questions about this Privacy Policy or our data practices, please contact us:
Intent AI - Privacy Team
Email: privacy@intentai.com
Address: 548 Market St, PMB 95178, San Francisco, CA 94104-5401, USA
For EEA residents, you have the right to lodge a complaint with your local data protection authority if you believe we have not complied with applicable data protection laws.