Terms of Service

Last updated: July 6, 2025

Table of Contents

1. Agreement to Terms

By downloading, installing, or using the Analytico desktop application or any services offered at https://www.analytico.io (collectively, the "Services"), you agree to be bound by these Terms of Service ("Terms"). If you do not agree, you may not use the Services.

2. Eligibility and Accounts

You must be at least 16 years old and capable of forming a binding contract to create an account. Account registration requires a Google OAuth login. You are responsible for keeping your login credentials secure and for all activities that occur under your account.

3. The Services

Analytico is a local analytics copilot that processes your data on your own machine. Optional features let you:

  • Publish interactive reports or notebooks to cloud hosting on AWS
  • Collaborate with teammates through shared links
  • Leverage AI models from OpenAI, Anthropic, and other providers for natural-language query generation, summarization, and recommendations

4. License

Subject to these Terms, Analytico grants you a limited, non-exclusive, non-transferable, revocable license to install and use the desktop application on devices you own or control solely for your internal business or personal purposes.

5. Use Restrictions

You may not:

  • Reverse engineer, decompile, or disassemble the software except as permitted by law
  • Circumvent technical limitations or security features
  • Use the Services to develop or train competing AI or analytics products
  • Upload or publish unlawful or infringing content
  • Violate applicable export, privacy, or data-protection laws

6. AI Processing

Analytico automatically submits relevant portions of your data to third-party AI providers to power core features. Paid, no-data-retention endpoints are used. You acknowledge and agree that:

  • AI outputs may contain errors. You must validate results before relying on them.
  • You cannot disable core AI processing, though you may opt out of sharing anonymous statistical metadata in Settings → Privacy.
  • You will not input content that you are prohibited from sharing with third parties.
Important: AI outputs may contain errors and should be validated before use in production environments.

7. User Content

"User Content" means data, files, prompts, reports, and any output you create with the Services. Except for the limited rights granted to Analytico to operate the Services, you retain all ownership in User Content. You represent that you have all rights necessary to submit the User Content and to grant Analytico the rights described in these Terms.

8. Cloud Publishing

By enabling publishing you instruct Analytico to host selected artifacts in AWS servers located in the EU. You are solely responsible for ensuring that published content does not contain confidential or regulated information. You can unpublish at any time through the application interface; cloud copies will be deleted within 30 days.

Data Responsibility: You are responsible for ensuring published content does not contain confidential or regulated information.

9. Payment and Subscriptions

Paid plans are processed by Stripe. Prices, billing cycle, and renewal terms are displayed in the checkout flow. Taxes may apply. You may cancel at any time, but fees already paid are non-refundable except where required by law.

Billing Aspect Details
Payment Processor Stripe
Pricing Display Shown in checkout flow
Taxes May apply based on location
Cancellation Available anytime
Refunds Non-refundable except where required by law

10. Updates and Beta Features

Analytico may provide automatic updates or new features. Beta or preview features are offered "as is" and may be changed or discontinued at any time without notice.

11. Proprietary Rights

Analytico and its licensors own all intellectual property rights in the Services. All trademarks, logos, and product names are the property of their respective owners.

12. Feedback

If you provide ideas, suggestions, or feedback, you grant Analytico a perpetual, irrevocable, royalty-free license to use that feedback for any purpose without compensation.

13. Privacy

Our Privacy Policy explains how we collect, use, and safeguard personal data and is incorporated by reference. By using the Services, you consent to our data practices.

14. Termination

You may stop using the Services at any time. Analytico may suspend or terminate your access if you breach these Terms or if required by law. Sections 6, 7, 9, 11, 12, 15-19 survive termination.

Surviving Sections After Termination:

  • AI Processing (Section 6)
  • User Content (Section 7)
  • Payment and Subscriptions (Section 9)
  • Proprietary Rights (Section 11)
  • Feedback (Section 12)
  • Disclaimers (Section 15)
  • Limitation of Liability (Section 16)
  • Indemnification (Section 17)
  • Export Compliance (Section 18)
  • Governing Law and Dispute Resolution (Section 19)

15. Disclaimers

The Services are provided "as is" and "as available." Analytico disclaims all warranties, express or implied, including merchantability, fitness for a particular purpose, and non-infringement. Analytico does not warrant that the Services will be error-free, uninterrupted, or secure, or that AI outputs will be accurate.

No Warranty: The Services are provided "as is" without any warranties, express or implied.

16. Limitation of Liability

To the maximum extent permitted by law, Analytico will not be liable for indirect, incidental, special, consequential, or punitive damages, or for loss of profits, data, or goodwill, even if advised of the possibility. Analytico's total liability arising out of or relating to the Services is limited to the amount you paid to Analytico in the 12 months preceding the claim.

17. Indemnification

You agree to indemnify and hold harmless Analytico and its officers, directors, employees, and agents from any claims, damages, or expenses arising from your use of the Services or violation of these Terms.

18. Export Compliance

You may not use or export the Services in violation of applicable export laws and regulations.

19. Governing Law and Dispute Resolution

These Terms are governed by the laws of the State of Israel without regard to conflict-of-law rules. Any dispute that cannot be resolved informally will be submitted to the exclusive jurisdiction of the competent courts in Tel Aviv, Israel. The United Nations Convention on Contracts for the International Sale of Goods does not apply.

Legal Aspect Details
Governing Law Laws of the State of Israel
Jurisdiction Courts in Tel Aviv, Israel
Conflict of Laws Rules do not apply
UN Convention Does not apply to these Terms

20. Changes to Terms

We may modify these Terms. Material changes will be posted in-app or on https://www.analytico.io and will become effective 14 days after notice. Your continued use of the Services after the effective date constitutes acceptance of the revised Terms.

21. Contact

Analytico Legal Team

Email: daniel@analytico.io

If you have questions about these Terms, please contact us at the address above.

Privacy Policy

Last updated: July 6, 2025

Table of Contents

1. Who We Are

Analytico ("Analytico," "we," "our," or "us") is a desktop analytics copilot that helps data professionals explore and visualize data locally while optionally publishing interactive reports to the cloud. This Privacy Policy explains how we collect, use, disclose, and safeguard personal information when you use our website (https://www.analytico.io) and the Analytico desktop application (together, the "Services").

2. Scope

This Policy applies to any person who visits our website or installs and uses the Analytico application. It does not apply to information processed entirely on your own infrastructure that never leaves your device.

3. Information We Collect

Category What We Collect Purpose Legal Basis (EU/UK)
Account Data Name, email address, Google-OAuth identifier Account creation, authentication Contract performance
Payment Data Collected and processed by Stripe (we never store full card numbers) Billing, subscription management Contract performance
Usage Metrics Pages visited, feature interactions, error events, volumes of usage (via Mixpanel and Sentry) Product analytics, debugging, service improvement Legitimate interests; consent where required
AI Interaction Metadata Structural metadata about prompts and responses (never raw content unless you choose to publish) Model quality improvement, troubleshooting Legitimate interests; opt-out available for statistical metadata
User-Uploaded Content Datasets, notebooks, dashboards, reports you choose to import or publish Core functionality Contract performance
Technical Data Device type, OS version, app version, IP-derived region Security, fraud prevention, analytics Legitimate interests

No cookies: Analytico is an Electron desktop app and does not set browser cookies or third-party pixels. Website analytics use Google Analytics cookies solely on analytico.io.

4. How We Use Information

  • Provide, operate, and maintain the Services
  • Authenticate users and secure accounts
  • Process payments and manage subscriptions
  • Diagnose and fix bugs or performance issues
  • Improve and develop new features, including AI models
  • Send service-related notices (e.g., critical updates, billing alerts)
  • Comply with legal obligations
We do not sell or rent your personal information.

5. AI Processing Details

Question Answer
Third-party providers OpenAI, Anthropic, OpenRouter (model routing); all via paid, no-data-retention endpoints
Data sent Text you explicitly run through AI features, project structure, and relevant code or schema snippets
PII transmission Possible if your data contains it; no automatic removal
Vendor training Vendors are contractually opted-out of training on your content
Our own training We may train models on aggregated, de-identified statistics (never raw user content)
Opt-out Core AI processing cannot be disabled because it underpins Analytico's functionality; you may disable optional statistical metadata sharing in Settings

6. How We Share Information

We share information only with the subprocessors necessary to run Analytico:

Subprocessor Purpose Region
Supabase User account database and authentication EU
Stripe Payment processing EU/US (DPF & SCCs)
AWS Hosting for optional published reports EU (Frankfurt)
OpenAI, Anthropic, OpenRouter AI inference US (SCCs/DPF)
Mixpanel Product analytics EU/US (SCCs/DPF)
Sentry Error monitoring EU/US (SCCs/DPF)

Each subprocessor is bound by a Data Processing Agreement (DPA) and Standard Contractual Clauses (SCCs) or Data Privacy Framework participation where applicable.

7. Data Location & International Transfers

Most data stays on your local machine. If you publish content or interact with cloud features, data may be transferred to the European Union or the United States. We rely on SCCs, the EU-US Data Privacy Framework, or other recognized safeguards for such transfers.

8. Security

  • TLS encryption for all in-transit data leaving your device
  • Encryption-at-rest for any cloud-stored secrets and published content
  • Secrets (e.g., API keys, passwords) stored in OS-level secure keychains
  • Access to production systems limited to a small, vetted Analytico team on a least-privilege basis
  • Continuous monitoring and automated alerts via Sentry

9. Retention

  • Local project data: stays until you delete the project folder
  • Published content: deleted within 30 days of your unpublish request
  • Account records and logs: retained until you request deletion, then erased within 30 days unless a longer period is required by law

10. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Rectify inaccurate or incomplete data
  • Delete your data ("right to be forgotten")
  • Export data in a portable format
  • Object to or restrict certain processing

How to exercise:

  • Local data: delete the project folder or use in-app data management tools
  • Published or account data: email privacy@analytico.io from your registered address

We will respond within 30 days.

11. Children

Analytico is not directed to children under 16, and we do not knowingly collect data from minors. If you believe a minor has provided personal data, please contact us and we will delete it.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be announced in-app or via email at least 14 days before they take effect. Continued use of the Services after the effective date constitutes acceptance of the revised Policy.

13. Contact Us

Analytico Privacy Team

Email: daniel@analytico.io

For any questions about this Policy or our privacy practices, please contact us using the information above.

Data Processing Agreement

Effective date: July 6, 2025

Agreement Context: This Data Processing Agreement ("Agreement") forms part of the Terms of Service or other written or electronic agreement between Analytico Ltd. ("Processor" or "Analytico") and the customer entity that accepts or otherwise agrees to those terms ("Controller" or "Customer").

Table of Contents

1. Definitions

Term Definition
Applicable Data Protection Law All laws and regulations regarding the protection of Personal Data that apply to the Processing under this Agreement, including the EU and UK GDPR.
Personal Data Any information relating to an identified or identifiable natural person that is Processed by Analytico on behalf of Customer.
Processing, Processor, and Controller Have the meanings set out in Applicable Data Protection Law.
Standard Contractual Clauses The clauses adopted by the European Commission Implementing Decision 2021/914 and, where relevant, the UK Addendum.
Services The Analytico desktop application, website, and any related cloud features provided to Customer.

2. Subject Matter and Duration

  • 2.1 This Agreement governs Analytico's Processing of Personal Data on behalf of Customer in the course of providing the Services.
  • 2.2 This Agreement remains in force for the term of the underlying Services agreement and until all Personal Data has been deleted or returned to Customer.

3. Purpose and Nature of Processing

Analytico Processes Personal Data solely to provide, secure, and improve the Services, including:

  • Local analytics copilot functions within the desktop app
  • Optional cloud publication of notebooks, dashboards, or reports
  • Error monitoring, usage analytics, and product development
  • Automated AI-powered analysis using third-party model providers (see Annex III)

4. Categories of Data and Data Subjects

Item Description
Data Subjects Customer's employees, contractors, end users, and any individuals whose data appears in datasets Customer imports
Categories of Personal Data Names, email addresses, Google OAuth identifiers, usage metrics (pseudonymous), technical device data, any Personal Data included by Customer in uploaded datasets or published reports
Special Categories Not intended – Customer must not intentionally submit special-category data without a lawful basis

Full details appear in Annex I.

5. Obligations of Controller

Customer will:

  • a. ensure it has a valid legal basis for all Processing carried out under this Agreement,
  • b. provide any required notices to data subjects,
  • c. not instruct Analytico to Process Personal Data in violation of Applicable Data Protection Law.

6. Obligations of Processor

Analytico shall:

  • 6.1 Process only on documented instructions – including those set out in the Agreement, unless otherwise required by EU or Member State law.
  • 6.2 Confidentiality – ensure all personnel authorised to Process Personal Data are subject to confidentiality obligations.
  • 6.3 Security – implement the technical and organisational measures in Annex II and maintain them throughout the term.
  • 6.4 Sub-processors – engage only the sub-processors listed in Annex III and notify Customer of any intended additions or replacements, giving Customer an opportunity to object on reasonable grounds.
  • 6.5 Data Subject Rights – taking into account the nature of the Processing, assist Customer by appropriate technical and organisational measures to respond to requests for exercising data-subject rights.
  • 6.6 Data Protection Impact Assessments – provide reasonable assistance to Customer with DPIAs and prior consultations with supervisory authorities where required.
  • 6.7 Breach Notification – notify Customer without undue delay after becoming aware of a Personal Data Breach and provide information necessary for Customer to comply with its legal obligations.
  • 6.8 Return or Deletion – at termination, delete or return Personal Data at Customer's choice, except to the extent EU or Member State law requires retention.

7. International Transfers

  • 7.1 Where Analytico or its sub-processors transfer Personal Data outside the EEA or UK to a country that has not received an adequacy decision, such transfer shall be governed by the Standard Contractual Clauses incorporated by reference.
  • 7.2 For transfers to the United States, Analytico or the relevant sub-processor will rely on either the Data Privacy Framework certification or the SCCs.

8. Audits

Analytico will make available all information necessary to demonstrate compliance with this Agreement and allow, at Customer's reasonable request and expense, audits by an independent third party bound to confidentiality. Audits may occur once per year and after any material Personal Data Breach.

9. Liability and Indemnity

Each party is liable for the damages it causes by any Processing that infringes Applicable Data Protection Law. Liability limitations in the main Services agreement apply to this Agreement to the maximum extent permitted by law.

10. Precedence

In the event of conflict, the provisions of the Standard Contractual Clauses prevail, followed by this Agreement, followed by the main Services agreement.

11. Governing Law

This Agreement is governed by the same law and jurisdiction as the main Services agreement, unless the SCCs require otherwise.

Annex I – Details of Processing

Element Description
Processor Analytico Ltd., 18 HaHarash St., Tel Aviv 6515118, Israel
Controller The Customer entity that accepted the Analytico Terms of Service
Purpose Provide and improve the Analytico Services, including AI-powered analytics, publishing features, account management, security, and support
Data Subjects See Section 4
Personal Data See Section 4
Duration For the term of the Services plus deletion period
Frequency Continuous and ad-hoc, depending on user interactions
Location of Processing Primarily on the user's device; cloud operations in the EU and United States as listed in Annex III

Annex II – Technical and Organisational Security Measures

Encryption

  • TLS 1.2+ for all data in transit leaving the user's device
  • AES-256 or stronger encryption for secrets stored in the cloud

Access Control

  • Role based access with least-privilege principle
  • Multi-factor authentication for privileged accounts

Physical Security

  • Cloud infrastructure hosted in ISO 27001 certified data centres (AWS)

System Security

  • Separation of production and development environments
  • Automated dependency vulnerability scanning
  • Regular penetration testing

Monitoring and Logging

  • Centralised logging with tamper protection
  • Real-time alerting via Sentry for anomalous events

Business Continuity

  • Encrypted backups of published content
  • Disaster recovery plan tested at least annually

Personnel Security

  • Background checks for employees with production access
  • Mandatory security awareness training

Incident Response

  • Documented procedure defining roles, escalation paths, and customer communication timelines

Annex III – Approved Sub-processors

Sub-processor Address Role Safeguards
Supabase Inc. 970 Toa Payoh North, Singapore Managed Postgres – user accounts and auth SCCs
Amazon Web Services EMEA SARL 38 avenue John F. Kennedy, L-1855 Luxembourg Hosting for publishing features (EU region) Intra-group SCCs
OpenAI LLC 3180 18th St., San Francisco CA 94110, USA AI inference SCCs + Data Privacy Framework
Anthropic PBC 548 Market St., PMB 79605, San Francisco CA 94104, USA AI inference SCCs + DPF
OpenRouter, Inc. 651 N. Broad St., Suite 206, Middletown DE 19709, USA Model routing platform SCCs
Mixpanel Inc. One Front St., 28th Floor, San Francisco CA 94111, USA Product analytics SCCs + DPF
Functional Software Inc. (Sentry) 45 Fremont St., 8th Floor, San Francisco CA 94105, USA Error monitoring SCCs + DPF
Stripe Payments Europe Ltd. 1 Grand Canal Street Lower, Dublin 2, Ireland Payment processing N/A – no Personal Data handled by Analytico
Updates: Updates to sub-processors will be announced via email or in-app at least 30 days before activation.