Insora — Privacy Policy
Last updated: May 12, 2026
This policy explains what data Insora collects, how it's used, and your rights as a user. Insora is operated by New Reign Capital.
1. What we collect
- Account info — name, email, password hash, and any profile details you fill in (handle, title, company, bio, photo).
- Content you post — posts, comments, messages, uploaded images and videos, RSVPs, follows.
- Usage signals — last-active timestamps, page views, click events on posts and sponsors. We use these to rank feeds and detect fraud.
- Payment metadata — Stripe customer + subscription IDs, status, last 4 digits of your card. Full card numbers are stored only by Stripe, never by us.
2. How we use it
To run the service: authenticate you, show your posts to the right people, deliver notifications, process payments, prevent abuse, and improve the product. We do not sell personal data.
3. Sharing
Other users see your public profile and the content you choose to share. Service providers (Stripe for payments, AWS for hosting, Resend / Postmark for email) process data on our behalf under confidentiality. We disclose data to law enforcement only when legally compelled.
4. Retention
Account data is retained for as long as your account is active. You can delete your account from your Account page; we'll erase or anonymize personal data within 30 days, subject to legal hold requirements (e.g. financial records).
5. Your rights
Under GDPR / CCPA, you can request access to, correction of, or deletion of your personal data. Email privacy@insorains.com and we'll respond within 30 days.
6. Cookies
We use a session cookie + localStorage to keep you signed in. We do not use third-party advertising cookies.
7. Security
Passwords are hashed with Argon2id. Data in transit is encrypted with TLS 1.2+. Servers are hosted on Render in US-East with daily snapshot backups.
8. Changes
Material changes are announced in-app + by email at least 14 days before they take effect.