CommissionSight
Get started

Privacy Policy

Last updated May 31, 2026

1. Overview

This Privacy Policy explains what information CommissionSight collects, how we use it, and the choices you have. It covers our marketing site, application, and API.

2. Information we collect

Account data you provide (name, company, email, phone, billing address). Customer Data you upload (commission statements and the member records within them). Usage and log data (API requests, job activity, and diagnostics). Payment details are collected and stored by our processor, Stripe — we never see full card or bank numbers.

3. How we use information

To provide and operate the Service (ingesting statements, computing analytics), to bill you, to send transactional notifications (statement processed, invoice created/paid), to secure and improve the Service, and to comply with legal obligations. We do not sell your data.

4. Customer Data & isolation

Customer Data is processed solely to provide the Service to you. Each account’s Customer Data is stored in its own isolated database and is never co-mingled with other customers’ data. We act as a processor of Customer Data on your behalf.

5. Sub-processors

We rely on a small set of infrastructure and service providers, including Cloudflare (hosting/CDN), Neon (database), Stripe (payments), and Resend (transactional email). Each processes data only as needed to provide their service.

6. Security

We use administrative and technical safeguards: encryption in transit (TLS) and at rest, hashed API tokens, per-account database isolation, and signed webhooks. No system is perfectly secure, but we work to protect your information.

7. Data retention

We retain Customer Data for as long as your account is active or as needed to provide the Service, then delete or anonymize it within a reasonable period, subject to legal retention requirements. You can request export or deletion at any time.

8. Your rights

Depending on where you live, you may have rights to access, correct, export, or delete your personal data, and to object to or restrict certain processing. New Jersey residents have rights under the New Jersey Data Privacy Act, and residents of other states/regions may have comparable rights. To exercise any of these, contact us at the address below.

9. Cookies & tracking

We do not use tracking, advertising, or analytics cookies, and we do not sell personal data — so no cookie-consent banner is required. The application uses only strictly-necessary browser storage (localStorage) to keep you signed in and remember preferences such as light/dark mode; it is essential to the Service and is never used to track you across other sites.

10. Changes

We may update this Policy; material changes will be communicated through the Service or by email. The "last updated" date above reflects the latest revision.

11. Contact

Questions or requests? Email privacy@commissionsight.com.