Who we are
IndexMeAI is operated by Prateek Konduru. The product is hosted at indexmeai.com. Questions, deletion requests, or anything else: indexmeai.app@gmail.com.
What we collect
- Scan inputs
The name, optional role, and optional field you enter into the scan form. We send these to AI providers as part of the calibration prompts.
- Email address
If you join the cohort waitlist or subscribe to a paid tier. We use it to email you about the product and (if you paid) to bill you.
- Payment information
Card data is collected and stored by our payment processor, a PCI-compliant third party. We never see or store full card numbers.
- Usage analytics
Anonymous events (page views, scan starts/completions, share clicks) and basic device info (browser, country) via our privacy-friendly analytics tooling. No personal IDs unless you join the waitlist.
- Server logs
Standard request logs (IP, timestamp, path) retained briefly for security and debugging.
What we don't collect
- Browsing outside indexmeai.com
No cross-site tracking. We don't buy or use third-party data.
- Sensitive categories
No race, religion, sexual orientation, biometric, or health data.
- Children
We don't knowingly serve users under 18. Don't use IndexMeAI if you're under 18.
Who we share with
The minimum set of processors required to run the product, grouped by category. None of them are advertising networks. We'll name the specific providers on request.
Your rights
- Access / export
Email us and we'll send everything we have on you within 30 days.
- Deletion
Email us with "delete my data" and we delete it within 30 days. Billed payment records are kept where required by law (typically 7 years for accounting).
- Correction
Email us and we'll fix anything wrong.
- Opt out of analytics
Use browser DNT, an ad-blocker, or email us and we'll exclude your email from analytics.
If you're in the EU/UK, you can also file with your local data-protection authority. We'd rather you talk to us first, we read every email.
Cookies
Our analytics provider sets a single first-party cookie to deduplicate visits. That's the only non-essential cookie we set. There are no third-party ad cookies and no cross-site tracking pixels.
Retention
- Free scans
Cache deleted after 24h. Public permalinks last up to a year (we'll remove one sooner on request).
- Cohort waitlist email
Until you ask us to delete or the product shuts down.
- Paid subscriber records
Required minimum for tax/accounting (typically 7 years).
- Analytics events
Our analytics provider's default retention (currently 7 years; we may shorten).
Security
All traffic is HTTPS. Secrets are stored in our host's encrypted environment, not in the codebase. We follow standard least-privilege access internally. We'll tell you in plain English if there's a breach affecting your data within 72 hours of discovery.
Changes
If we change this policy materially, we'll email everyone on the cohort waitlist and update the date at the top. Continued use after a material change means you accept it; you can always delete and walk away.