Privacy Policy

What This Policy Covers

This policy applies to ThinkRows, including our website, application, billing flows, support, and related services. It covers information about site visitors, account owners, prospective customers, customers, and authorized users.

If an organization provides your information to ThinkRows through an uploaded spreadsheet, that organization is responsible for telling you how it uses your data. We process spreadsheet contents on behalf of the account holder that uploaded them.

What We Collect and Why

Identity and access

When you create an account, we collect information such as your email address, name, company name, login details, and account settings. We use this to create your account, authenticate you, provide product notices, send important service messages, and support your use of ThinkRows.

Spreadsheet and project data

We store files, spreadsheet contents, extracted tables, column profiles, relationship graphs, answerability results, transformation requests, transformation outputs, exports, and related project metadata so the product can work as intended.

Spreadsheet data may include personal data, business data, financial data, or other information depending on what you upload. You are responsible for ensuring you are allowed to upload and process that data in ThinkRows.

AI processing data

ThinkRows uses third-party AI providers, including OpenAI, to analyze tables, infer meaning, assess answerability, and plan transformations. To provide those features, we may send spreadsheet samples, column names, prompts, instructions, metadata, and generated outputs to OpenAI or other AI providers.

Billing information

If you purchase credits or a paid plan, payment information is handled by our payment processor. We may store billing records, plan status, transaction identifiers, invoices, credit balances, billing email, and limited payment metadata needed for account history, invoicing, fraud prevention, tax, and support.

Website and product interactions

We may collect log data such as IP address, browser type, device information, pages viewed, referring pages, timestamps, feature usage, errors, and performance information. We use this for security, debugging, analytics, abuse prevention, and improving the Service.

Cookies

We use cookies and similar technologies for login, sessions, security, preferences, billing flows, and basic analytics. You can adjust cookie settings in your browser, but the app may not work properly without essential cookies.

Voluntary correspondence

When you email us, request support, answer surveys, or otherwise contact us, we keep the correspondence and contact information so we can respond and maintain a history of support interactions.

When We Access or Disclose Your Information

We access or disclose information only where needed to provide and protect the Service, comply with law, or follow your instructions.

• To provide the Service, including storage, hosting, AI processing, payment processing, email, analytics, and support.
• To OpenAI and other AI providers when needed to analyze spreadsheets or generate outputs.
• To payment processors and billing providers when needed to process purchases, invoices, taxes, and fraud checks.
• To troubleshoot issues, with your permission where practical and appropriate.
• To investigate abuse, security incidents, restricted uses, or violations of our Terms.
• To comply with legal obligations, court orders, subpoenas, regulatory requests, tax audits, or emergency requests where legally required.
• In aggregated or de-identified form for analytics, product improvement, and business reporting.
• If ThinkRows is involved in a merger, acquisition, financing, reorganization, or sale of assets, subject to appropriate protections.

OpenAI and Third-Party AI Providers

Because ThinkRows is an AI-assisted spreadsheet analysis service, uploaded data may be processed by OpenAI. OpenAI's API and business offerings state that customer data is not used to train OpenAI models by default unless the customer opts in. OpenAI may still process data to provide its services, maintain security, comply with policies, and perform abuse monitoring or other permitted processing under its terms.

Do not upload highly sensitive or regulated data unless we have separately agreed in writing that the Service is appropriate for that data and the required safeguards are in place.

Your Rights

Depending on where you live, you may have rights to know, access, correct, delete, export, restrict, or object to certain processing of your personal information. You may also have the right to complain to a privacy regulator.

You can exercise some rights by signing in and updating your account. For other requests, contact us at [email protected]. We may need to verify your identity before responding. Some information may be retained where needed to provide the Service, comply with law, prevent abuse, resolve disputes, or enforce agreements.

How We Secure Your Data

We use reasonable technical and organizational safeguards designed to protect data, including encryption in transit, access controls, and operational security practices. No method of transmission or storage is perfectly secure, so we cannot guarantee absolute security.

Deleting Content and Accounts

If you delete project content or cancel your account, the content may become inaccessible immediately or after ordinary product flows complete. Copies may remain for a limited time in backups, logs, exports, or records needed for legal, security, billing, dispute-resolution, or operational reasons.

Data Retention

We keep information for as long as needed for the purposes described in this policy, including providing the Service, maintaining accounts, complying with law, resolving disputes, enforcing agreements, preventing abuse, and keeping business records. Retention periods vary depending on the type of data and your account settings.

Location of Site and Data

ThinkRows and its service providers may process and store information in the United States, the European Economic Area, or other countries where we or our providers operate. If you use the Service from another country, your information may be transferred to countries with different data protection laws.

International Transfers

Where required, we use appropriate transfer mechanisms for personal data transferred from the European Economic Area, United Kingdom, Switzerland, or other regions with transfer restrictions. Business customers that need a data processing addendum should contact us.

Changes and Questions

We may update this policy as our practices, providers, or legal obligations change. If we make significant changes, we will update the date above and provide notice where required.

Questions about this policy or your data may be sent to [email protected].