Privacy Policy
1. Who we are
Infervo (“Infervo”, “we”, “us”) provides an AI data-analyst product that connects to data sources you authorise and answers questions about them. This policy explains what personal data we process, why, and with whom we share it. It covers staging.infervo.app and infervo.app.
2. What we collect
Account information
When you sign in with Google we receive your name, email address, and profile picture. We do not receive or store your Google password.
Content you provide
- Data-source connection details (e.g. database connection strings). These are encrypted at rest and are used only to run queries you initiate.
- Files you upload to a project’s knowledge base, and the text extracted from them.
- Your questions and messages, and the data returned by your connected sources when the assistant queries them to answer you.
Technical & usage information
Essential session cookies (see Section 5) and basic operational logs (such as timestamps and request metadata) used to run and secure the service.
Product-usage analytics and session replay. We use Amplitude (see Section 4) to understand how the product is used. This includes your identity (name and email), discrete usage events (e.g. sign-in, connecting a data source, uploading a file, running an analysis, downloading a deliverable) with metadata such as file and connector names, network request metadata, and recordings of your in-app sessions — which can include your messages and any data shown on your screen (query results, dashboards).
3. How we use your information
- To provide the service: authenticate you, run your queries, and generate answers and deliverables.
- To operate, secure, debug, and improve the service.
- To communicate with you about your account or the preview.
We do not sell your personal data, and we do not use it for advertising.
4. AI processing & sub-processors
Infervo is built on third-party AI and infrastructure providers. To answer your questions, the relevant context is transmitted to the AI providers below. Do not connect or upload data you are not permitted to share with these providers. Where a provider offers an API tier that does not train on submitted data, we use it.
| Provider | Used for | Data shared |
|---|---|---|
| Sign-in (Google OAuth) | Your name, email, profile picture | |
| OpenRouter | AI gateway routing requests to the language & embedding models below | Your questions, the relevant results from your connected data, and uploaded-file text |
| MiniMax, DeepSeek, Anthropic | Language models that generate the analysis (primary + fallbacks, via OpenRouter) | Same as above |
OpenAI embeddings (text-embedding-3-small, via OpenRouter) | Indexing uploaded files for knowledge search | The text of files you upload |
| DuckDuckGo | Web search, when you or the assistant runs one | The search terms |
| DigitalOcean | Cloud hosting & infrastructure | All data, encrypted at rest |
| Amplitude | Product analytics & session replay (to understand and improve how Infervo is used) | Your name and email (as user identity); product-usage events whose properties include metadata such as file names, connector names, and counts (we do not send your message text, file contents, or query results as event properties); network request metadata (e.g. request URLs); and session recordings of your in-app activity, which can include your messages and any data rendered on screen (query results, dashboards). |
5. Cookies & analytics
Essential cookies — set by our authentication layer to keep you signed in. They are HttpOnly, Secure, and SameSite-scoped.
Product analytics & session replay. We use Amplitude (see Section 4) to understand and improve how Infervo is used. Its SDK stores identifiers in your browser (cookies and/or local storage), associates events with your name and email, captures network request metadata, and records your in-app sessions — which can include your messages and any content shown on your screen. We use this only to operate and improve the product — never for advertising — and we do not sell it. To opt out of analytics and session replay, emailhello@infervo.app.
6. Data retention & deletion
We retain your account data, projects, connectors, uploaded files, and conversations while your account is active. You can request deletion of your account and associated data by emailing hello@infervo.app; we will action it within a reasonable period. (During preview, self-service deletion tooling is still being built.)
7. Your rights
Depending on where you live (e.g. the EU/EEA/UK under GDPR, or California under the CCPA/CPRA), you may have the right to access, correct, delete, export, or restrict the processing of your personal data, and to object to certain processing. To exercise any of these, email hello@infervo.app.
8. Security
Connector credentials are encrypted at rest, database queries run read-only, projects are isolated per tenant, and we authenticate via Google (no passwords stored). More detail is on our Security page.
9. International transfers
The providers in Section 4 may process data in the United States and other countries. By using Infervo you understand your data may be transferred to and processed in those countries.
10. Children
Infervo is not directed to children and is not intended for anyone under 16.
11. Changes to this policy
We may update this policy as the product evolves. Material changes will be reflected by the “last updated” date above and, where appropriate, communicated to you.
12. Contact
Questions about this policy or your data: hello@infervo.app.