Privacy

Privacy.

Last updated 5 June 2026 · v1 draft

This policy explains what data Hypothesisly collects, why, and what choices you have. We collect as little as we need to run audits and reply to you — nothing for advertising.

What we collect

Account data — your name, work email, company, and website, provided when you request access or sign up.
Audit data — the URLs you submit, page snapshots and screenshots we capture, and GA4 funnel figures when you connect an account.
Usage data — basic, privacy-respecting analytics about how the app is used, to fix bugs and prioritise work.

How we use it

Account data is used to run your audits, support you, and reply to early-access requests. Audit data is processed to generate hypotheses. We do not sell your data, and we do not add you to a marketing list without you asking.

Processors

We rely on a small set of subprocessors to operate: Supabase (EU-region database and storage), Clerk (authentication), and Anthropic (hypothesis generation, under a contractual zero-retention arrangement). See the security page for specifics.

Retention & deletion

You can export your data at any time. On account deletion, your audits and hypotheses remain exportable for a 30-day window, then are permanently removed.

Your rights

Depending on where you live, you may have rights to access, correct, export, or delete your data. Email hello@hypothesisly.com and we’ll honour valid requests.

This is a plain-English v1 draft, not finished legal advice. Have it reviewed by counsel and tailored to your jurisdiction before launch. Questions: hello@hypothesisly.com.