Privacy Policy
Last updated: July 11, 2026
Forum Atlas, Inc., a Delaware corporation (“Forum Atlas,” “we,” “us”). This Privacy Policy explains what information we collect when you use the Forum Atlas platform, website, and APIs (the “Platform”), how we use it, and your choices. It is incorporated into our Terms & Conditions.
1. Scope
This policy covers personal information about users of the Platform (account holders, invitees, and visitors). It does not govern the public-source information the Platform ingests and analyzes, which is drawn from publicly available records and is addressed in Section 8.
2. Information we collect
Account information (email, name, organization), usage analytics (page views, query logs — PII-scrubbed), workspace data (saved searches, watchlists, brief preferences), billing information (managed by Stripe; we never store card details). For Enterprise customer-data-ingestion tier, your private corpus is stored in an isolated per-workspace database schema with a workspace-specific KMS key.
You provide:
- Account & identity — name, work email, organization, and authentication identifiers, handled through our auth provider (WorkOS).
- User inputs — queries, watchlists, saved configurations, feedback.
- Billing — if you purchase a paid plan, payment is processed by our payment processor (Stripe); we receive limited billing metadata, not full card numbers.
- Communications — messages you send us (e.g., support).
Collected automatically:
- Usage data — features used, briefs/queries run, timestamps, approximate volume.
- Device/log data — IP address, browser/user-agent, and similar log information.
- Cookies / similar technologies — for authentication, preferences, and (if enabled) product analytics.
3. How we use information
To provide and improve the Forum Atlas service, deliver briefs, generate forecasts, surface entity-graph updates, send transactional emails (account verification, brief delivery), authenticate and secure accounts, process payments, provide support, monitor performance/errors/abuse, comply with law, and meet our security + compliance commitments (SOC 2 Type II, planned). We do not sell your personal information.
4. Legal bases (where applicable)
Where required (e.g., EU/UK), we process personal data on the bases of contract performance, our legitimate interests in operating and securing the Platform, your consent (e.g., optional analytics), and legal compliance.
5. Sharing
We do not sell personal data. We share personal information only with service providers / subprocessors that operate the Platform on our behalf, under contract (current stack): WorkOS (authentication), Supabase (database/hosting), Modal (compute), Vercel (web hosting), Cloudflare (DNS/CDN/security), Anthropic and Voyage AI and Cohere (AI/model processing of queries and content), Stripe (payments), Resend (email delivery), and, if enabled, Sentry (error monitoring) and PostHog (product analytics). We may also share information where required by law, to enforce our Terms, to protect rights and safety, or in connection with a merger, acquisition, or asset sale, subject to this policy. Sub-processor list on request.
6. AI processing of your inputs
Your queries and inputs may be processed by our AI providers to generate responses. We use providers on terms intended to prevent your inputs from being used to train their foundation models, consistent with their enterprise/API terms. We do not use your private inputs to train models for other customers.
7. Data retention
We retain personal information for as long as your account is active and as needed to provide the Platform, then for a reasonable period to meet legal, accounting, security, and dispute-resolution needs, after which it is deleted or anonymized.
8. Public-source content
The Platform synthesizes publicly available information (e.g., government filings, regulatory records, public disclosures). Where that public information references individuals (such as named executives or officials), it is processed as part of providing industry intelligence and is sourced from public records. Requests concerning such content can be sent to the contact below.
9. Security
We use administrative, technical, and organizational safeguards — including access controls, encryption in transit, tenant isolation, and least-privilege practices — to protect personal information. No system is perfectly secure, and we cannot guarantee absolute security.
10. Your rights and choices
Depending on your location, you may have rights to access, correct, delete, export, or restrict processing of your personal information, and to object or withdraw consent, as well as opt out of marketing. To exercise them, contact us at the address below; we will respond as required by applicable law. You can also manage cookie/analytics preferences where offered.
11. International data transfers
The Platform is operated and hosted in the United States (our infrastructure providers are listed in Section 5). If you access the Platform from outside the U.S. — including the EEA, UK, or Switzerland — your information is transferred to and processed in the U.S. and other countries where our providers operate. Where required, we rely on the European Commission’s Standard Contractual Clauses (with the UK Addendum where applicable) and equivalent safeguards for those transfers, and we make our Data Processing Addendum available to business customers on request.
12. Children
The Platform is not directed to individuals under 18, and we do not knowingly collect their personal information.
13. Changes to this policy
We may update this policy; the “Version” and “Effective” date will change, and material changes will be notified. Continued use after changes take effect constitutes acceptance.
14. Contact
Forum Atlas, Inc. — Email privacy@forumatlas.com.