Privacy Policy

LitmusRun is the data controller for personal information processed in connection with the services described in this policy, except where we act as a processor on behalf of an enterprise customer under a separate data processing agreement. This policy does not apply to third-party websites, products, or services that you may access through links on our site or through URLs you submit for validation.

For privacy-related questions, requests, or complaints, contact us at privacy@litmusrun.com. For security incidents, contact security@litmusrun.com. We respond to verified requests within the timeframes required by applicable law.

We collect information in several ways: directly from you, automatically when you use the service, from authentication and payment providers, and from subprocessors that help us operate the platform.

2.1 Account and identity information

When you create an account, we collect information such as your name, email address, profile image (if provided), authentication identifiers, and organization name where applicable. If you sign in through our authentication provider (Clerk), Clerk processes login credentials and session data under its own privacy policy. We receive account metadata necessary to identify you and provision the service.

2.2 Waitlist and marketing information

If you join our waitlist or subscribe to product updates, we may collect your name, email address, job role, company name, and any optional information you provide in signup forms. We use this information to manage early access, send transactional confirmations, and communicate about product availability where permitted by law.

2.3 Validation inputs and workspace content

To run synthetic validation panels, you may submit product URLs, staging links, document links, video URLs, mission descriptions, persona configurations, panel settings, encrypted staging credentials, API payloads, pipeline presets, collaborator invitations, and related project metadata. You are responsible for ensuring you have the legal right to submit this content and that it does not violate third-party rights or applicable law.

2.4 Generated outputs and operational records

When panels run, we store session metadata, step events, structured findings, persona assessments, debate transcripts, consensus reports, coverage data, activity signals, usage logs, error records, and historical run data associated with your projects. These records enable reruns, collaboration, billing enforcement, support, and product reliability.

2.5 Billing and transaction information

Paid subscriptions are processed by our payment provider (Dodo Payments). We receive subscription status, plan tier, transaction identifiers, billing period dates, and limited payment metadata. We do not store full payment card numbers on LitmusRun servers.

2.6 Technical, device, and log information

We automatically collect technical data including IP address, browser type and version, operating system, device identifiers, referring URLs, pages viewed, timestamps, API request metadata, rate-limit counters, and security logs. We use this information for authentication, fraud prevention, abuse detection, debugging, capacity planning, and legal compliance.

2.7 Cookies and similar technologies

We use cookies, local storage, and similar technologies as described in Section 15 (Cookies and similar technologies). Essential cookies support authentication and security. Optional cookies may support analytics or performance measurement where you have consented or where permitted without consent.

2.8 Communications and support

If you contact us by email, in-product messaging, or support channels, we retain the content of your communications, attachments you choose to send, and our responses for support quality, dispute resolution, and legal record-keeping.

We use personal information for the following purposes, depending on your relationship with us and applicable law:

• Providing, operating, maintaining, and improving the LitmusRun platform
• Running synthetic validation panels and delivering findings, readouts, and collaboration features
• Authenticating users, managing sessions, and enforcing plan limits and access controls
• Processing payments, invoicing, tax compliance, and subscription lifecycle management
• Sending transactional messages such as account confirmations, security alerts, billing receipts, and service notices
• Responding to support requests and investigating reported issues
• Detecting, preventing, and investigating fraud, abuse, unauthorized access, and violations of our Terms
• Conducting aggregated or de-identified analytics to understand product usage and reliability
• Complying with legal obligations, responding to lawful requests, and establishing or defending legal claims
• Managing waitlist signups and product communications where permitted

We do not sell your personal information. We do not use your private product URLs, uploaded materials, or validation outputs to train public foundation models for unrelated purposes. Your content is processed to deliver the validations and related features you request.

Where the General Data Protection Regulation (GDPR), UK GDPR, or Swiss Federal Act on Data Protection applies, we rely on one or more of the following legal bases:

• Performance of a contract: processing necessary to provide the service you signed up for, including account management, panel execution, collaboration, and billing.
• Legitimate interests: security monitoring, abuse prevention, service reliability, minimal product analytics, and internal business operations, balanced against your rights and freedoms.
• Consent: non-essential cookies, certain marketing communications, and optional features where consent is required.
• Legal obligation: tax, accounting, regulatory compliance, and responses to valid legal process.
• Vital interests or public interest: only in rare circumstances required by law.

You may withdraw consent at any time where processing is based on consent, without affecting the lawfulness of processing before withdrawal. You may object to certain processing based on legitimate interests as described in Section 12.

We disclose personal information only as described below. We require service providers to process data under contractual obligations consistent with this policy and applicable law.

5.1 Service providers and subprocessors

We use third-party providers for hosting, databases, authentication, payments, email delivery, file storage, isolated browser execution, caching, error monitoring, customer support tooling, and AI inference routing. These providers access personal information only to perform services on our behalf.

5.2 Collaboration and sharing features

If you invite collaborators or enable share links, information about projects and completed panel readouts may be visible to users you authorize or anyone with a valid share token, according to your settings. Public share links expose completed readout data to holders of the link and should be distributed carefully.

5.3 Enterprise customers

If your organization provisions access through an enterprise agreement, your administrator may access usage information and workspace content according to organizational policies and our contract with them.

5.4 Legal and safety disclosures

We may disclose information if we believe in good faith that disclosure is necessary to comply with law, regulation, legal process, or governmental request; to protect the rights, property, or safety of LitmusRun, our users, or the public; to detect or prevent fraud or security issues; or in connection with a merger, acquisition, financing, or sale of assets, subject to customary confidentiality obligations.

LitmusRun is operated from the United States. Personal information may be processed in the United States and in other countries where we or our service providers maintain facilities. Data protection laws in these countries may differ from those in your jurisdiction.

Where required, we implement appropriate safeguards for cross-border transfers, such as Standard Contractual Clauses approved by the European Commission, the UK International Data Transfer Agreement or Addendum, or other lawful transfer mechanisms. You may request additional information about safeguards by contacting us at the address in Section 1.

We retain personal information for as long as necessary to fulfill the purposes described in this policy, unless a longer retention period is required or permitted by law.

• Account and project data are retained while your account remains active.
• You may delete individual projects and panel runs from the dashboard where the feature is available.
• After an account deletion request, we delete or anonymize personal information within thirty (30) days, except where retention is necessary for billing records, tax compliance, dispute resolution, security investigations, or legal holds.
• Encrypted backups may persist for up to ninety (90) days before automatic purge.
• Aggregated or de-identified data that cannot reasonably identify you may be retained indefinitely for analytics and product improvement.
• Security and access logs may be retained for a limited period consistent with industry practice and legal requirements.

We implement administrative, technical, and organizational measures designed to protect personal information, including encryption in transit (TLS), access controls, scoped API tokens, ownership checks on data access, isolated browser sandboxes for agent execution, and monitoring for suspicious activity.

No method of transmission over the Internet or electronic storage is completely secure. We cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your account credentials and for configuring collaboration and share settings appropriately.

If you believe your account or data has been compromised, notify us promptly at security@litmusrun.com.

LitmusRun uses automated systems, including large language models and browser automation, to generate synthetic user behavior, findings, and consensus reports. Outputs are probabilistic and may be incomplete or inaccurate. We do not make solely automated decisions that produce legal or similarly significant effects about natural persons in the sense of Article 22 GDPR without appropriate safeguards and, where required, your explicit consent.

You should review outputs before relying on them for business, accessibility, security, or compliance decisions. Synthetic panel results are not a substitute for human research, professional audits, or legal advice.

Depending on your location, you may have some or all of the following rights regarding your personal information:

• Right of access: obtain confirmation of whether we process your data and receive a copy.
• Right to rectification: correct inaccurate or incomplete personal information.
• Right to erasure: request deletion of personal information, subject to legal exceptions.
• Right to restriction: request that we limit processing in certain circumstances.
• Right to data portability: receive personal information you provided in a structured, commonly used, machine-readable format where technically feasible.
• Right to object: object to processing based on legitimate interests or for direct marketing.
• Right to withdraw consent: where processing is based on consent.
• Right to lodge a complaint with a supervisory authority in the EEA, UK, or other applicable jurisdiction.

10.1 California residents (CCPA/CPRA)

If you are a California resident, you may have rights to know what personal information we collect, use, and disclose; to delete personal information; to correct inaccurate personal information; and to opt out of the sale or sharing of personal information. LitmusRun does not sell personal information as defined by the California Consumer Privacy Act. We do not use sensitive personal information for purposes requiring opt-out consent under CPRA, except as permitted by law.

To exercise rights, email privacy@litmusrun.com with sufficient detail for us to verify your identity and locate your account. We may request additional information to prevent fraudulent requests. Authorized agents may submit requests on your behalf with proof of authorization as required by law.

LitmusRun is not directed to children under sixteen (16) years of age (or the minimum age required in your jurisdiction). We do not knowingly collect personal information from children. If you believe a child has provided personal information to us, contact us and we will take steps to delete such information.

Our website may contain links to third-party sites. When you submit a URL for validation, our systems may access that URL and associated resources as instructed by you. We are not responsible for the privacy practices of third-party websites or applications you choose to test. Review their policies before submitting credentials or personal data contained in staging environments.

Some browsers transmit "Do Not Track" signals. Because there is no uniform industry standard, we do not respond to all such signals in a prescribed manner. Where legally required, we honor recognized global privacy control signals for opt-out of sale or sharing of personal information.

We may update this Privacy Policy from time to time. When we make material changes, we will post the updated policy on this page and update the "Last updated" date. Where required by law, we will provide additional notice such as email or in-product notification. Continued use of the service after the effective date of changes constitutes acknowledgment of the updated policy where permitted by law.

This section describes how LitmusRun uses cookies and similar technologies on litmusrun.com and related application surfaces. Where required by law, including the EU ePrivacy Directive and UK PECR, we request consent before placing non-essential cookies.

Cookies are small text files placed on your device when you visit a website. We also use local storage to remember preferences. Cookies may be session cookies, deleted when you close the browser, or persistent cookies, which remain until they expire or you delete them.

Categories we use

• Strictly necessary: authentication, security, load balancing, and core functionality. These cannot be disabled if you use the Service.
• Functional: theme preference (light or dark mode) via local storage.
• Analytics: session recordings and heatmaps via Microsoft Clarity, loaded only if you accept all cookies in our banner where consent is required.

Cookies and storage we set

• Clerk session cookies: authentication and session management (strictly necessary).
• litmusrun-theme (local storage): theme preference (functional).
• litmusrun-cookie-consent (local storage): your cookie banner choice (strictly necessary).
• Microsoft Clarity: anonymous session analytics when you accept all cookies (see clarity.ms/terms).

Our authentication provider may set cookies when you sign in. Payment flows through our payment processor may set cookies during checkout. These providers maintain their own policies. We do not control third-party cookies outside our application.

On your first visit, our cookie banner lets you accept all cookies or use essential cookies only. You may change your choice by clearing site data and revisiting. Most browsers let you block or delete cookies; blocking strictly necessary cookies may prevent sign-in.

Where EU or UK law requires consent for non-essential cookies, we obtain it through the banner before loading Microsoft Clarity. You may withdraw consent at any time using the steps above.

If you opt in or where permitted by law, we may send product announcements, educational content, and promotional messages about LitmusRun. You may unsubscribe from marketing emails using the link in each message or by contacting us. Transactional messages related to your account, security, billing, or service changes may still be sent even if you opt out of marketing.

We maintain incident response procedures designed to detect, investigate, and respond to security incidents. If we determine that a breach of personal information has occurred and notification is required by law, we will notify affected individuals and regulators as required, using email or other appropriate channels.

Residents of Nevada may submit requests regarding the sale of certain covered information. LitmusRun does not sell covered information as defined under Nevada law. Residents of Virginia, Colorado, Connecticut, Utah, and other states with comprehensive privacy laws may have additional rights similar to those described in Section 10. Submit requests to the contact in Section 1.

Where required by GDPR Article 30, we maintain records of processing activities describing categories of data subjects, personal data categories, purposes, recipients, transfers, and retention. Enterprise customers may request supplemental information under a data processing agreement.

Privacy inquiries and data subject requests: privacy@litmusrun.com

Security reports: security@litmusrun.com

Related policies: Terms of Service (/terms), Refund Policy (/refund).