Privacy Policy

This Privacy Policy describes what information Downstream Lens (“the Service”) collects, how it is used, who it is shared with, and the choices you have regarding it. We aim to collect the minimum information needed to operate the Service.

Account information. When you create an account, our authentication provider (Clerk) collects your email address and any sign-in identifiers you choose (such as a Google account). We receive your user identifier and email from Clerk after you sign in.

Payment information. When you make a purchase, payment details (card number, billing address, etc.) are collected and processed directly by Stripe. We do not see or store your full payment details. We receive only minimal metadata about completed purchases (amount, timestamp, your internal user identifier) to credit your account.

Hypotheses and graphs. The text of any macro hypothesis you submit and the resulting generated graph (including company names, predictions, and metadata) are processed by the Service. If you are signed in, the resulting graph is saved to your account so you can revisit it later.

Usage data. We log aggregated request metadata (endpoint, latency, model used, token counts) for operational and cost-tracking purposes. This data is not tied to your identity in any user-facing analytics.

Cookies. See section 5 below.

Information we do not collect. We do not collect government-issued identifiers, biometric data, location data beyond what is implicit in standard server access logs, or sensitive personal information (e.g., health, race, political affiliation).

We use the information we collect to:

• Provide, operate, and maintain the Service (including authentication, payment processing, and AI graph generation).
• Charge for paid features and prevent fraud and abuse of the free tier.
• Display your saved analyses to you when you are signed in.
• Aggregate operational metrics (volume, cost, latency) to monitor and improve the Service.
• Communicate with you about your account, transactions, and service changes.
• Comply with legal obligations and respond to lawful requests.

We do not sell your personal information. We do not share your information with third parties for advertising or marketing purposes.

The Service relies on the following third-party processors. Each maintains its own privacy practices.

• Clerk — authentication and session management.
• Stripe — payment processing.
• Anthropic — large language model inference (your hypothesis text is sent to Anthropic to generate the graph and to run on-demand agents).
• Vercel — hosting, edge networking, and aggregate web analytics.
• Amazon Web Services — storage of accounts, credits, saved analyses, and quota records (DynamoDB).
• Stooq and Yahoo Finance — third-party stock-quote feeds queried server-side when you view a generated graph. Tickers are sent to these services; no user identifier is sent.

We use a small number of cookies, all set as HttpOnly and Secure where the value is sensitive.

• dl_did — a randomly generated device identifier used to enforce the anonymous free-tier daily limit. One year expiry.
• dl_pt — pay-as-you-go token used to associate an anonymous purchase with your device for the lifetime of the credits. Thirty day expiry.
• Clerk session cookies — set by our authentication provider when you are signed in. Required for the signed-in experience.
• Vercel Analytics — aggregate, anonymized page-view and Web Vitals data. Does not identify individual users.

We retain personal data only as long as needed to operate the Service and meet legal obligations.

• Saved analyses are retained for one (1) year and then automatically deleted.
• Quota and pay-token records are retained based on internal TTLs (anonymous daily quota: forty-eight hours; pay tokens: seven days from issuance; webhook event dedupe: thirty days).
• Account records are retained for as long as your account is active. If you delete your account, we will delete or anonymize associated personal data within thirty days, except where retention is required by law (for example, payment records for tax purposes).
• Aggregate usage and operational metrics are retained for up to ninety (90) days.

Depending on your jurisdiction, you may have the right to:

• Access the personal data we hold about you.
• Request correction of inaccurate data.
• Request deletion of your personal data (subject to legal retention obligations).
• Object to or restrict certain processing.
• Receive a portable copy of your data in a machine-readable format.
• Withdraw consent at any time, where consent is the basis.

To exercise any of these rights, contact support@downstreamlens.com. We will respond within thirty days.

We use industry-standard practices to protect your data, including encryption in transit (HTTPS/TLS), encrypted storage at rest for databases and secrets, signed webhook payloads, and least-privilege access controls. No system is perfectly secure; we cannot guarantee absolute security but we work to reduce risk.

The Service is not directed to children under sixteen (16). We do not knowingly collect personal information from children under sixteen. If you believe a child has provided us with personal information, contact us at the address above and we will delete it.

The Service is operated from the United States. By using the Service from outside the United States, you consent to the transfer, processing, and storage of your information in the United States and other jurisdictions where our service providers operate, which may have data-protection laws different from those in your country.

We may update this Privacy Policy from time to time. The “Last updated” date at the top reflects the most recent revision. Material changes will be communicated through the Service. Continued use after a change constitutes acceptance of the updated Policy.

For privacy questions, requests, or complaints, contact support@downstreamlens.com.