Privacy Policy
Effective Date: March 1, 2026 · Last Updated: May 21, 2026
The Short Version: The June 1 SaaS launch is a hosted service for non-regulated datasets. We process files you upload for the analysis job you request, operate the service with DID account and license data, and do not use dataset contents for advertising or third-party model training.
1. Introduction
Detailed In Design, LLC (“Company,” “we,” “us,” or “our”), an Illinois Limited Liability Company, operates Dataset Reality Check, a hosted application for pre-model epistemic dataset analysis. This Privacy Policy explains what information we collect, how we use it, and your rights regarding that information.
This policy applies to:
- The Dataset Reality Check hosted web application
- The Dataset Reality Check product website
- The DID checkout and license-agent account flow
- All interactions with our support channels
2. Our Core Privacy Principle: Controlled Dataset Processing
Hosted launch scope is intentionally limited. Dataset Reality Check is intended for non-regulated datasets unless a separate enterprise agreement covers private deployment, data handling, support, and retention requirements.
When you upload a CSV, TSV, or Parquet file (up to 500 MB) to the hosted service, the file is processed for the analysis job you start. Private, offline, and air-gapped processing is available only through a custom enterprise deployment.
3. What We Limit
For the hosted launch, we limit dataset handling as follows:
- Dataset uploads are used to perform the requested analysis job.
- Hosted launch excludes PHI, payment card data, classified data, and other regulated datasets unless separately agreed in writing.
- Dataset contents are not used for advertising, resale, or third-party model training.
- Access to operational data is limited by role and business need.
- Screenshots or screen recordings of the application
- Keystrokes outside the normal web form and application interactions
4. Information We Collect
4.1 License Heartbeat
Licensed deployments may perform a periodic license verification request (“heartbeat”) to confirm subscription status. This heartbeat transmits only:
- Your license key (a unique identifier tied to your subscription)
- Application version number
- Operating system type (e.g., Windows, macOS, Linux)
- A timestamp of the request
The heartbeat does not transmit dataset contents. Hosted job processing is separate from license verification.
4.2 Account Information
When you create an account through our customer portal, we collect:
- Full name
- Email address
- Company name (optional)
- Password (stored as a bcrypt hash; we never store plaintext passwords)
4.3 Payment Information
Payment processing is handled exclusively by Stripe. We do not store credit card numbers, CVVs, or full payment credentials on our servers. We retain only:
- Billing name and address
- Payment method type (e.g., Visa ending in 1234)
- Transaction history and invoice records
4.4 Support Data
If you contact our support team, we collect the content of your correspondence (email messages, attachments you choose to send). We will never ask you to send your datasets for troubleshooting.
4.5 Website Analytics
Our product website collects standard web server logs including IP address, browser type, referring URL, and pages visited. We do not use third-party analytics trackers, advertising pixels, or cross-site tracking cookies.
5. How We Use Your Information
- License Verification: To validate your subscription and enable application access.
- Account Management: To maintain your account, process payments, and manage your subscription.
- Customer Support: To respond to your inquiries and resolve issues.
- Service Communications: To send transactional messages including license expiration notices, payment confirmations, and critical security updates. We do not send marketing emails without your explicit opt-in consent.
- Legal Compliance: To comply with applicable laws, regulations, and legal processes.
6. Offline and Air-Gap Operation
Offline and air-gapped operation is available as custom enterprise work, not as part of the self-serve hosted launch. If your environment requires no network connectivity:
- We scope deployment, updates, data handling, support, and activation before delivery.
- The license heartbeat may be replaced with an offline activation workflow.
- Analysis features and limits are defined in the enterprise agreement.
- Updates can be applied manually via downloadable packages.
When operating under a properly scoped offline deployment, dataset transmission terms are governed by that deployment agreement.
7. Data Sharing and Third Parties
We share information with the following third parties only:
- Stripe (Payment Processor): Billing name, email, and payment details for subscription processing.
- Cloudflare (CDN / Security): IP addresses and request metadata for website delivery and DDoS protection.
We do not:
- Sell personal data to any third party
- Use personal data for targeted advertising
- Share data with data brokers
- Profile users for marketing purposes
8. Data Retention
- Account Information: Retained for the duration of your active account plus 30 days after account deletion.
- Payment Records: Retained for 7 years for tax and legal compliance.
- Dataset Uploads: Retained only as needed to run the requested hosted analysis job and support short-term operational recovery unless a separate enterprise agreement states otherwise.
- License Heartbeat Logs: Retained for 90 days, then permanently deleted.
- Support Correspondence: Retained for the duration of your active account plus 30 days after account deletion.
- Website Logs: Retained for 90 days.
Upon account deletion, a 30-day grace period allows restoration. After 30 days, all personal data is permanently deleted.
9. Data Security
We implement the following security measures:
- Encryption in Transit: All communications between the application and our license server use TLS 1.2 or higher.
- Encryption at Rest: All stored data on our servers is encrypted with AES-256.
- Password Security: Passwords are hashed with bcrypt using per-user salts.
- Access Controls: Internal access to customer data follows the principle of least privilege.
- Dataset Handling: Hosted uploads are handled as job data. Private deployments can be scoped for local-only or restricted-network operation.
10. Cookies
Our product website and customer portal use only essential cookies:
- Session Cookie: HttpOnly, Secure, SameSite=Lax - maintains your authenticated session on the customer portal.
We do not use analytics cookies, advertising cookies, tracking pixels, or any third-party tracking technologies.
11. Your Rights
We extend the following rights to all users regardless of jurisdiction:
- Right to Access: Confirm whether your data is being processed and obtain a copy of your personal data.
- Right to Correct: Correct inaccurate personal data through the customer portal or by contacting us.
- Right to Delete: Request deletion of your personal data, subject to legal retention requirements.
- Right to Data Portability: Obtain your personal data in a portable format (JSON export).
- Right to Opt Out: Opt out of data sales (we do not sell data), targeted advertising (we do not advertise), and profiling (we do not profile).
- Right to Non-Discrimination: We will not discriminate against you for exercising any of your rights.
12. How to Exercise Your Rights
You may submit privacy rights requests through:
- Email: privacy@detailedindesign.com with subject line “Privacy Rights Request”
- Portal: Account Settings > Privacy within the customer portal
We will verify your identity and respond within 45 calendar days. If an extension is needed, we will notify you within that period, with total response time not exceeding 90 days.
13. Children’s Privacy
Dataset Reality Check is a professional data analysis tool designed for use by data scientists, analysts, and ML engineers. It is not directed at individuals under the age of 16. We do not knowingly collect personal data from children under 16.
14. International Data Transfers
Hosted SaaS processing and account systems are operated from the United States unless a separate enterprise agreement provides a different deployment model. Users accessing the customer portal from outside the United States consent to transfer of account and job data to the US by using the Service.
15. Changes to This Policy
Material Changes: We will provide at least 30 days’ notice before any material change becomes effective, via email to your account address.
Non-Material Changes: Formatting corrections and clarifications will be reflected by updating the “Last Updated” date.
Continued use of the application or customer portal after changes become effective constitutes acceptance.
16. Contact Information
Detailed In Design, LLC
An Illinois Limited Liability Company
Privacy Inquiries: privacy@detailedindesign.com
Website: detailedindesign.com
© 2024–2026 Detailed In Design, LLC. All rights reserved.