Data Protection
Last reviewed: April 2026
Encryption
Customer data is encrypted in transit using TLS 1.2 or higher, and at rest using AES-256. Encryption is enabled by default at the database, storage, and authentication layers via Supabase. Encryption keys are managed by Supabase. Customer-managed encryption keys (BYOK / CMEK) are not currently offered.
Data residency
Customer data is stored in the United States, specifically the US-East (Ohio) region. Database content, authentication metadata, and application files are hosted by Supabase and Railway, both running in Ohio. The User Intuition marketing website is hosted by Vercel in the United States. We do not transfer customer data outside the United States.
Retention and deletion
Customer account data is retained for the duration of the relationship and deleted within thirty (30) days of account closure, unless law requires longer retention (for example, in the case of a litigation hold or regulatory subpoena). Customers may request deletion of their data at any time by emailing privacy@userintuition.ai.
Participant transcripts are tied to the customer account lifecycle and follow the same 30-day deletion window. Recordings processed by our voice provider are not retained provider-side, because the integration operates in HIPAA-enabled mode for all User Intuition assistants.
Backups
Continuous point-in-time recovery is provided via Supabase. We perform an annual full-restore drill on production backups to verify restorability, in addition to on-demand restores following any production incident.
Data minimization
User Intuition does not intentionally collect personally identifiable information from research participants. Pre-session notices warn participants against sharing PII; if PII is shared incidentally during a session, it is treated with the same retention and deletion controls as transcript content. We do not collect government-issued identification numbers, financial account numbers, or payment card data — payment processing is handled by Stripe and never touches User Intuition systems.