CompassGraph
Terms of ServiceSign In

Privacy Policy

Last Updated: April 8, 2026

1. Introduction

Beyond Synthesis LLC (“Company,” “we,” “us,” or “our”) operates the CompassGraph platform and website at compassgraph.com (collectively, the “Services”). This Privacy Policy describes how we collect, use, disclose, and protect your personal information when you access or use our Services.

By using our Services, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree, please discontinue use of the Services.

2. Information We Collect

2.1 Information You Provide

  • Account Information: When you create an account, we collect your email address and encrypted password.
  • Profile and Onboarding Data: Information you provide during onboarding, such as your industry segment, business objectives, and analytical preferences.
  • Payment Information: If you subscribe to a paid plan, payment details are collected and processed by Stripe, our third-party payment processor. We do not store your full credit card number.
  • Communications: When you contact us for support or provide feedback, we collect the content of those communications.

2.2 Information Collected Automatically

  • Usage Data: We collect information about how you interact with our Services, including pages viewed, features used, alert configurations, and analytical queries.
  • Device Information: Browser type, operating system, device identifiers, and screen resolution.
  • Log Data: IP address, access times, referring URLs, and error logs.
  • Cookies and Similar Technologies: We use essential cookies for authentication and session management. See Section 8 for details.

2.3 Information from Third-Party Sources

Our Services aggregate and analyze publicly available information from RSS feeds, news sources, government publications, and financial data providers. This data is not personal information and is used to generate analytical insights within the platform.

3. How We Use Your Information

We use collected information to:

  • Provide, maintain, and improve the Services
  • Process transactions and manage subscriptions
  • Send transactional emails, including alert notifications and account updates
  • Personalize your experience, including onboarding and analytical dashboards
  • Monitor and analyze usage trends to improve functionality
  • Detect, prevent, and address technical issues, fraud, or security threats
  • Comply with legal obligations and enforce our Terms of Service

We do not sell your personal information. We do not use your data to train artificial intelligence or machine learning models for third parties.

4. How We Share Your Information

We may share your information in the following circumstances:

  • Service Providers: We share information with third-party vendors who perform services on our behalf, including Stripe (payments), Resend (email delivery), and cloud infrastructure providers (Google Cloud Platform). These providers are contractually obligated to use your information only to perform services for us.
  • Legal Requirements: We may disclose information if required by law, subpoena, court order, or governmental regulation, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any change in ownership or control.
  • With Your Consent: We may share information for any other purpose with your explicit consent.

5. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you with Services. Upon account deletion, we will delete or anonymize your personal information within 30 days, except where retention is required by law or for legitimate business purposes such as fraud prevention or resolving disputes.

Aggregated, anonymized analytical data that cannot be used to identify you may be retained indefinitely for research and product improvement purposes.

6. Data Security

We implement industry-standard security measures to protect your information, including:

  • Encryption of data in transit (TLS 1.2+) and at rest
  • Bcrypt password hashing with per-user salts
  • Role-based access controls and principle of least privilege
  • Regular security audits and vulnerability assessments
  • Secure cloud infrastructure on Google Cloud Platform with SOC 2 certification

No method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

7. Your Rights and Choices

Depending on your location, you may have the following rights:

  • Access: Request a copy of the personal information we hold about you.
  • Correction: Request correction of inaccurate or incomplete information.
  • Deletion: Request deletion of your personal information, subject to legal retention requirements.
  • Data Portability: Request your data in a structured, commonly used, machine-readable format.
  • Opt-Out: Unsubscribe from non-essential communications at any time via email preferences or by contacting us.
  • Withdraw Consent: Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, contact us at privacy@compassgraph.com. We will respond to requests within 30 days.

8. Cookies and Tracking Technologies

We use cookies and similar technologies for the following purposes:

  • Essential Cookies: Required for authentication, security, and core functionality. These cannot be disabled.
  • Analytics Cookies: Help us understand how users interact with the Services to improve performance and usability. These are anonymized where possible.

We do not use advertising cookies or trackers. We do not participate in cross-site behavioral advertising networks.

You can control cookie preferences through your browser settings. Note that disabling essential cookies may prevent you from using certain features of the Services.

9. Children’s Privacy

The Services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal information, please contact us, and we will take steps to delete such information.

10. International Data Transfers

Your information may be transferred to and processed in the United States, where our servers and service providers are located. By using the Services, you consent to the transfer of your information to the United States, which may have different data protection laws than your country of residence.

Where required by applicable law, we implement appropriate safeguards for international data transfers, including Standard Contractual Clauses approved by the European Commission.

11. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):

  • Right to Know: You may request disclosure of the categories and specific pieces of personal information we have collected about you.
  • Right to Delete: You may request that we delete your personal information, subject to certain exceptions.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.
  • No Sale of Personal Information: We do not sell personal information as defined under the CCPA/CPRA. We do not share personal information for cross-context behavioral advertising.

To submit a request, contact us at privacy@compassgraph.com.

12. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have rights under the General Data Protection Regulation (GDPR), including the rights listed in Section 7 above. Our legal basis for processing your personal information includes:

  • Contract Performance: Processing necessary to provide the Services you have requested.
  • Legitimate Interests: Processing necessary for our legitimate business interests, such as fraud prevention and service improvement.
  • Consent: Processing based on your explicit consent, which you may withdraw at any time.
  • Legal Obligation: Processing necessary to comply with applicable law.

You may lodge a complaint with your local data protection authority if you believe your rights have been violated.

13. Third-Party Services

The Services may contain links to third-party websites or integrate with third-party services. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party services before providing your information.

Key third-party services we use include:

  • Google Cloud Platform — cloud infrastructure and hosting
  • Stripe — payment processing
  • Resend — transactional email delivery
  • OpenAI — AI-powered analytical features

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on the Services and updating the “Last Updated” date. For significant changes, we may also notify you by email.

Your continued use of the Services after any changes become effective constitutes your acceptance of the revised Privacy Policy.

15. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: