8 June 2026Privacy posture
/ privacy

What we collect, where it lives, and how to delete it.

Plain-language summary. No legalese unless we translate it first.

§ 01What we collect

What we collect.

Everything Intelectra records about a visit to this site. Nothing else, anywhere else.

  • An anonymous browser identifier stored in a first-party cookie called intelectra_aid. It is a random UUID minted the first time you load any page. It is strictly necessary: without it the analytics tool cannot tell that two page views in a row come from the same browser. It is not linked to your name, your email, or your account until you give us your email through the signup form, and even then only after you have clicked Allow on the consent banner.
  • Your email address and your answers to the signup questions. Only if you submit the early-access form. The step-2 questions ask about your role, your deployment preference, and which agents matter to you. We use the answers to decide which features to ship next and to send you a single launch email when there is something to show.
  • A two-letter country code derived from your IP address. We compute the country at request time and discard the IP immediately. We store only the two-letter code (for example "FR", "DE", "US"). We never store the IP address itself.
  • A coarse user-agent class, for example "Chrome on macOS" or "Safari on iOS". We do not store the full user-agent string. We use this to know which browsers we need to support.
  • Fourteen kinds of behavioural events. Which pages you viewed, how far you scrolled, which call-to-action links you clicked, which demos you opened, which agents you marked as interesting, which deployment mode you toggled, and whether you opened or completed the signup form. The events are listed exhaustively in our analytics taxonomy. None of them capture the text you type into a form before submitting it.
§ 02What we do not collect

What we do not collect.

Things people reasonably worry about that we have structurally excluded.

  • Your IP address. We see it briefly while processing your request (there is no way to receive an HTTP request on the public internet without seeing it), but we do not log it or store it. We compute the country code from it in memory and then drop it.
  • Third-party tracking cookies. No Google Analytics. No Facebook Pixel. No LinkedIn Insight. No advertising cookies of any kind. The analytics tool we use (OpenPanel) runs on the same server as the website, under the same domain, so the only cookies set in your browser come from us.
  • Advertising identifiers. We do not buy or sell ads, so there are no ad-network identifiers attached to your visit.
  • Browser-fingerprinting signals. We do not read canvas, audio, font lists, installed plugins, screen resolution beyond a coarse mobile/desktop class, or any other signals commonly used to reconstruct a stable identifier without a cookie.
§ 03Where the data lives

Where the data lives.

On servers we operate, in the European Union, with no third-party processor in the middle.

  • Your signup row (email plus step-2 answers) lives in the intelectra-site Postgres database. The database is hosted in the European Union and is encrypted at rest.
  • Your behavioural events (page views, scroll depth, CTA clicks, and so on) live inside OpenPanel, which we run ourselves on the same server. OpenPanel is also in the European Union. We do not send your events to OpenPanel's hosted service or to anyone else.
§ 04How to exercise your rights

How to exercise your rights.

Under GDPR(the EU's General Data Protection Regulation, the rules that govern how we handle your personal data), you can ask us to show you what we have, to delete it, or to fix it. Here is how.

  • Email us at [email protected]. One person reads that inbox. There is no ticketing system, no multi-step form, no captcha.
  • We respond within 30 days. GDPR allows up to one month. In practice we reply within a few business days.
  • To delete your data (right to erasure): say so in the email. We confirm the deletion in writing, by email, once it is done.
  • To see your data (right to access): say so in the email. We reply with an export of every row we have on you, attached as a small file or copied inline.
  • To fix something that is wrong (right to rectification): say so in the email and tell us what the corrected value should be. We update it and reply to confirm.
§ 05Retention

How long we keep things.

Different categories of data have different retention windows.

  • Behavioural events in OpenPanel: 12 months. After 12 months events roll off automatically.
  • Session replays: 30 days. A replay is a pixel-level recording of a visit. We sample a small fraction of consented visits to debug usability issues, and we delete the recordings after 30 days.
  • Signup rows: kept until you ask us to delete them. When you exercise the right to erasure we mark the row as soft-deleted, keep it for a 90-day grace window so we can recover it if you change your mind, and then hard-delete it. After the 90-day window the row is gone for good.
§ 06Third parties

Third parties.

Two service providers touch your data in transit. No others.

  • Cloudflare Turnstile: the invisible captcha that guards the signup form against bots. Cloudflare sees the challenge response and decides whether your request is human-like. Cloudflare's privacy policy is at cloudflare.com/privacypolicy.
  • Resend: the transactional email service that delivers the single launch email we send after signup. Resend sees your email address and the contents of that email. Resend's privacy policy is at resend.com/legal/privacy-policy.

If we ever add a third service that touches your data, we update this page before the integration ships. You can always reach us at [email protected].