DeepInsight

Privacy Policy

Last updated: 3 June 2026

DeepInsight (“we”, “us”) operates an AI-assisted form intake service. This policy explains what personal information we collect, why we collect it, and how we handle it. It is written to align with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth).

1. Information we collect

We collect information you give us directly when you sign up, create forms, or contact support. We also process data submitted by your customers (“respondents”) via forms you publish on our platform.

  • Account information: your name, email, organisation name, password (hashed).
  • Billing information: processed by Stripe — we do not store full card numbers.
  • Form content: the form fields and AI instructions you create.
  • Respondent submissions: static field answers, AI chat transcripts, structured extractions.
  • Usage data: device, browser, IP (hashed), pages viewed.

2. How we use information

We use this information to:

  • Operate, maintain, and improve the service.
  • Process payments and prevent fraud.
  • Provide customer support.
  • Comply with legal obligations.

3. AI processing

Form responses are sent to our AI processing partner (Anthropic, PBC) to run the adaptive follow-up interview and produce structured summaries. Our AI partner does not train its models on data submitted via its commercial API. We do not sell respondent data to any third party.

4. Data storage and location

Your data is stored in AWS (Sydney region) via our database provider. Each customer organisation's data is isolated at the database row level and protected by row-level security.

5. Sharing

We share information only with service providers necessary to run the platform (database hosting, payments, email, AI processing) and where required by law. We do not sell your or your respondents' data.

6. Retention

Form submissions are retained for as long as your account is active or as specified by the retention setting you configure on each form. You may delete submissions at any time from your dashboard. We delete inactive free-tier accounts after 24 months of inactivity.

7. Your rights

Under Australian privacy law, you may request access to, correction of, or deletion of your personal information. Email us at the address below to make a request. We will respond within a reasonable timeframe (typically 30 days).

8. Security

We use TLS in transit, encryption at rest, and isolated multi-tenant architecture. No system is perfectly secure — if a notifiable data breach occurs we will follow the OAIC scheme and notify affected users.

9. Children

The service is not intended for children under 16. We do not knowingly collect data from children.

10. Changes

We may update this policy from time to time. Material changes will be communicated by email to account holders.

11. Contact

Privacy enquiries: privacy@deepinsight.app. Complaints unresolved through us may be referred to the Office of the Australian Information Commissioner (oaic.gov.au).