Privacy Policy

1. Overview & scope

This policy applies to all inscinstech.ai web properties (inscinstech.ai, inscinstech.cn), the console at console.inscinstech.ai, and all four product agents (InBeacon · InPrism · InAnvil · InForge).

Where this policy conflicts with a signed Master Service Agreement (MSA) or Data Processing Addendum (DPA), the negotiated agreement controls.

2. Data we collect

Account data — name, work email, company, role, billing contact.

Usage data — Agent queries, sessions, generated outputs, audit log entries.

Uploaded data — PDFs, sequences, process records, and any other artifacts the customer chooses to upload.

Telemetry — IP address, user-agent, page-load metrics, error reports (Sentry).

3. How we use data

To provide the service, route inference to the appropriate region, and bill correctly.

To investigate security incidents and respond to abuse reports.

For aggregate analytics on platform usage — anonymized, never tied back to individuals.

We do not use customer-uploaded data to train shared models. Period.

4. Sharing & sub-processors

Sub-processors are listed at /security#subprocessors and include AWS, Alibaba Cloud, Anthropic, DeepSeek, Cloudflare, Stripe, and Sentry. Every sub-processor has a DPA in place.

LLM inference calls are sent under zero-retention contracts. Vendor LLMs do not retain or train on customer prompts.

5. Retention & deletion

Account and billing data: 7 years after account termination (tax / GxP requirements).

Agent outputs and audit logs: 7 years for Enterprise (GxP-ready), 90 days for Free / Pro, 1 year for Team.

Customer-uploaded data: deleted within 30 days of account termination unless retention is required for legal compliance.

6. Your rights (PIPL · GDPR · CCPA)

Access — request a copy of your personal data.

Correction — request correction of inaccurate data.

Deletion — request deletion (subject to retention obligations above).

Portability — export your data in machine-readable format.

Object — object to certain processing.

To exercise any of these rights, contact legal@inscinstech.ai. We respond within 30 days.

7. International transfers

CN data stays in China (Alibaba Cloud Shanghai). EU data stays in the EU (AWS Frankfurt). APAC data stays in APAC (AWS Tokyo). US data is processed in AWS US-East / US-West.

Cross-region replication is opt-in per workspace and uses Standard Contractual Clauses (SCCs) for EU → non-EU transfers and CN PIPL transfer mechanisms for CN → outside CN.

8. Security

Encryption at rest (AES-256) and in transit (TLS 1.3). Per-tenant KMS keys are available on Enterprise.

For the full security architecture see /security.

9. Contact

For privacy questions or to exercise rights, email legal@inscinstech.ai. We acknowledge within 1 business day.