Privacy policy

1. Introduction
Stratosphere (“we,” “us”) respects your privacy and is committed to protecting the personal data we process. This policy describes how we collect, use, and safeguard information within our platform.

2. Data We Collect

• User Information: Name, professional email, title, and organization of our Customers’ employees.

• KOL & Expert Data: Publicly available professional information (e.g., affiliations, publications, clinical trial involvement) and interaction data uploaded by our Customers.

• Usage Data: IP addresses, browser types, and interaction logs to improve system performance.

3. How We Use Data
We use the data collected solely to:

• Provide and maintain the Stratosphere platform.

• Facilitate KOL mapping and event management.

• Ensure regulatory compliance and audit readiness for Customers.

• Improve our AI models (using anonymized, non-proprietary data only).

4. Data Security & Compliance

• SOC 2 & GDPR: We maintain enterprise-grade security standards. All data is encrypted at rest (AES-256) and in transit (TLS 1.2+).

• Data Isolation: Customer Data is logically isolated to ensure that one customer cannot access another’s proprietary information.

• No Training on Customer Data: Crucial Note: We do not use Customer’s proprietary commercial data or private interaction logs to train our public AI models.

5. Third-Party Sub-processors
We use trusted sub-processors (e.g., AWS for hosting, OpenAI/Anthropic for LLM processing via API). These partners are bound by strict confidentiality agreements and do not have the right to use your data for their own purposes.

6. Your Rights
Depending on your location (e.g., EU under GDPR), you may have the right to access, correct, or delete your personal data. To exercise these rights, contact hello@getstrato.dev.

7. Data Retention
We retain Customer Data for the duration of the subscription. Upon termination, data will be deleted or returned in accordance with our data retention policy, unless required otherwise by law.