How we handle data.

Last updated: 2026-04-21. This is a working summary. The full statutory privacy policy is available on request and will publish here in full when counsel finalises the English translation.

Who we are

Prism Research BV, a Dutch private company, registered in Amsterdam. Data controller contact: sander@prism.ai. Data protection officer: dpo@prism.ai.

What we collect

• Account identity (email, name, organisation) when you sign up.
• Research inputs (stimuli, audience briefs) you submit to the platform.
• Usage telemetry (page views, event names) via our own /api/events endpoint.
• Contact-form submissions, stored in our email infrastructure.

What we do not collect

• No third-party trackers on marketing pages. No Facebook Pixel. No Hotjar.
• No behavioural fingerprinting across sites.

Behavioural fragments

The behavioural fragments Prism uses to seed simulated buyers are consent-cleared at source, public reviews, opt-in panels, public community threads. No personally identifying information is retained; all fragments are anonymised before they enter the vector store. Fragments are never associated with end-customer accounts or with the checks you run on Prism.

Your rights (GDPR)

Access, correction, deletion, portability, and objection rights apply. Request to dpo@prism.ai; we respond within 30 days, usually faster.

Cookies

One strictly-necessary session cookie on the dashboard. No cookies set on marketing pages. A single analytics signal per page view goes to our own event endpoint, no third-party analytics.