Inpromptify
Developers
Book a Demo
[ Privacy Policy ]

Privacy Policy

Effective date: April 20, 2026

1. Introduction

Inpromptify ("we", "us", or "our") operates the Inpromptify platform, an AI literacy assessment and benchmarking service. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website and use our services.

We are committed to protecting your privacy and complying with applicable data protection laws, including the European Union General Data Protection Regulation (GDPR) and the Australian Privacy Act 1988 (Cth), including the Australian Privacy Principles (APPs).

By accessing or using our services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree, please discontinue use of our services immediately.

2. Information We Collect

2.1 Personal Information

When you create an account or use our services, we may collect the following personal information through our platform:

  • Email address
  • Full name
  • Profile picture (if provided via social login)
  • Authentication identifiers

2.2 Assessment Data

When you complete assessments on our platform, we collect:

  • Your responses to assessment questions
  • Assessment scores and results (including your PromptScore)
  • Behavioral signals, including time spent per question, interaction patterns, navigation behavior within assessments, and response revision history
  • Assessment completion status and timestamps

2.3 Technical Data

We automatically collect certain technical information when you access our services:

  • IP address
  • Browser type and version
  • Device type and operating system
  • Referring URL and pages visited
  • Session duration and interaction data
  • Screen resolution and viewport size

3. How We Use Your Information

We use the information we collect for the following purposes:

  • To provide, maintain, and improve our assessment platform and services
  • To create and manage your account and authenticate your identity
  • To calculate your PromptScore and generate assessment results
  • To provide benchmarking data, leaderboard rankings, and comparative analytics
  • To process payments and manage subscriptions
  • To analyze usage patterns and behavioral signals to improve assessment accuracy and platform performance
  • To send transactional communications related to your account or assessments
  • To detect, prevent, and address fraud, abuse, or technical issues
  • To comply with legal obligations and enforce our terms of service

4. Cookies and Tracking

We use cookies and similar tracking technologies to operate and improve our platform.

4.1 Essential Cookies

These cookies are strictly necessary for the operation of our platform. They include session cookies for authentication and cookies required to maintain your preferences and security tokens. These cannot be disabled without impairing core functionality.

4.2 Analytics Cookies (PostHog)

We use PostHog, a product analytics platform, to understand how users interact with our services. PostHog collects information such as pages visited, features used, session replays, and user flows. This data helps us improve the user experience and identify technical issues. PostHog may set cookies to distinguish unique users and sessions.

You can opt out of analytics tracking by adjusting your browser settings to block third-party cookies or by using a browser extension that blocks tracking scripts.

5. Third-Party Services

We rely on trusted third-party service providers to operate our platform. Each provider has access only to the information necessary to perform their specific function:

Stripe — Payments

Handles all payment processing and subscription management. We do not store your credit card details directly. Stripe processes your payment information, billing address, and transaction data in accordance with PCI DSS standards.

Neon — Database

Provides our serverless PostgreSQL database infrastructure. All user data, assessment responses, and scores are stored in Neon-hosted databases. Data is encrypted at rest and in transit.

PostHog — Analytics

Collects anonymized usage analytics, feature interaction data, and session recordings to help us improve the platform experience. PostHog processes technical data and user interaction patterns.

Sentry — Error Tracking

Monitors application errors and performance issues. Sentry may receive technical data such as stack traces, browser information, and limited contextual data when errors occur, to help us diagnose and fix issues quickly.

6. Data Sharing and Disclosure

We do not sell your personal information to third parties. We may share your information only in the following circumstances:

  • Service providers: With the third-party services listed above, strictly for the purposes described.
  • Organizational accounts: If you take an assessment through an employer or organization, your assessment results and scores may be shared with the hiring manager or administrator who invited you, in accordance with the visibility settings configured for that assessment.
  • Public leaderboards: If you opt in or your assessment is configured as public, your name and PromptScore may appear on public leaderboards.
  • Legal requirements: When required by law, regulation, legal process, or governmental request.
  • Business transfers: In connection with a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction.
  • Aggregated data: We may share anonymized, aggregated data that cannot identify you individually for research, benchmarking, or industry reporting purposes.

7. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you with our services. Specifically:

  • Account data: Retained for the lifetime of your account. Upon account deletion, personal information is removed within 30 days.
  • Assessment data: Assessment responses, scores, and behavioral signals are retained for as long as your account exists. Upon deletion request, this data is permanently erased within 30 days.
  • Analytics data:PostHog analytics data is retained in accordance with PostHog's data retention policies and our configured retention periods.
  • Payment records: Transaction records may be retained for up to 7 years to comply with tax and accounting obligations.
  • Error logs: Sentry error logs are retained for up to 90 days.

When data is no longer required, it is securely deleted or anonymized so that it can no longer be associated with you.

8. Your Rights

8.1 Rights Under the GDPR (EEA Residents)

If you are located in the European Economic Area (EEA), you have the following rights under the General Data Protection Regulation:

  • Right of access: Request a copy of the personal data we hold about you.
  • Right to rectification: Request correction of inaccurate or incomplete personal data.
  • Right to erasure: Request deletion of your personal data where there is no compelling reason for continued processing.
  • Right to data portability: Request a machine-readable copy of your personal data to transfer to another service.
  • Right to restrict processing: Request that we limit the processing of your personal data in certain circumstances.
  • Right to object: Object to the processing of your personal data for direct marketing or where processing is based on legitimate interests.
  • Right to withdraw consent: Where processing is based on consent, you may withdraw that consent at any time.

To exercise any of these rights, please contact us at privacy@inpromptify.com. We will respond to your request within 30 days. You also have the right to lodge a complaint with your local data protection supervisory authority.

8.2 Rights Under the Australian Privacy Act

If you are located in Australia, the Australian Privacy Act 1988 and the Australian Privacy Principles (APPs) provide you with the following rights:

  • Access: You may request access to the personal information we hold about you (APP 12).
  • Correction: You may request that we correct any personal information that is inaccurate, out of date, incomplete, irrelevant, or misleading (APP 13).
  • Complaint: If you believe we have breached the APPs, you may lodge a complaint with us or with the Office of the Australian Information Commissioner (OAIC).

8.3 Data Export

All users, regardless of location, may request an export of their personal data, including assessment responses, scores, and account information, in a structured, commonly used, and machine-readable format. To request a data export, email privacy@inpromptify.com.

9. International Data Transfers

Inpromptify is operated from Perth, Western Australia. Our third-party service providers may process and store data in various countries, including the United States and other jurisdictions outside Australia and the EEA.

Where personal data is transferred outside the EEA, we ensure that appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the European Commission, or reliance on the recipient's certification under an approved framework.

For transfers of data from Australia, we take reasonable steps to ensure that overseas recipients handle personal information in accordance with the Australian Privacy Principles, as required under APP 8.

10. Security Measures

We take the security of your personal information seriously and implement appropriate technical and organizational measures to protect it, including:

  • Encryption of data in transit using TLS/SSL
  • Encryption of data at rest in our database infrastructure
  • Secure authentication with encrypted passwords, httpOnly session cookies, and support for multi-factor authentication
  • Regular security reviews and dependency updates
  • Payment processing handled entirely by Stripe, a PCI DSS Level 1 certified provider, ensuring we never directly store credit card information
  • Application error monitoring via Sentry to quickly identify and resolve vulnerabilities
  • Access to production systems restricted to authorized personnel only

While we strive to protect your personal information, no method of transmission over the Internet or electronic storage is completely secure. We cannot guarantee absolute security, but we are committed to continually improving our security practices.

11. Children's Privacy

Our services are not intended for individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have inadvertently collected personal information from a child under 16, we will take steps to delete that information as soon as possible.

If you are a parent or guardian and believe that your child has provided us with personal information, please contact us at privacy@inpromptify.com so that we can take appropriate action.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify you by updating the effective date at the top of this page and, where appropriate, providing additional notice via email or an in-app notification.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

13. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Miles Cass

Inpromptify

Perth, Western Australia

Email: privacy@inpromptify.com

We aim to respond to all privacy-related inquiries within 30 days of receipt.

Inpromptify

AI-powered proficiency assessment platform for modern teams.

Product

  • Features
  • Pricing
  • Blog
  • Suggest a Question

Company

  • About
  • Contact

Account

  • Sign In
  • Sign Up

Legal

  • Terms & Conditions
  • Privacy Policy

© 2026 Inpromptify. All rights reserved.