Privacy Policy

Vantis (“we,” “our,” or “us”) operates usevantis.com and the Vantis platform — an AI-powered client intelligence service for agencies. This Privacy Policy explains what information we collect, how we use it, and the choices you have.

By using Vantis, you agree to the collection and use of information as described in this policy. If you have questions, contact us at privacy@usevantis.com.

Account information. When you create an account, we collect your email address and any profile information you provide (name, agency name).

Client data. You may enter information about your clients (name, company, email address, monthly contract value, notes). This data is stored securely and used solely to provide the Vantis service to you.

Gmail data. If you connect Gmail, we request read-only access to your Gmail inbox (gmail.readonly scope). We retrieve recent emails exchanged with your specified clients to perform communication analysis. We do not store the raw content of your emails — only the AI-generated health scores, signals, and summaries are saved.

Usage data. We collect standard server logs including IP addresses, browser type, pages visited, and timestamps to operate and improve the service.

Payment information. Billing is handled by Stripe. We never store your full card number. Stripe provides us with a customer ID and subscription status only.

• Provide, operate, and improve the Vantis platform
• Perform AI analysis of client communication patterns to generate health scores
• Send transactional emails (account confirmation, alert notifications)
• Process payments and manage your subscription
• Respond to support requests
• Detect and prevent fraud or abuse

We do not sell your personal data. We do not use your client data or Gmail data to train AI models.

Our use of Gmail data is governed by the Google API Services User Data Policy, including the Limited Use requirements.

• We access Gmail data only when you explicitly trigger an analysis for a specific client.
• Gmail data is used solely to generate communication health insights for your agency use.
• Raw email content is sent to Anthropic's API for analysis and is not retained by Vantis after the analysis completes.
• We do not use Gmail data for advertising or to build profiles beyond the Vantis service.
• You can disconnect Gmail at any time from Settings → Integrations. This immediately revokes our access.
• Our access token is stored encrypted and refreshed only when you run an analysis.

We use the following sub-processors to operate Vantis:

• Supabase — database and authentication (data stored in US-East)
• Anthropic — AI analysis of client communication data
• Google — Gmail OAuth and email data retrieval
• Stripe — payment processing and subscription management
• Resend — transactional email delivery
• Vercel — web hosting and CDN

Each third-party service has its own privacy policy governing data they receive.

We retain your account and client data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where required by law (e.g., billing records).

Health score history, alerts, and AI-generated insights are retained for the lifetime of your account to provide trend analysis.

We implement industry-standard security measures including encrypted connections (TLS), encrypted data at rest, and row-level security policies ensuring users can only access their own data. OAuth tokens are stored in an isolated database table with restricted access.

No method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security, but we will promptly notify you of any breach affecting your data as required by applicable law.

Depending on your location, you may have the right to:

• Access the personal data we hold about you
• Correct inaccurate data
• Request deletion of your account and associated data
• Disconnect integrations (Gmail, etc.) at any time
• Export your client data
• Object to certain types of processing

To exercise these rights, email us at privacy@usevantis.com.

Vantis uses session cookies for authentication (managed by Supabase Auth). We do not use third-party advertising cookies or tracking pixels. Analytics, if any, are privacy-respecting and aggregated.

Vantis is not directed to individuals under 16 years of age. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact us and we will delete it.

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by prominently posting a notice on the platform. Your continued use after the effective date constitutes acceptance of the updated policy.

If you have questions, concerns, or requests regarding this Privacy Policy, contact us at:

Vantis
privacy@usevantis.com
usevantis.com