Privacy Policy
Privacy Policy
Last Updated: jan/06/2026
Effective Date: jan/06/2026
Introduction
Welcome to InnerVue ("we," "our," or "us"). We are committed to protecting your privacy and ensuring transparency about how we collect, use, and safeguard your personal information. This Privacy Policy explains our practices regarding data collection, processing, and your rights when using our 360-degree feedback platform.
By using InnerVue, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our service.
1. Information We Collect
1.1 Information You Provide Directly
When you register for and use InnerVue, we collect the following information:
Account Information:
Email address (required)
Full name (required)
Password (encrypted and stored securely)
Phone number (optional)
Age (optional, minimum 16 years)
Gender (optional)
Profile photo (optional)
Assessment Data:
Self-assessment responses (81 questions across 14 Growth Mindset competencies)
Reflection responses (4 narrative text responses)
Assessment completion status and timestamps
Feedback Data:
Names and contact information of people you invite to provide feedback ("Vuers")
Relationship types with Vuers
Vuer assessment responses (collected anonymously)
Narrative feedback provided by Vuers
Communication preferences (SMS/Email consent)
Payment Information:
Payment method details (processed securely through Stripe)
Billing information
Subscription tier and status
Transaction history
Communication Preferences:
Email notification preferences
SMS notification preferences
1.2 Information Collected Automatically
Usage Data:
Page views and navigation patterns
Feature usage statistics
Session duration and frequency
Device information (browser type, operating system)
IP address and general location data
Timestamps of activities
Analytics Data:
User interactions with the platform
Assessment progress and completion rates
Report generation and viewing patterns
Error logs and performance metrics
Cookies and Tracking Technologies:
Authentication cookies (required for service functionality)
Analytics cookies (via PostHog)
Session management cookies
1.3 Information from Third Parties
We may receive information from third-party services you connect to:
Authentication data from Supabase Auth
Payment processing data from Stripe
Email delivery status from SendGrid
SMS delivery status from Twilio
2. How We Use Your Information
2.1 Service Provision
We use your information to:
Create and manage your account
Process and store your assessments and feedback
Generate personalized reports and insights
Enable anonymous feedback collection from Vuers
Process payments and manage subscriptions
Send service-related communications (invites, reminders, updates)
Provide customer support
2.2 AI Processing
We use OpenAI's services to:
Enhance and rephrase narrative feedback to maintain constructive, growth-oriented tone
Generate insights, themes, and summaries from feedback data
Create personalized growth plans
Analyze sentiment and extract key themes
Important: When we process your feedback through AI services:
Feedback is sent to OpenAI for processing
OpenAI's privacy policy applies to data processed by their services
We do not use your data to train OpenAI's general models
Processed data is returned to our systems and stored securely
2.3 Communication
We use your contact information to:
Send assessment invitations to Vuers (via SMS or email)
Send reminder notifications to Vuers who haven't completed assessments
Notify you about report availability and platform updates
Respond to your inquiries and provide support
Send feedback request emails (with your consent)
2.4 Analytics and Improvement
We use aggregated and anonymized data to:
Understand how users interact with the platform
Improve our services and user experience
Identify and fix technical issues
Develop new features and functionality
Conduct research and analysis (on anonymized data only)
2.5 Legal Compliance
We may use your information to:
Comply with applicable laws and regulations
Respond to legal requests and court orders
Protect our rights and prevent fraud
Enforce our Terms of Use
3. How We Share Your Information
3.1 Service Providers
We share information with trusted third-party service providers who assist in operating our platform:
Supabase:
Database hosting and management
Authentication services
Data storage and backup
Stripe:
Payment processing
Subscription management
Customer billing information
SendGrid:
Email delivery services
Email template management
Twilio:
SMS delivery services
Phone number verification
OpenAI:
AI-powered feedback processing and enhancement
Insight generation and analysis
PostHog:
Analytics and user behavior tracking
Product usage insights
These service providers are contractually obligated to:
Use your information only for specified purposes
Maintain appropriate security measures
Comply with applicable privacy laws
Not sell or share your information for their own purposes
3.2 Anonymous Feedback System
Important: When you invite Vuers to provide feedback:
Vuers' responses are collected anonymously
Vuer names and relationship types are visible only to you (the Seeker)
Individual Vuer responses cannot be identified by other Vuers
Aggregated feedback is included in your reports
3.3 Legal Requirements
We may disclose your information if required by law or in response to:
Valid legal process (subpoenas, court orders)
Government requests
Law enforcement investigations
Protection of rights, property, or safety
3.4 Business Transfers
In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity, subject to the same privacy protections.
3.5 With Your Consent
We may share your information in other ways with your explicit consent.
4. Data Security
We implement industry-standard security measures to protect your information:
Technical Safeguards:
Encryption in transit (HTTPS/TLS)
Encryption at rest for sensitive data
Secure authentication and authorization
Row-level security (RLS) in database
Regular security audits and updates
However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.
5. Data Retention
5.1 Active Accounts
We retain your information for as long as your account is active and for a reasonable period thereafter to:
Provide ongoing service
Comply with legal obligations
Resolve disputes
Enforce our agreements
5.2 Deleted Accounts
When you delete your account:
Your account is soft-deleted (marked with a deletion timestamp)
Your authentication credentials are removed
Your personal profile information is retained for legal and operational purposes
Assessment and feedback data may be retained in anonymized form
Payment records are retained as required by law
5.3 Vuer Data
Vuer invite information is retained while your account is active
Completed Vuer responses are retained as part of your assessment data
Incomplete Vuer responses may be deleted after invite expiration (7 days)
5.4 Legal Requirements
We may retain certain information longer if required by:
Applicable laws and regulations
Legal proceedings
Tax and accounting requirements
Fraud prevention
6. Your Rights and Choices
6.1 Access and Correction
You have the right to:
Access your personal information
Correct inaccurate or incomplete information
Update your profile and preferences
View your assessment and feedback data
You can exercise these rights through your account settings or by contacting us.
6.2 Data Portability
You can request a copy of your data in a machine-readable format, including:
Your profile information
Assessment responses
Generated reports
Feedback data
6.3 Deletion
You can request deletion of your account and associated data by:
Using the account deletion feature in settings
Contacting us directly
Note: Some information may be retained as required by law or for legitimate business purposes (e.g., payment records, anonymized analytics).
6.4 Communication Preferences
You can manage your communication preferences:
Email notifications: Update in account settings
SMS notifications: Update in account settings or reply STOP to SMS messages
6.5 Analytics Opt-Out
You can opt-out of analytics tracking, though this may limit certain features. Contact us for assistance with analytics opt-out.
6.6 California Privacy Rights
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):
Right to know what personal information is collected
Right to delete personal information
Right to opt-out of sale of personal information (we do not sell personal information)
Right to non-discrimination for exercising privacy rights
6.7 European Privacy Rights (GDPR)
If you are located in the European Economic Area (EEA), you have additional rights:
Right to access your personal data
Right to rectification of inaccurate data
Right to erasure ("right to be forgotten")
Right to restrict processing
Right to data portability
Right to object to processing
Right to withdraw consent
To exercise these rights, contact us at hello@yourinnervue.com.
7. Children's Privacy
InnerVue is not intended for users under the age of 16. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately. If we learn we have collected information from a child under 16, we will delete that information promptly.
8. International Data Transfers
Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your country. By using InnerVue, you consent to the transfer of your information to:
United States (primary hosting location)
Other countries where our service providers operate
We ensure appropriate safeguards are in place for international transfers, including:
Standard contractual clauses
Adequacy decisions where applicable
Other legally recognized transfer mechanisms
9. Third-Party Links and Services
Our platform may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any information.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect:
Changes in our practices
Legal or regulatory requirements
Service improvements
User feedback
We will notify you of material changes by:
Posting the updated policy on our website
Sending an email notification (for significant changes)
Displaying a notice in the application
The "Last Updated" date at the top indicates when this policy was last revised. Your continued use of InnerVue after changes become effective constitutes acceptance of the updated policy.
11. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Email: hello@yourinnervue.com
We will respond to your inquiry within 30 days.
12. Additional Information
12.1 SMS Consent
By providing your phone number and opting in to SMS notifications, you consent to receive text messages from InnerVue. Message and data rates may apply. You can opt-out at any time by:
Updating your preferences in account settings
Replying STOP to any SMS message
Contacting us directly
12.2 Do Not Track Signals
We do not currently respond to "Do Not Track" signals from browsers. We continue to monitor developments in this area.
By using InnerVue, you acknowledge that you have read and understood this Privacy Policy and agree to the collection, use, and disclosure of your information as described herein.