ConsultBench
Workbench
Sign inGet started
Legal

Privacy Policy

Last updated: May 10, 2026

This Privacy Policy explains what information ConsultBench ("we", "us") collects, how we use it, and the rights you have. It applies to consultbench.com and the ConsultBench Workbench application.

1. Information we collect

  • Account data: name, email address, password hash, and authentication metadata.
  • Vault content: documents, files, and metadata you upload (BPPs, specs, configs, notes, tags).
  • Generated content: outputs created using ConsultBench boards (specs, configs, training docs, etc.).
  • Usage data: pages visited, features used, error logs, device and browser info, IP address.
  • Billing data: handled by our payment processor; we store plan and invoice metadata only, not card numbers.

2. How we use information

  • To operate the service, retrieve grounded context for your queries, and generate the deliverables you request.
  • To secure accounts, prevent abuse, and debug issues.
  • To bill you and provide receipts.
  • To send transactional emails (account, security, billing). Marketing email is opt-in.

We do not sell your personal information, and we do not train or fine-tune AI models on your vault content.

3. Third-party processors

We rely on a small number of vetted sub-processors to deliver the service:

  • Supabase — managed Postgres database, authentication, and object storage (hosted on AWS).
  • OpenAI — generates embeddings and AI completions used for retrieval and board outputs. Configured under no-training / zero-data-retention terms where available.
  • Google Analytics 4 — anonymized site usage analytics for consultbench.com marketing pages.
  • Payment processor — Stripe (or equivalent) for subscription billing.

4. Cookies and tracking

We use strictly necessary cookies for authentication and session management. Google Analytics sets cookies for aggregated traffic measurement. You can block analytics cookies in your browser without affecting use of the product.

5. Data storage and security

Data is encrypted in transit (TLS 1.2+) and at rest (AES-256). Vault content is isolated per-account by row-level security. See our Security page for details.

6. Your rights

  • Access: view your data in-product or by request.
  • Export: download your uploaded documents at any time.
  • Correction: edit account details from settings.
  • Deletion: delete your account from settings; data is permanently removed within 30 days.
  • GDPR / CCPA: EU and California residents may exercise additional rights by contacting us below.

7. Data retention

We retain account and vault data for as long as your account is active. Deleted content is purged within 30 days. Backups are rotated within 90 days. Billing records are retained as required by tax law.

8. Children

ConsultBench is a B2B product not intended for individuals under 16. We do not knowingly collect data from children.

9. Changes to this policy

We will post any material changes to this page and update the "Last updated" date. Significant changes will be communicated by email to active customers.

10. Contact

Questions or requests: privacy@consultbench.com.