Privacy Policy
Last updated: February 2026
1. Information We Collect
We collect information you provide directly (name, email, website URL) and usage data generated when you interact with Inlay, including audit results, MCP server logs, and analytics events.
2. How We Use Your Information
We use your data to operate and improve Inlay, process payments, communicate with you about your account, and generate aggregate industry benchmarks. We never sell your personal information.
3. Data Sharing
We share data only with service providers that help us operate (hosting, payments, email), and only as required by law. Your site content accessed through MCP servers is only served to AI agents you authorize.
4. Data Retention
We retain your data for as long as your account is active. Audit results and analytics are kept for 12 months after the last scan. You can request full deletion of your data at any time.
5. Security
We use industry-standard encryption in transit (TLS) and at rest. Access to production systems is restricted and audited.
6. Your Rights
You can access, correct, or delete your personal data from the Settings page or by contacting us at privacy@inlay.dev. We respond to all requests within 30 days.
7. Contact
Questions about this policy? Email us at privacy@inlay.dev.