Privacy Policy

Aktara (“we”, “our”, “us”) operates the Aktara quantitative decision simulator at aktara.ai. This policy explains what personal data we collect, why we collect it, how we use it, and what rights you have over it.

For privacy inquiries or to exercise your rights, contact us at privacy@aktara.ai.

We collect the following categories of personal data:

• Identity and contact data — your name, email address, and/or phone number, depending on how you choose to sign in (Google OAuth, email one-time code, or phone SMS code). We do not store passwords.
• Simulation inputs — business details, pricing parameters, customer metrics, and decision descriptions you enter when running simulations.
• Simulation results — the probability distributions, percentile estimates, and scenario comparisons generated from your inputs.
• Outcome records — actual results you voluntarily record against past simulations, used to compute your personal calibration score.
• Usage data — pages visited, features used, and session duration, collected via server logs.
• Payment data — billing details are processed directly by Stripe and are never stored on our servers.

We use your data only for the following purposes:

• To authenticate you and maintain your session
• To run simulations and return results to you
• To compute and display your personal Brier calibration score
• To aggregate anonymised outcomes into our benchmark dataset (no personal identifiers are included)
• To send transactional messages — sign-in codes, billing receipts
• To investigate abuse, enforce our Terms, and comply with legal obligations

We do not sell your personal data. We do not use your simulation inputs to train models that are shared with other customers without your explicit consent.

For users in the EEA, UK, or Switzerland, we process personal data under the following legal bases:

• Contract — processing your account and simulation data is necessary to deliver the service you signed up for.
• Legitimate interests — improving the product, preventing abuse, and maintaining security, where these do not override your rights.
• Consent — for optional analytics or marketing communications, where we ask for it explicitly.
• Legal obligation — where we are required to process data by law.

We share data with the following sub-processors solely to deliver the service. Each is bound by a data processing agreement and is prohibited from using your data for their own purposes.

When data is transferred outside the EEA or UK, we rely on the EU Standard Contractual Clauses or an adequacy decision as the transfer mechanism.

Because all user data is currently held in-memory, it is automatically cleared when the server restarts and is not retained long-term. No separate deletion step is required at this time.

When persistent storage is introduced, we will retain your account and simulation data for as long as your account is active. Deletion requests will be fulfilled within 30 days. Anonymised aggregate benchmark data may be retained indefinitely as it contains no personal identifiers.

Financial records related to Stripe transactions may be retained for up to 7 years to meet legal and accounting obligations.

You can opt out of data collection and processing at any time:

• Account settings — log in to your account settings and update your user account to manage communication preferences and optional data processing.
• Delete your account — removing your account stops all data collection. Contact privacy@aktara.ai to request deletion.
• Email opt-out — unsubscribe via the link in any email we send, or update preferences in account settings.
• Demo mode — use Aktara without signing in to avoid any personal data being collected.

Depending on your location, you may have the right to:

• Access a copy of the personal data we hold about you
• Correct inaccurate or incomplete data
• Request deletion of your personal data
• Restrict or object to certain processing
• Data portability — receive your data in a structured, machine-readable format
• Withdraw consent for optional processing at any time
• Lodge a complaint with your local data protection authority

To exercise any of these rights, email privacy@aktara.ai. We will respond within 30 days. The same address can be used to appeal any decision we make about your request.

We use strictly necessary session cookies to maintain your signed-in state. These cannot be opted out of while using the service. For full details, see our Cookie Policy.

Aktara is not directed at children under 16. We do not knowingly collect personal data from anyone under 16. If you believe a child has provided us with personal data, contact privacy@aktara.ai and we will delete it promptly.

All data is encrypted in transit using TLS 1.2 or higher. Session tokens are signed with a server-side secret. We perform periodic security reviews and welcome responsible disclosure at security@aktara.ai.

No method of transmission or storage is 100% secure. We will notify affected users without undue delay in the event of a personal data breach.

We will notify you of material changes via email or an in-app notice at least 14 days before they take effect. The effective date at the top of this page will always reflect the latest version. Continued use of the service after changes take effect constitutes acceptance of the updated policy.

For any questions about this policy: privacy@aktara.ai

For security disclosures: security@aktara.ai

Or use our contact form.