Privacy Policy
Effective July 6, 2026
stratless (“we”, “us”) is a stateless competitive-intelligence API, operated by its founder as an individual. This policy explains what we collect, what we deliberately don’t, and how we handle it. The short version: we collect the minimum needed to run your account and meter usage, and we do not store the content you send us to analyze.
What we collect
- Account details. When you sign in with GitHub, we receive your GitHub account ID, username, and email address, which we use to create and identify your account.
- API keys. We generate API keys for you and store them in hashed form to authenticate your requests.
- Usage metadata. For each API call we record a request ID, timestamp, the endpoint, the number of companies analyzed (your credit usage), and the response status — to meter usage, enforce quotas, prevent abuse, and debug problems.
What we don’t store
stratless is stateless by design. The company text and data you submit to /v1/analyze, and the field maps we return, are processed in memory and discarded once your response is sent. We do not keep them, build a corpus from them, or reuse them. “We forget your set” is a design guarantee, not a marketing line.
How your input is processed
To produce an analysis, the text you submit is transmitted to a third-party large-language-model provider (currently Google) which processes it to generate the result. stratless does not retain that text; the provider processes it under its own terms and privacy policy. If this matters for your data, send only text you are authorized to share (see our Terms).
Service providers
We rely on a small set of infrastructure providers, each processing data only to run the service:
- GitHub — sign-in (OAuth).
- Cloudflare — hosting for this site and the API, plus rate-limiting.
- Neon — the database that stores your account and usage metadata.
- Google — the language-model provider that processes analysis requests.
- Stripe — payment processing, once paid credits launch (not yet active).
Cookies and tracking
We do not use advertising or cross-site tracking cookies, and we do not run third-party analytics on this site. We use only what is strictly necessary to secure the sign-in flow.
Retention
We keep your account and usage metadata for as long as your account is active, and for a reasonable period afterward where needed for billing, security, or legal reasons. Content you submit for analysis is never retained, as described above.
Your choices
You may request access to, correction of, or deletion of your account data at any time by emailing [email protected]. Deleting your account removes your account and API keys; we may retain limited records where required for legal or accounting purposes.
Security
We store API keys hashed, transmit data over TLS, and keep the surface small. No system is perfectly secure, but statelessness means the most sensitive thing — your analyzed content — simply isn’t there to lose.
Children
The service is not directed to anyone under 18, and we do not knowingly collect their data.
Changes
We may update this policy as the service evolves. Material changes will be reflected by the effective date above.
Contact
Questions? Email [email protected].