Privacy Notice
This Privacy Notice explains what data 95confident collects, why, who we share it with, and what rights you have. We have tried to write it in plain English. The legal terms (controller, processor, etc.) are there for compliance purposes — the substance is what matters.
Who is responsible for your data
Market Your Products, Inc. is the data controller for personal data collected through 95confident. We decide what data is collected and how it is used.
- Address: 1010 Adelaine Ave, South Pasadena, CA 91030, United States
- Contact: privacy@95confident.com (or support@95confident.com)
Stripe, Inc. ("Stripe") is our payment processor. Stripe processes card payments on our behalf and acts as a separate data controller for the payment, billing, and fraud-prevention data needed to run a card transaction. Stripe has its own Privacy Policy.
For users in the European Economic Area, United Kingdom, or Switzerland, you can reach us at the email above. We will appoint an EU/UK representative if and when our user base requires one under GDPR Article 27 / UK GDPR.
What data we collect
1. Account data
When you create an account: your name, email address, password (hashed, we never see the plain text), and account preferences.
2. Subscription and payment data
When you subscribe, Stripe collects your payment details directly through its hosted checkout. We never see your full card number, expiration, or CVV. We receive from Stripe: a transaction ID, the last four digits of your card, your billing country, and subscription status (active / cancelled / past due).
3. Inputs you provide to 95confident
This is the data you type into the question modules — your answers, your business context, anything you put into the prompts. This is the substance of what 95confident does.
4. Reports we generate for you
The AI-generated outputs are stored in your account so you can return to them. You can delete them any time.
5. Usage and technical data
Log data (IP address, browser type, device type, timestamps, pages visited, actions taken inside the app), error reports, and basic analytics events (account created, report generated, subscription cancelled — not the content of reports).
6. Communications
If you email us or use a contact form, we keep that correspondence so we can help you.
Why we collect each category
| Data | Purpose | Legal basis (GDPR/UK GDPR) |
|---|---|---|
| Account data | Create and manage your account, authenticate you, send service emails | Performance of contract |
| Payment data (via Stripe) | Process your subscription, prevent fraud | Performance of contract; legal obligation |
| Your inputs | Generate the reports you asked for | Performance of contract |
| Generated reports | Store your output so you can access it | Performance of contract |
| Usage and technical data | Operate the service, fix bugs, prevent abuse, understand how the product is used | Legitimate interest in running and improving the service |
| Anonymized aggregate data | Improve prompts, evaluate model performance, and analyse session completion patterns and ratings | Legitimate interest; you can opt out (see below) |
| Communications | Respond to you, keep a support history | Legitimate interest |
| Marketing emails | Send you product updates and tips | Consent (opt-in only); you can unsubscribe any time |
If you are not in a jurisdiction with these legal bases, we still only use your data for the purposes listed above.
Who we share data with
We share data only with these categories of recipients, and only as needed:
Stripe (payment processor)
Stripe receives the data needed to process your card payment: name, email, billing address, country, payment method (which they collect directly from you in their hosted checkout), and transaction details. Stripe is a separate controller for that data and uses it for payment processing, fraud prevention, and their own legal obligations. See Stripe's Privacy Policy for full details.
AI model providers
To generate reports, 95confident sends your inputs to large language model providers:
- OpenAI — for some report types
- Anthropic — for some report types
Your inputs are sent through their APIs. Both providers contractually commit (in their API terms) not to use API inputs to train their public foundation models. Your account email is not sent with the inputs — only the question content and any context you provided.
Cloud infrastructure and operations
- SiteGround — WordPress hosting; runs the website and stores associated data.
- Supabase — database; stores account, subscription, and report data.
- Mailchimp — sends transactional emails (account, billing, support) and marketing emails (only if you opted in).
- Google Analytics — measures website traffic and product usage. Google Analytics uses cookies and may build profiles across the broader Google network. We use it in a configuration that anonymizes IP addresses where supported, and you can opt out via our cookie banner or by installing Google's opt-out browser add-on.
These providers act as data processors on our behalf (or, in Google's case, as an independent controller for some purposes per their terms). They process data only on our instructions and, where applicable, under written contracts that meet GDPR Article 28 / UK GDPR requirements.
Legal and safety
We may disclose data if required by law (subpoena, court order, regulatory request) or to protect against fraud, security threats, or harm to ourselves or others. We will push back on overbroad requests and will tell you about a request when legally allowed.
In a business transfer
If Market Your Products, Inc. is sold, merged, or restructured, your data may transfer to the new owner under the same protections as this Notice.
What we will never do with your data
We will not sell, rent, trade, or otherwise share your personal data — including your name, email address, contact information, account details, inputs, or generated reports — with any third party for that party's marketing, advertising, or commercial purposes.
This applies whether the third party would pay us or not. We do not run ads on 95confident, we do not participate in ad networks or data brokers, and we do not allow our processors (the vendors listed above) to use your data for their own marketing.
The only exceptions are the limited disclosures already described in this Notice: vendors who help us run the service under contract, payment processing through Stripe, AI providers who generate the reports you asked for, legal/safety disclosures required by law, and a successor company in the event of a sale or merger (under the same privacy protections).
Cookies and tracking
We use a small number of cookies and similar technologies:
- Essential cookies — required to keep you logged in and to process your purchase. Cannot be disabled.
- Functional cookies — remember your preferences (theme, last module used).
- Analytics cookies — set by Google Analytics to measure traffic and product usage. You can decline these via our cookie banner on first visit, change your preference any time from the site footer, or use Google's opt-out browser add-on.
We do not use third-party advertising cookies, retargeting pixels, or social-media tracking pixels. Stripe's hosted checkout may set its own cookies during the payment flow; those are governed by Stripe's privacy policy.
International data transfers
We are based in the United States. If you are outside the US, your data will be transferred to and processed in the US and other countries where our providers operate.
For transfers from the EEA, UK, or Switzerland, we rely on:
- Standard Contractual Clauses (SCCs) with our processors, where applicable.
- UK Addendum to the SCCs for UK transfers.
- Provider-specific transfer mechanisms where they offer them (e.g., DPF certification).
You can request a copy of our transfer safeguards by emailing privacy@95confident.com.
How long we keep data
- Account data: for the life of your account, plus 90 days after closure (so you can change your mind).
- Inputs and generated reports: for the life of your account, unless you delete them sooner. You can delete reports any time from inside the app.
- Payment and tax records: 7 years (we are required to retain this for tax and audit purposes).
- Anonymized aggregate data: indefinitely (it is no longer personal data once anonymized).
- Marketing email lists: until you unsubscribe, then 30 days for suppression list maintenance.
- Support correspondence: up to 3 years.
We delete data sooner on request, except where law requires us to keep it (e.g., tax records).
Your rights
Depending on where you live, you have some or all of the following rights:
- Access — get a copy of the personal data we hold about you.
- Correction — fix inaccurate data.
- Deletion — delete your account and associated personal data ("right to be forgotten").
- Portability — get your data in a machine-readable format.
- Restriction — limit how we process your data while a question is being resolved.
- Objection — object to processing based on legitimate interest.
- Withdraw consent — for processing based on consent (e.g., marketing emails), at any time.
- Opt out of "sale" or "sharing" — under California's CCPA/CPRA. We do not sell or share personal data for cross-context behavioral advertising, but you have the right to confirm this and the right to limit use of sensitive personal information.
- Non-discrimination — we will not retaliate or charge you more for exercising these rights.
To exercise any right, email privacy@95confident.com. We will respond within 30 days (sometimes extended to 90 days for complex requests, with notice).
If you are unhappy with how we handle your request, you can complain to your local data protection authority. EU users can find theirs at edpb.europa.eu. UK users can complain to the ICO.
Opting out of training-data improvement use
We may use anonymized session metadata — including module used, number of questions answered, session completion status, and optional ratings you submit — to evaluate and improve our prompts and product. We do not collect or store your answer content for this purpose.
If you do not want your data used even in anonymized form for our internal improvement work, email privacy@95confident.com with the subject "Opt out of improvement use." We will exclude your account.
Children
95confident is not for anyone under 18. We do not knowingly collect data from children. If you believe a child has signed up, email privacy@95confident.com and we will delete the account.
Security
We use standard security measures — encryption in transit (HTTPS/TLS), encryption at rest for databases, hashed passwords, access controls, and regular review. No system is perfectly secure, but we take it seriously. If we ever experience a data breach affecting your personal data, we will notify you and the relevant regulators within the timeframes required by law (72 hours for GDPR-covered breaches).
Changes to this notice
We may update this Privacy Notice. Material changes will be emailed to you at least 14 days before they take effect. The "Last updated" date at the top will reflect the latest version.
Contact
Market Your Products, Inc.Attn: Privacy
1010 Adelaine Ave
South Pasadena, CA 91030
United States
Email: privacy@95confident.com
For payment-related privacy questions you can also contact our payment processor, Stripe, via their Privacy Policy.