Understory
LoginGet Started Free

Privacy Policy

Last Updated: October 2, 2025

1. Introduction

Understory Analytics ("we," "us," or "our") operates Understory. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. We are committed to protecting your privacy and ensuring transparency about our data practices.

By using Understory, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Email address, full name, and password when you create an account
  • Payment Information: Payment details processed securely through Stripe (we do not store credit card information)
  • Communications: Information you provide when contacting our support team

2.2 Automatically Collected Information

  • Search History: Queries you perform on our platform, stored indefinitely for product improvement and analytics
  • Usage Data: Pages visited, features used, time spent on the Service
  • Analytics Data: Collected via Vercel Analytics including page views and user behavior patterns
  • Device Information: IP address, browser type, operating system, and device identifiers

2.3 Cookies and Tracking Technologies

We currently do not use cookies for tracking purposes. However, we may use cookies in the future for analytics, user preferences, and partnership tracking with GPOs. If implemented, we will update this policy and provide appropriate notice.

3. How We Use Your Information

We use the collected information for the following purposes:

  • Service Delivery: To provide, maintain, and improve our contract search platform
  • Account Management: To manage your account, subscription, and access to features
  • Product Improvement: To analyze search patterns and user behavior to enhance our Service
  • Customer Support: To respond to your inquiries and provide technical assistance
  • Marketing Communications: To send you updates about new contracts, features, and Service improvements (you may opt out at any time)
  • Analytics: To understand how users interact with our Service and identify areas for improvement
  • Legal Compliance: To comply with legal obligations and enforce our Terms of Service

4. How We Share Your Information

We may share your information with third parties in the following circumstances:

4.1 Service Providers

  • Stripe: Payment processing for Pro subscriptions
  • Supabase: Database and authentication services
  • Vercel: Hosting and analytics services
  • Mailchimp (Future): Email newsletter management (when implemented)

4.2 Legal Requirements

We may disclose your information if required by law, court order, or government regulation, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will provide notice before your information is transferred and becomes subject to a different privacy policy.

We do not sell your personal information to third parties.

5. Data Retention

We retain your information for different periods depending on the type of data:

  • Account Information: Retained while your account is active
  • Search History: Stored indefinitely for product improvement and analytics purposes
  • Payment Records: Retained as required by financial regulations (typically 7 years)
  • Account Deletion: When you delete your account, most personal data is removed within 30 days, except where retention is required for legal or financial compliance purposes

6. Your Privacy Rights

Depending on your location, you may have the following rights:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal information (subject to legal retention requirements)
  • Marketing Opt-Out: Unsubscribe from marketing emails while maintaining your account
  • Objection: Object to certain processing of your personal information

To exercise any of these rights, please contact us at info@understoryanalytics.com.

7. Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit and at rest
  • Secure authentication and access controls
  • Regular security assessments and updates
  • Payment processing through PCI-compliant providers (Stripe)

However, no method of transmission over the Internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

8. International Data Transfers

Our Service is primarily intended for users in the United States and Canada. If you access our Service from outside these regions, your information may be transferred to and processed in the United States. By using our Service, you consent to the transfer of your information to countries that may have different data protection laws than your country of residence.

9. Children's Privacy

Our Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately at info@understoryanalytics.com, and we will take steps to delete such information.

10. Third-Party Links

Our Service may contain links to third-party websites, including supplier websites and GPO platforms. We are not responsible for the privacy practices of these external sites. We encourage you to review the privacy policies of any third-party sites you visit.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of significant changes via email or through a prominent notice on our Service. The "Last Updated" date at the top of this policy indicates when it was last revised.

Your continued use of the Service after changes to this policy constitutes acceptance of the updated terms.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: info@understoryanalytics.com

Company: Understory Analytics

We will respond to your inquiry within a reasonable timeframe.