Privacy policy.
Banti helps product, engineering, and founder teams find where users get stuck and ship the fix. To do that we connect to systems you already use — analytics, error logs, support tickets, interview transcripts, and your codebase. This policy explains what we collect, how we use it, and the controls you have.
Information we collect
Account information
When you sign up we collect your name, work email, company, and role. We use this to create your account, authenticate you, and contact you about the service.
Integration data
When you connect a tool — PostHog, FullStory, Amplitude, Sentry, LogRocket, Intercom, Zendesk, Gong, Zoom, GitHub, Linear, or Jira — Banti reads the data needed to identify breakpoints, cluster evidence, and draft fixes. By default our access is scoped and read-only. We only request write permissions where you explicitly enable an action (for example, drafting a pull request).
You can revoke any integration at any time from inside Banti or directly from the source tool.
Uploaded content
You may upload interview transcripts, churn notes, or CSVs. We store this content in your workspace and treat it the same way as integration data.
Service usage
We collect basic product analytics (pages viewed, actions taken, errors encountered) so we can improve Banti. We do not sell this data and we do not use it for advertising.
How we use information
- Operate the service: run audits, agent test runs, and draft tickets and PRs.
- Cluster signals across tools so the same issue is one ticket, not many.
- Communicate with you about your account, security notices, and product updates.
- Improve Banti — debug issues, evaluate new models, measure quality of fixes.
Sharing
We do not sell personal data. We share information only with:
- Sub-processors that operate the service (cloud hosting, model providers, analytics). Each is bound by a data-processing agreement and a confidentiality obligation.
- Authorities, when we are legally required to. We will notify you unless legally prohibited.
- A successor entity in the event of a merger, acquisition, or asset sale — under terms consistent with this policy.
Security
Banti uses encryption in transit (TLS 1.2+) and at rest. Integration credentials are stored in an isolated secret store and accessed only by the workers that need them. Production access is limited to on-call engineers and audited.
We are SOC 2 Type II in progress. If you need a current security overview or DPA, email founders@getbanti.com.
Retention and deletion
We retain workspace data for as long as your account is active. On request we will delete your data within 30 days, except where retention is required by law or to resolve disputes.
Your rights
Depending on where you are based, you may have rights to access, correct, export, or delete personal data we hold about you, and to object to certain processing. To exercise these rights, contact us at founders@getbanti.com.
International transfers
Banti is operated from the United States. If you access the service from another region, your information may be transferred to and processed in the US under standard contractual clauses or equivalent safeguards.
Changes
We will update this page when our practices change. Material changes will be announced in-product or by email before they take effect.
Contact
Questions about this policy: founders@getbanti.com.