Privacy Policy

We collect several types of information:

Information you provide to us

• Contact details — name, business email, company, phone number, and other details you submit through forms (contact, demo request, early access, analyzer).
• Communications — the content of messages you send us, scheduling information, and records of calls or emails with our team.
• Product data you submit — URLs, catalog data, files, or credentials you voluntarily upload for analysis, transformation, or distribution.

Information collected automatically

• Usage data — pages visited, features used, time spent, referring URL, and actions taken on the Services.
• Device and log data — IP address, browser type and version, operating system, device identifiers, and timestamps.
• Cookies and similar technologies — see Cookies and Tracking below.

Information from third parties

• Business information from enrichment and analytics providers (such as HubSpot) that we use to qualify leads and route follow-up.
• Publicly available information about your company or catalog that we use to perform the diagnostic you requested.

We use the information we collect to:

• Provide, operate, and maintain the Services;
• Perform analyses and transformations you request on product data;
• Respond to your inquiries, schedule meetings, and deliver the reports or materials you ask for;
• Send transactional communications (verification codes, form confirmations, report deliveries);
• Send marketing communications, if you have opted in or where permitted by law, with an unsubscribe link in each message;
• Improve, personalize, and develop the Services, including training internal models on aggregated or de-identified data;
• Prevent fraud, enforce our terms, and protect the security of the Services and our users; and
• Comply with legal obligations.

If you are in the European Economic Area, the United Kingdom, or Switzerland, we process your personal data on the following legal bases:

• Contract — to provide the Services you have requested;
• Legitimate interests — to operate, secure, and improve the Services, and for direct business-to-business marketing;
• Consent — where required (e.g., certain cookies and marketing emails); and
• Legal obligation — to comply with applicable laws.

We do not sell your personal information. We share information only as described below:

• Service providers — vendors that host, run, and support the Services on our behalf (for example: Vercel for hosting, HubSpot for CRM and communications, Resend for transactional email, Cloudflare for security, Sanity for content management, and analytics providers). These parties may only use the data to perform services for us and must protect it under written agreements.
• Business transfers — in connection with a merger, acquisition, reorganization, financing, or sale of assets; your data may be transferred to a successor entity under terms at least as protective as this policy.
• Legal and safety — to comply with law, a legal process, or a government request; to protect our rights, property, or safety, or that of our users or the public; and to enforce our agreements.
• With your consent — for any other purpose disclosed at the time of collection.
• Aggregated or de-identified data — we may share data that cannot reasonably be used to identify you.

We use cookies, pixels, and similar technologies to operate the site, remember your preferences, measure performance, and understand how the Services are used. Categories include:

• Essential — required for core functionality (authentication, fraud prevention, form submission).
• Analytics — help us understand traffic and usage (e.g., Vercel Analytics).
• Marketing — used by third parties (like HubSpot) to identify returning visitors and measure campaign effectiveness.

You can control cookies through your browser settings. Blocking essential cookies may prevent parts of the Services from working.

We retain personal information for as long as needed to provide the Services, comply with our legal obligations, resolve disputes, and enforce our agreements. When we no longer need your information, we will delete or de-identify it.

We use administrative, technical, and physical safeguards designed to protect your information — including encryption in transit (TLS), access controls, tenant isolation, and audit logging. No method of transmission or storage is completely secure, however, and we cannot guarantee absolute security.

Depending on where you live, you may have the following rights:

California residents (CCPA / CPRA)

You have the right to:

• Know what personal information we collect, use, disclose, and share;
• Access, correct, or delete your personal information;
• Opt out of the “sale” or “sharing” of your personal information — we do not sell or share personal information as those terms are defined under California law;
• Limit the use of sensitive personal information (we do not use sensitive personal information for inferring characteristics); and
• Be free from retaliation for exercising these rights.

EU/UK/Swiss residents (GDPR / UK GDPR / FADP)

You may have the right to access, rectify, erase, restrict, or port your personal data, and to object to processing based on our legitimate interests. You may also withdraw consent at any time where we rely on consent.

How to exercise your rights

Email us at privacy@configureiq.com. We will verify your identity before fulfilling the request, and we will respond within the time required by applicable law. You may also designate an authorized agent to submit a request on your behalf.

The Services are intended for business users and are not directed to children under 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us so we can delete it.

We are based in the United States and process data in the U.S. and other countries where our service providers operate. Where required, we rely on approved transfer mechanisms such as Standard Contractual Clauses to protect your information.

The Services may link to third-party websites or integrate with third-party platforms. We are not responsible for the privacy practices of those third parties; please review their policies separately.

We may update this Privacy Policy from time to time. When we do, we will revise the “Last updated” date at the top of this page and, where appropriate, provide additional notice (such as by email or a notice on the Services). Your continued use of the Services after a change takes effect constitutes acceptance of the updated policy.

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: