Andru Platform Privacy Policy

Last Updated: March 16, 2026
Effective Date: November 1, 2025

Plain Language Summary

What you need to know about your data:

We built Andru for technical founders who value authenticity and transparency. This Privacy Policy reflects those values by being honest about what data we collect, why we collect it, and how we protect it.

The essentials:

We collect what we need: Assessment responses, business context, and usage data to provide personalized recommendations
Your data stays yours: We never sell your individual business data to anyone, period
AI providers don't train on your data: Our primary AI provider (Anthropic) does not use API data for model training. Your product intelligence stays yours.
No telemetry from CLI or MCP: The andru-intel CLI and MCP server send no usage analytics or telemetry back to us
Security matters: Row-level database isolation, encrypted at rest and in transit, prompt injection defenses, and automated security monitoring
You have control: Access, export, or delete your data at any time. Deletion is permanent and cascades across all tables.
Transparency commitment: If our practices change materially, we'll tell you clearly and directly

Our values-driven approach:

Unlike platforms that monetize user data, we make money by actually helping you succeed. Your transformation is our business model, not your data.

1. Introduction

1.1 Who We Are

This Privacy Policy is provided by Humus & Shore LLC ("H&S," "we," "us," or "our"), the company behind the Andru revenue acceleration platform ("Platform").

Our Commitment:

We built the Platform with Empathy as a core value—people before profits. This extends to data practices. We collect only what serves your success, protect it carefully, and never exploit it for revenue beyond our subscription model.

1.2 Scope of This Policy

This Privacy Policy applies to:

Information collected through the Andru Platform (web-based interface at platform.andru-ai.com)
Information collected through the Andru CLI (andru-intel npm package)
Information collected through the Andru MCP Server (Claude Desktop, Cursor, and other MCP clients)
Information collected through the Andru Chrome Extension
Information collected through related communications (email, support)
Information processed when you use Platform features (assessments, recommendations, intelligence tools)

1.3 Your Consent

By using the Platform, you consent to the data practices described in this Privacy Policy. If you do not agree, please do not use the Platform.

2. Information We Collect

2.1 Information You Provide Directly

Account Information:

Name and email address
Company name and website
Job title and role
Payment information (processed by third-party payment processor)
Contact preferences

Assessment Responses:

Revenue readiness evaluation answers
ICP (Ideal Customer Profile) definition data
Buyer persona information
Go-to-market strategy details
Financial data (ARR, pricing, customer metrics)
Product capability descriptions
Market positioning information

2.2 Information Collected Automatically

Usage Data:

Pages visited and features accessed
Time spent on Platform sections
Assessment completion rates
Click patterns and navigation flow
Session duration and frequency

Technical Information:

IP address
Browser type and version
Operating system
Device type (desktop, tablet, mobile)

3. How We Use Your Information

3.1 Primary Uses: Providing Platform Services

We use your information to:

Personalize Your Experience:

Generate customized recommendations based on your business context
Tailor framework guidance to your funding stage and growth trajectory
Prioritize relevant content and resources
Create business cases and analysis specific to your situation

Operate Core Platform Features:

Process assessments and calculate scores
Provide comparative benchmarking (using anonymized aggregate data)
Generate reports and visualizations
Enable export and integration functionality

3.2 Aggregated and Anonymized Data

We may use aggregated, anonymized data to:

Create industry benchmarks (e.g., "Companies at your stage typically have X")
Develop case studies and success patterns (with all identifying information removed)
Produce research reports on revenue strategy trends
Improve AI/ML recommendation algorithms

What "anonymized" means:

Data is stripped of all identifying information—company names, individual names, specific financial figures, unique circumstances—making it impossible to trace back to you.

4. How We Share Your Information

4.1 We Do NOT Sell Your Data

Clear commitment: We do not and will never sell your individual business data to third parties. Period.

Our business model is subscription revenue from helping you succeed, not monetizing your information.

4.2 Service Providers and Processors

We share information with trusted third-party service providers who help us operate the Platform:

AI Providers: Anthropic (primary), Google, Mistral, and Together AI (fallbacks). Your data is sent to these providers to generate intelligence (ICP profiles, competitive positioning, meeting briefs). Anthropic does not train on API data — your product intelligence is not used for model improvement. Fallback providers are used only when the primary provider is unavailable.
Database: Supabase (PostgreSQL on AWS, US region). All persistent customer data is stored here with row-level security.
Application Hosting: Render (US region). Backend API, agent platform, and MCP server hosting.
Payment Processing: Stripe for subscription billing
Email: Resend for transactional emails (account notifications, deletion confirmations)
Frontend Hosting: Netlify for the web application (no customer data — static assets only)

All service providers:

Are contractually obligated to protect your data
May only use data to provide services to us
Must comply with applicable privacy laws
Do not use your data for model training or their own purposes

For detailed information about our data processing practices, including sub-processor list and data transfer mechanisms, see our Data Processing Agreement available upon request at geter@andru-ai.com.

5. Data Security

5.1 Our Security Approach

Given that you entrust us with confidential business information, we implement comprehensive security measures:

Encryption:

Data in transit: TLS 1.2+ for all connections
Data at rest: AES-256 encryption (Supabase PostgreSQL on AWS)
Database encryption: All customer data encrypted at the storage layer

Data Isolation:

Row-Level Security (RLS) policies enforce tenant isolation — you can only access your own data
API-key-scoped sessions for CLI and MCP access — no shared state between customers
Each AI call is independent — your data never appears in another customer's prompt
Customer-supplied text in AI prompts is wrapped in structural boundaries to prevent prompt injection

Automated Security Monitoring:

SIEM event pipeline with real-time detection and automated containment
Daily database security audits (row-level security verification)
Dependency vulnerability scanning on every code change
Secret scanning to prevent accidental credential exposure
15-minute uptime monitoring with automated incident response

Access Controls:

Role-based access: Team members access only data necessary for their role
API responses scanned for accidentally exposed secrets before delivery

6. Your Privacy Rights and Choices

6.1 Access Your Data

You have the right to:

Request a copy of all data we hold about you
Review your assessment responses and account information
Receive data in portable format (JSON, CSV)

6.2 Delete Your Data

You have the right to:

Delete your account at any time
Request deletion of specific assessment or pipeline data
Have your data permanently removed from all our systems

How deletion works:

Go to Settings → Account → Delete Account
You get a 3-day grace period — cancel by logging back in
After 3 days: permanent deletion cascade removes your data from every table in our database — profiles, assessments, ICP data, pipeline runs, generated resources, API keys, usage logs, and all AI-generated intelligence
Active subscriptions are cancelled automatically
Connected integrations (OAuth tokens) are revoked
Authentication credentials are permanently removed
Transient cache data (Redis) expires automatically via TTL
Local MCP cache (on your device) is your responsibility to clear

Or contact geter@andru-ai.com to request deletion.

7. Contact Us About Privacy

Privacy & Data Inquiries: geter@andru-ai.com

Data Processing Agreement: Available upon request at geter@andru-ai.com

8. CLI and MCP Server Data Practices

The andru-intel CLI and mcp-server-andru-intelligence MCP server provide buyer intelligence tools in your terminal and AI coding tools (Claude Desktop, Cursor).

8.1 What Data Is Processed

Product descriptions, company names, and ICP criteria you provide as tool arguments
This data is sent to the Andru backend API for intelligence generation
AI calls are scoped to your API key — your data is never mixed with other customers' data

8.2 What We Do NOT Collect from CLI/MCP

No telemetry: We do not track which commands you run, how often you use the tools, or any usage analytics
No local file access: The CLI and MCP server do not read files from your machine beyond the SQLite offline cache
No background communication: The tools only make API calls when you explicitly invoke a tool — no heartbeats, no check-ins

8.3 Offline Cache

The MCP server may store recent results in a local SQLite cache on your machine for offline access. This data stays on your device and is your responsibility to manage. Clear it by deleting the cache file or reinstalling the package.

9. Chrome Extension Data Practices

The Andru Sales Intelligence Chrome Extension provides real-time sales intelligence on LinkedIn, Gmail, and company websites. This section describes the extension's specific data practices.

8.1 Data Collected by the Extension

LinkedIn Signal Badge:

Profile names, job titles, and company names visible on LinkedIn profile pages you visit
This data is sent to the Andru API to score ICP fit and return persona intelligence
Data is processed in real time and not stored beyond the API request lifecycle

Gmail Tone Coach:

Text content of emails you are actively composing in Gmail
Compose text is analyzed for tone (aggressive, passive, unclear) and returned with coaching suggestions
Email content is not stored, logged, or retained after analysis

ICP Company Rater:

Company names selected via right-click context menu on any webpage
The selected text is sent to the Andru API for ICP scoring

8.2 How Extension Data Is Transmitted

All data is transmitted via HTTPS to the Andru API
Requests are authenticated with your Andru API key stored in Chrome's local storage
No data is sent to any third party other than the Andru API

8.3 Extension Permissions

storage: Stores your API key and extension preferences locally in your browser
activeTab: Reads the current page to extract LinkedIn profile data or company information when you activate the extension
tabs: Detects whether you are on LinkedIn or Gmail to activate the relevant content script
contextMenus: Adds the "Rate ICP Fit" option to your right-click menu
Host permissions (linkedin.com, mail.google.com): Required to inject content scripts that display ICP badges and tone coaching on these sites

8.4 Extension Data Retention

The extension does not persist any page content, email text, or profile data. All analysis is performed in real time via API calls. The only data stored locally is your API key and display preferences.

You can remove all locally stored extension data by uninstalling the extension or clearing extension data in Chrome settings.

Final Note: Privacy as Partnership

Privacy isn't just about compliance—it's about respect.

We built this platform to help technical founders transform their revenue processes through systematic, authentic approaches. That same authenticity extends to how we handle your data.

You're trusting us with:

Confidential business information
Strategic plans and roadmaps
Financial performance metrics
Competitive positioning details

We honor that trust by:

Protecting your data as if it were our own
Being transparent about our practices and limitations
Giving you control over your information
Never exploiting your data for purposes beyond serving you

If you have questions, concerns, or suggestions about our privacy practices, please reach out. We genuinely want to hear from you.

This Privacy Policy is drafted to balance legal compliance with H&S's values of Transparency and Empathy.

Andru Platform Privacy Policy

Last Updated: March 16, 2026
Effective Date: November 1, 2025

Plain Language Summary

What you need to know about your data:

The essentials:

We collect what we need: Assessment responses, business context, and usage data to provide personalized recommendations
Your data stays yours: We never sell your individual business data to anyone, period
AI providers don't train on your data: Our primary AI provider (Anthropic) does not use API data for model training. Your product intelligence stays yours.
No telemetry from CLI or MCP: The andru-intel CLI and MCP server send no usage analytics or telemetry back to us
Security matters: Row-level database isolation, encrypted at rest and in transit, prompt injection defenses, and automated security monitoring
You have control: Access, export, or delete your data at any time. Deletion is permanent and cascades across all tables.
Transparency commitment: If our practices change materially, we'll tell you clearly and directly

Our values-driven approach:

Unlike platforms that monetize user data, we make money by actually helping you succeed. Your transformation is our business model, not your data.

1. Introduction

1.1 Who We Are

This Privacy Policy is provided by Humus & Shore LLC ("H&S," "we," "us," or "our"), the company behind the Andru revenue acceleration platform ("Platform").

Our Commitment:

1.2 Scope of This Policy

This Privacy Policy applies to:

Information collected through the Andru Platform (web-based interface at platform.andru-ai.com)
Information collected through the Andru CLI (andru-intel npm package)
Information collected through the Andru MCP Server (Claude Desktop, Cursor, and other MCP clients)
Information collected through the Andru Chrome Extension
Information collected through related communications (email, support)
Information processed when you use Platform features (assessments, recommendations, intelligence tools)

1.3 Your Consent

By using the Platform, you consent to the data practices described in this Privacy Policy. If you do not agree, please do not use the Platform.

2. Information We Collect

2.1 Information You Provide Directly

Account Information:

Name and email address
Company name and website
Job title and role
Payment information (processed by third-party payment processor)
Contact preferences

Assessment Responses:

Revenue readiness evaluation answers
ICP (Ideal Customer Profile) definition data
Buyer persona information
Go-to-market strategy details
Financial data (ARR, pricing, customer metrics)
Product capability descriptions
Market positioning information

2.2 Information Collected Automatically

Usage Data:

Pages visited and features accessed
Time spent on Platform sections
Assessment completion rates
Click patterns and navigation flow
Session duration and frequency

Technical Information:

IP address
Browser type and version
Operating system
Device type (desktop, tablet, mobile)

3. How We Use Your Information

3.1 Primary Uses: Providing Platform Services

We use your information to:

Personalize Your Experience:

Generate customized recommendations based on your business context
Tailor framework guidance to your funding stage and growth trajectory
Prioritize relevant content and resources
Create business cases and analysis specific to your situation

Operate Core Platform Features:

Process assessments and calculate scores
Provide comparative benchmarking (using anonymized aggregate data)
Generate reports and visualizations
Enable export and integration functionality

3.2 Aggregated and Anonymized Data

We may use aggregated, anonymized data to:

Create industry benchmarks (e.g., "Companies at your stage typically have X")
Develop case studies and success patterns (with all identifying information removed)
Produce research reports on revenue strategy trends
Improve AI/ML recommendation algorithms

What "anonymized" means:

Data is stripped of all identifying information—company names, individual names, specific financial figures, unique circumstances—making it impossible to trace back to you.

4. How We Share Your Information

4.1 We Do NOT Sell Your Data

Clear commitment: We do not and will never sell your individual business data to third parties. Period.

Our business model is subscription revenue from helping you succeed, not monetizing your information.

4.2 Service Providers and Processors

We share information with trusted third-party service providers who help us operate the Platform:

AI Providers: Anthropic (primary), Google, Mistral, and Together AI (fallbacks). Your data is sent to these providers to generate intelligence (ICP profiles, competitive positioning, meeting briefs). Anthropic does not train on API data — your product intelligence is not used for model improvement. Fallback providers are used only when the primary provider is unavailable.
Database: Supabase (PostgreSQL on AWS, US region). All persistent customer data is stored here with row-level security.
Application Hosting: Render (US region). Backend API, agent platform, and MCP server hosting.
Payment Processing: Stripe for subscription billing
Email: Resend for transactional emails (account notifications, deletion confirmations)
Frontend Hosting: Netlify for the web application (no customer data — static assets only)

All service providers:

Are contractually obligated to protect your data
May only use data to provide services to us
Must comply with applicable privacy laws
Do not use your data for model training or their own purposes

5. Data Security

5.1 Our Security Approach

Given that you entrust us with confidential business information, we implement comprehensive security measures:

Encryption:

Data in transit: TLS 1.2+ for all connections
Data at rest: AES-256 encryption (Supabase PostgreSQL on AWS)
Database encryption: All customer data encrypted at the storage layer

Data Isolation:

Row-Level Security (RLS) policies enforce tenant isolation — you can only access your own data
API-key-scoped sessions for CLI and MCP access — no shared state between customers
Each AI call is independent — your data never appears in another customer's prompt
Customer-supplied text in AI prompts is wrapped in structural boundaries to prevent prompt injection

Automated Security Monitoring:

SIEM event pipeline with real-time detection and automated containment
Daily database security audits (row-level security verification)
Dependency vulnerability scanning on every code change
Secret scanning to prevent accidental credential exposure
15-minute uptime monitoring with automated incident response

Access Controls:

Role-based access: Team members access only data necessary for their role
API responses scanned for accidentally exposed secrets before delivery

6. Your Privacy Rights and Choices

6.1 Access Your Data

You have the right to:

Request a copy of all data we hold about you
Review your assessment responses and account information
Receive data in portable format (JSON, CSV)

6.2 Delete Your Data

You have the right to:

Delete your account at any time
Request deletion of specific assessment or pipeline data
Have your data permanently removed from all our systems

How deletion works:

Go to Settings → Account → Delete Account
You get a 3-day grace period — cancel by logging back in
After 3 days: permanent deletion cascade removes your data from every table in our database — profiles, assessments, ICP data, pipeline runs, generated resources, API keys, usage logs, and all AI-generated intelligence
Active subscriptions are cancelled automatically
Connected integrations (OAuth tokens) are revoked
Authentication credentials are permanently removed
Transient cache data (Redis) expires automatically via TTL
Local MCP cache (on your device) is your responsibility to clear

Or contact geter@andru-ai.com to request deletion.

7. Contact Us About Privacy

Privacy & Data Inquiries: geter@andru-ai.com

Data Processing Agreement: Available upon request at geter@andru-ai.com

8. CLI and MCP Server Data Practices

The andru-intel CLI and mcp-server-andru-intelligence MCP server provide buyer intelligence tools in your terminal and AI coding tools (Claude Desktop, Cursor).

8.1 What Data Is Processed

Product descriptions, company names, and ICP criteria you provide as tool arguments
This data is sent to the Andru backend API for intelligence generation
AI calls are scoped to your API key — your data is never mixed with other customers' data

8.2 What We Do NOT Collect from CLI/MCP

No telemetry: We do not track which commands you run, how often you use the tools, or any usage analytics
No local file access: The CLI and MCP server do not read files from your machine beyond the SQLite offline cache
No background communication: The tools only make API calls when you explicitly invoke a tool — no heartbeats, no check-ins

8.3 Offline Cache

9. Chrome Extension Data Practices

The Andru Sales Intelligence Chrome Extension provides real-time sales intelligence on LinkedIn, Gmail, and company websites. This section describes the extension's specific data practices.

8.1 Data Collected by the Extension

LinkedIn Signal Badge:

Profile names, job titles, and company names visible on LinkedIn profile pages you visit
This data is sent to the Andru API to score ICP fit and return persona intelligence
Data is processed in real time and not stored beyond the API request lifecycle

Gmail Tone Coach:

Text content of emails you are actively composing in Gmail
Compose text is analyzed for tone (aggressive, passive, unclear) and returned with coaching suggestions
Email content is not stored, logged, or retained after analysis

ICP Company Rater:

Company names selected via right-click context menu on any webpage
The selected text is sent to the Andru API for ICP scoring

8.2 How Extension Data Is Transmitted

All data is transmitted via HTTPS to the Andru API
Requests are authenticated with your Andru API key stored in Chrome's local storage
No data is sent to any third party other than the Andru API

8.3 Extension Permissions

storage: Stores your API key and extension preferences locally in your browser
activeTab: Reads the current page to extract LinkedIn profile data or company information when you activate the extension
tabs: Detects whether you are on LinkedIn or Gmail to activate the relevant content script
contextMenus: Adds the "Rate ICP Fit" option to your right-click menu
Host permissions (linkedin.com, mail.google.com): Required to inject content scripts that display ICP badges and tone coaching on these sites

8.4 Extension Data Retention

You can remove all locally stored extension data by uninstalling the extension or clearing extension data in Chrome settings.

Final Note: Privacy as Partnership

Privacy isn't just about compliance—it's about respect.

We built this platform to help technical founders transform their revenue processes through systematic, authentic approaches. That same authenticity extends to how we handle your data.

You're trusting us with:

Confidential business information
Strategic plans and roadmaps
Financial performance metrics
Competitive positioning details

We honor that trust by:

Protecting your data as if it were our own
Being transparent about our practices and limitations
Giving you control over your information
Never exploiting your data for purposes beyond serving you

If you have questions, concerns, or suggestions about our privacy practices, please reach out. We genuinely want to hear from you.

This Privacy Policy is drafted to balance legal compliance with H&S's values of Transparency and Empathy.