Skip to content
IndexMeAI
Legal · v0.1

Privacy.

What we collect, why we collect it, who we share it with, and how to remove it. Plain English where the law allows.

01

Who we are

IndexMeAI is operated by Prateek Konduru. The product is hosted at indexmeai.com. Questions, deletion requests, or anything else: indexmeai.app@gmail.com.

02

What we collect

  • Scan inputs

    The name, optional role, and optional field you enter into the scan form. We send these to AI providers as part of the calibration prompts.

  • Email address

    If you join the cohort waitlist or subscribe to a paid tier. We use it to email you about the product and (if you paid) to bill you.

  • Payment information

    Card data is collected and stored by our payment processor, a PCI-compliant third party. We never see or store full card numbers.

  • Usage analytics

    Anonymous events (page views, scan starts/completions, share clicks) and basic device info (browser, country) via our privacy-friendly analytics tooling. No personal IDs unless you join the waitlist.

  • Server logs

    Standard request logs (IP, timestamp, path) retained briefly for security and debugging.

03

What we don't collect

  • Browsing outside indexmeai.com

    No cross-site tracking. We don't buy or use third-party data.

  • Sensitive categories

    No race, religion, sexual orientation, biometric, or health data.

  • Children

    We don't knowingly serve users under 18. Don't use IndexMeAI if you're under 18.

04

Who we share with

The minimum set of processors required to run the product, grouped by category. None of them are advertising networks. We'll name the specific providers on request.

AI model providersRunning the readingsYour scan inputs (name, role, field)
Cloud hostingServing the site and logsRequest logs, anonymous page views
Cache + storageTemporary cache + permalink storageScan results keyed by a hash; no identifiable user data
PaymentsProcessing subscriptionsCard data, billing address, email
EmailTransactional + waitlist emailYour email address
AnalyticsProduct analyticsAnonymous events; email if you joined the waitlist
05

Your rights

  • Access / export

    Email us and we'll send everything we have on you within 30 days.

  • Deletion

    Email us with "delete my data" and we delete it within 30 days. Billed payment records are kept where required by law (typically 7 years for accounting).

  • Correction

    Email us and we'll fix anything wrong.

  • Opt out of analytics

    Use browser DNT, an ad-blocker, or email us and we'll exclude your email from analytics.

If you're in the EU/UK, you can also file with your local data-protection authority. We'd rather you talk to us first, we read every email.

06

Cookies

Our analytics provider sets a single first-party cookie to deduplicate visits. That's the only non-essential cookie we set. There are no third-party ad cookies and no cross-site tracking pixels.

07

Retention

  • Free scans

    Cache deleted after 24h. Public permalinks last up to a year (we'll remove one sooner on request).

  • Cohort waitlist email

    Until you ask us to delete or the product shuts down.

  • Paid subscriber records

    Required minimum for tax/accounting (typically 7 years).

  • Analytics events

    Our analytics provider's default retention (currently 7 years; we may shorten).

08

Security

All traffic is HTTPS. Secrets are stored in our host's encrypted environment, not in the codebase. We follow standard least-privilege access internally. We'll tell you in plain English if there's a breach affecting your data within 72 hours of discovery.

09

Changes

If we change this policy materially, we'll email everyone on the cohort waitlist and update the date at the top. Continued use after a material change means you accept it; you can always delete and walk away.