Last updated: March 2026

Privacy Policy

GeoEcon.ai ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform.

1. Information We Collect

Account Information

When you create an account, we collect your name, email address, and password (stored as a salted hash). If you sign up through a third-party provider (such as Google), we receive your name and email from that provider.

Usage Data

We automatically collect information about how you interact with the Service, including: pages visited, features used, chat queries submitted, reports generated, charts created, timestamps, IP addresses, browser type, and device information.

Payment Information

When you purchase credits, payment is processed by Stripe. We do not store your credit card number or full payment details on our servers. We receive a transaction ID, the amount paid, and the last four digits of your card from Stripe for record-keeping purposes.

2. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service
  • Process credit purchases and manage your account balance
  • Personalize your experience and deliver relevant analysis
  • Send transactional emails (account confirmations, credit purchase receipts, scheduled reports)
  • Monitor usage patterns to detect abuse and ensure platform stability
  • Respond to your support requests and communicate with you about the Service
  • Comply with legal obligations and enforce our Terms of Service

We do not use your chat queries or report content to train AI models. Your analytical queries are processed in real time and are not used beyond providing you with results.

3. Data Sharing

We do not sell, rent, or trade your personal information to third parties. We share data only in the following limited circumstances:

  • Stripe— for payment processing. Stripe's use of your data is governed by their own privacy policy.
  • Sentry — for error tracking and application monitoring. Sentry receives anonymized error reports and performance data.
  • Google Gemini API — your chat queries are sent to Google's Gemini API for processing. Google's data use is governed by their API terms of service.
  • Law enforcement — when required by law, subpoena, or valid legal process.

4. Data Retention

We retain your account information for as long as your account is active. Chat history and report data are retained for up to 12 months to provide you with access to your past analysis. Usage logs are retained for up to 90 days. Payment records are retained as required by applicable tax and financial reporting laws. If you close your account, we delete your personal data within 30 days, except where retention is required by law.

5. Your Rights

You have the right to:

  • Access your personal data — request a copy of the information we hold about you
  • Correct inaccurate or incomplete information in your account
  • Delete your account and associated personal data
  • Export your data in a machine-readable format (JSON)
  • Opt out of non-essential communications at any time

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

6. Cookies

We use essential cookies to maintain your authentication session and remember your preferences. We do not use third-party advertising or tracking cookies. Analytics data is collected server-side through request logs, not through browser-based tracking scripts.

7. Security Measures

We implement industry-standard security measures to protect your data, including: encryption in transit (TLS/HTTPS), encrypted password storage (bcrypt), rate limiting on authentication endpoints, role-based access controls, and regular security reviews. While we strive to protect your information, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

8. International Data Transfers

Your data may be processed and stored on servers located in the United States. If you are accessing the Service from outside the United States, you consent to the transfer and processing of your data in the United States, where data protection laws may differ from those in your jurisdiction.

9. Children's Privacy

The Service is not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If we learn that we have collected data from a child under 18, we will delete that information promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or a prominent notice on the Service at least 14 days before they take effect. Your continued use of the Service after changes take effect constitutes acceptance of the updated policy.

11. Contact

If you have questions or concerns about this Privacy Policy or our data practices, contact us at [email protected].