Six documents that govern how we operate: privacy, cookies, terms of service, a security overview, a sub-processor list, and our data processing addendum. Written to be readable. The legal copy you'd want to read if it were about your data.
insigz is the controller responsible for the personal data described here. We are based at Schützenstrasse 4, 6003 Luzern, Switzerland (company registration pending; this page is updated once the entity is formed). "We", "us" and "insigz" refer to this entity throughout. Reach our privacy contact at privacy@insigz.com.
We collect and use personal data when you: use our website or contact us by email, phone or other channel; request access or a demo; subscribe to updates; engage with us as a customer or supplier; or apply for a role. We collect from you directly, from your authenticated use of the platform, and — for world data — from publicly-accessible and licensed sources (which are generally not personal data about you).
From you (the customer): business contact details, engagement metadata, billing information. From your users: identity tokens (via OIDC), session activity logs, action submissions. From the world: data we ingest from publicly-accessible sources (AIS, ENTSO-E, OFAC, etc.) — these are not personal data about you.
All customer data is stored in single-tenant Postgres instances hosted in Switzerland or the EU. We do not transit US infrastructure. Backups are encrypted at rest with AES-256, stored in the same geographic region as the primary.
Engagement data: for the duration of the engagement plus 90 days (for audit and re-delivery). After-Action Reports: indefinitely if you ask us to, otherwise deleted with the engagement data. Billing records: 10 years (Swiss tax law). You can request deletion of any non-required data at any time by emailing privacy@insigz.com — we respond within 5 business days.
We do not sell personal data and we do not share it with advertisers. We disclose it only to: our own staff on a need-to-know basis; the vetted sub-processors listed under Sub-processors, each bound by a DPA; and competent authorities where legally required. Professional confidentiality is paramount — we process only what our obligations allow.
Customer data stays in Switzerland or the EU/EEA by default; we do not transit US infrastructure unless you explicitly require a region that does. Where any transfer outside the EEA/Switzerland is unavoidable, we apply adequate safeguards (EU Standard Contractual Clauses and the Swiss addendum).
Email privacy@insigz.com, telling us which right you wish to exercise and the context. We may ask for proof of identity to prevent unauthorised disclosure. We respond within 30 days (and acknowledge sooner). There is no fee unless a request is manifestly unfounded or excessive. If you are unhappy with our response you may complain to the Swiss FDPIC or your local EU supervisory authority.
Cookies are small text files a site stores on your device to remember things between pages and visits — your theme preference, whether you've dismissed a banner, or (only with your consent) anonymous usage statistics. Similar technologies such as localStorage are treated the same way under this policy.
| CATEGORY | PURPOSE | CONSENT |
|---|---|---|
| Strictly necessary | Security, load balancing, remembering your cookie choice. The site can't function without these. | Not required |
| Preferences | Remembering your light/dark theme and dismissed notices. | Not required |
| Analytics (optional) | Privacy-friendly, aggregated usage statistics so we can improve the site. No cross-site tracking, IP anonymised. | Opt-in |
When you first visit, a banner lets you Accept all, Reject non-essential, or open Preferences to choose per-category. Your choice is stored for 12 months. You can revisit it any time via the Cookie preferences link in the site footer. You can also block or delete cookies in your browser settings — note that disabling strictly-necessary cookies may break parts of the site.
Cookies that handle personal data are also covered by our Privacy policy. Questions: privacy@insigz.com.
Each engagement is governed by a signed Statement of Work that defines scope, price, deliverables, and timeline. These Terms cover everything not specified there. If a SoW and these Terms conflict, the SoW wins.
insigz's platform code, fusion engine, agent prompts, scenario templates, data schemas, brand. We license you a non-exclusive, non-transferable right to use the platform for the duration of the engagement.
Your operational data, the After-Action Reports we produce for you, your custom scenario authoring, your user data. We claim no ownership over what you put into insigz or what you take out of it.
Our liability is capped at the fees paid to us in the 12 months prior to a claim. We exclude liability for indirect, consequential, or punitive damages. Nothing limits liability for fraud, willful misconduct, or where Swiss law prohibits limitation.
Either party can terminate for material breach with 30 days notice to cure. We refund prepaid amounts for unused engagement scope. After termination we delete your data within 90 days unless you request earlier deletion.
Every customer engagement runs in a single-tenant Postgres database with its own VPC, its own Cloud Run service account, and its own KMS keys. There are zero cross-tenant query paths in production. Multi-tenant isolation is enforced at the infrastructure layer, not the application layer.
TLS 1.3 in transit. AES-256 at rest. KMS-managed customer keys for hosted engagements; bring-your-own-key supported for self-hosted. Backups encrypted with the same KMS key as the primary database.
OIDC integration with your identity provider (Okta, Google Workspace, Microsoft Entra, generic OIDC). MFA enforced for all user roles. Session tokens rotated every 24 hours. Row-level security in Postgres enforces role-based visibility — bypassing the application layer doesn't bypass authorization.
Every read, every write, every agent inference, every approval is logged with timestamp, user, action, and full provenance chain. Logs are append-only, signed, and exportable. We retain logs for the engagement duration plus 12 months.
security@insigz.com)The third parties we use to deliver insigz. Each has signed our standard DPA and is restricted to processing only what's listed below.
| PROVIDER | PURPOSE | REGION |
|---|---|---|
| Google Cloud (CH) | Hosting · Cloud Run · Postgres | Zürich |
| Anthropic | Claude API · agent inference | EU · zero data retention |
| Cloudflare | CDN · DDoS · WAF | Global edge |
| Postmark | Transactional email | EU |
| Stripe | Billing · invoicing | EU (Stripe Switzerland) |
New sub-processors are announced via this page at least 30 days before they go live. Email privacy@insigz.com if you'd like to be notified.
Our DPA — a 14-page PDF — is automatically incorporated into every Statement of Work for customers in the EU, UK, or Switzerland. It covers controller / processor obligations, sub-processor flow-down, international transfers (we don't do any), and breach notification.
You don't need to sign anything separately; it's bundled with the SoW. If your procurement team wants to redline ours, we have a "negotiable" version. Email legal@insigz.com for a copy.