Last updated: April 10, 2026
Effective date: April 10, 2026
Portent (“we”, “us”, “our”) is an AI-powered intelligence platform available at portent.ai. We provide personalized daily intelligence briefs to professionals, entrepreneurs, and investors.
Data Controller: Portent
Contact: support@portent.ai
Service URL: portent.ai
We collect the following categories of personal data:
Account Data
— Full name
— Email address
— Profile photo (from Google OAuth if used)
— Password (hashed, never stored in plaintext)
Profile Data (provided during onboarding)
— Professional role (e.g., “Software Engineer”, “CEO”)
— Industry (e.g., “Technology”, “Finance”)
— City and country of residence
— Professional skills and areas of interest
— Goals and intelligence preferences
Usage Data (collected automatically)
— Log data: IP address, browser type, device type, operating system
— Pages visited, features used, time spent on pages
— Brief interaction data: which signals you read, click patterns
— Signal feedback data: signals marked as useful, not useful, or acted on
Payment Data
— Billing name and address
— Payment method type (card brand, last 4 digits)
— Transaction history and subscription status
— Note: Full card numbers are never stored by us — processed directly by Stripe
Communications Data
— Support emails sent to support@portent.ai
— In-app feedback and survey responses
We collect data through:
— Direct input: information you provide during registration, onboarding, and settings
— Automated collection: cookies, server logs, and analytics tools when you use the service
— Third-party authentication: if you sign in with Google, we receive your name, email, and profile photo from Google
— Payment processing: Stripe provides us with transaction confirmations and subscription status
We process your personal data for the following purposes and legal bases:
To provide the service (Legal basis: Contract performance)
— Authenticate your account and manage your session
— Generate personalized intelligence briefs using your profile data
— Deliver daily briefs via email (if opted in)
— Process subscription payments
AI-powered personalization (Legal basis: Contract performance / Legitimate interests)
— Your profile data (role, city, industry, skills) is sent to Anthropic's API to generate intelligence briefs personalized to your professional context
— Signal feedback data is used to improve the relevance of future briefs
— We do not use your data to train Anthropic's AI models — your data is used only for inference (generating your briefs)
Analytics and product improvement (Legal basis: Legitimate interests)
— We analyze aggregated usage patterns to improve the product
— PostHog analytics tracks feature usage and user flows
— We never sell individual user data or behavioral profiles to third parties
Communications (Legal basis: Contract performance / Consent)
— Transactional emails: account confirmations, daily briefs, billing receipts (required for service)
— Product updates: occasional announcements about new features (you may opt out at any time)
Legal compliance (Legal basis: Legal obligation)
— We process data as required by applicable law, including responding to lawful requests from authorities
Portent uses Anthropic's Claude AI models to generate your personalized intelligence briefs. When your brief is generated, the following data is shared with Anthropic's API:
— Your professional role, industry, city, and skills
— Your stated goals and intelligence preferences
— Signal data from our pipeline (publicly sourced information)
This processing is governed by Anthropic's API terms and data processing agreement. Anthropic processes this data solely to generate your brief and does not retain or use it to train their models beyond what their standard API terms specify. You can review Anthropic's privacy practices at anthropic.com/privacy.
We do not share your name, email address, or payment information with Anthropic.
We work with the following third-party service providers. We have data processing agreements with each:
— Vercel (Vercel Inc., USA) — hosting and deployment
— Neon (Neon Inc., USA) — PostgreSQL database storage
— Upstash (Upstash Inc., USA) — Redis caching
— Anthropic PBC (USA) — AI brief generation (profile and preference data only)
— Stripe (Stripe Inc., USA) — payment processing and subscription management
— Resend (Resend Inc., USA) — transactional email delivery
— PostHog (PostHog Inc., USA/EU) — product analytics and usage tracking
— Sentry (Functional Software Inc., USA) — error logging and performance monitoring
— Google OAuth (Google LLC, USA) — if you choose to sign in with Google
We do not sell, rent, or trade your personal data to any third party for marketing purposes. We do not use your data for targeted advertising.
Portent is based in Israel and our service providers are primarily based in the United States. When we transfer personal data from the European Economic Area (EEA), United Kingdom, or other jurisdictions with data transfer restrictions, we ensure appropriate safeguards are in place, including:
— Standard Contractual Clauses (SCCs) approved by the European Commission
— Data Processing Agreements (DPAs) with all service providers
— The EU-US Data Privacy Framework where applicable
We retain your personal data for the following periods:
— Account data: for the duration of your account, plus 90 days after deletion
— Brief and signal data: for the duration of your account, plus 30 days after deletion
— Payment records: 7 years (required by financial regulations)
— Server logs and IP addresses: 90 days
— Support communications: 2 years
— Analytics data: 24 months (aggregated, anonymized after 12 months)
When you delete your account, we delete or anonymize your personal data within 30 days, except where we are required to retain it by law (e.g., payment records).
Strictly necessary cookies (cannot be disabled)
— Session authentication cookie: keeps you logged in
— CSRF protection cookie: prevents cross-site request forgery
Analytics cookies (can be disabled)
— PostHog analytics: tracks feature usage and page views to help us improve the product
— Sentry session replay: captures error context to help us fix bugs
We do not use advertising cookies, tracking pixels, or any third-party marketing cookies. We do not participate in ad networks. You can manage cookies through your browser settings. Disabling strictly necessary cookies will prevent the service from functioning.
Depending on your location, you have the following rights over your personal data:
— Right to Access — You can request a copy of all personal data we hold about you.
— Right to Rectification — You can correct inaccurate personal data through your Settings page or by contacting us.
— Right to Erasure (“Right to be Forgotten”) — You can request deletion of your account and all associated personal data. We will comply within 30 days.
— Right to Data Portability — You can request your data in a machine-readable format (JSON).
— Right to Object — You can object to processing based on legitimate interests, including profiling for brief personalization.
— Right to Restrict Processing — You can request that we limit how we use your data while a dispute is being resolved.
— Right to Withdraw Consent — Where processing is based on consent, you can withdraw it at any time without affecting prior processing.
How to exercise your rights: Email support@portent.ai with subject line “Privacy Rights Request — [Your Request Type]”. Response time: within 30 days (we aim for 5 business days). We may need to verify your identity before processing your request.
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):
— Right to Know — You can request disclosure of the categories and specific pieces of personal information we have collected about you in the past 12 months.
— Right to Delete — You can request deletion of your personal information, subject to certain exceptions.
— Right to Correct — You can request correction of inaccurate personal information.
— Right to Opt-Out of Sale/Sharing — We do not sell or share your personal information for cross-context behavioral advertising. No opt-out is required, but you may contact us to confirm.
— Right to Limit Use of Sensitive Personal Information — We do not use sensitive personal information beyond what is necessary to provide the service.
— Right to Non-Discrimination — We will not discriminate against you for exercising any of your CCPA rights.
To exercise California rights, contact us at support@portent.ai with the subject line “California Privacy Rights Request.” Authorized agents may submit requests on your behalf with written permission.
Categories of personal information collected in the past 12 months: Identifiers (name, email, IP address), professional or employment-related information (role, industry, skills), internet activity (usage data, feature interactions), inferences drawn from the above (personalized intelligence preferences).
We do not collect: Social Security numbers, financial account numbers, biometric data, health data, or geolocation data beyond city-level.
Portent is not directed at individuals under the age of 16. We do not knowingly collect personal data from children under 16. If you believe we have inadvertently collected data from a minor, please contact us immediately at support@portent.ai and we will delete it promptly.
We implement industry-standard security measures to protect your personal data:
— Encryption in transit: all data is transmitted over HTTPS/TLS 1.3
— Encryption at rest: database encryption via Neon's built-in encryption
— Password hashing: bcrypt with salt
— Authentication: session tokens with short expiry, Google OAuth
— Access controls: role-based access, minimal privilege principle
— Rate limiting: API endpoints are rate-limited to prevent abuse
— Error monitoring: Sentry captures errors without logging personal data
No method of transmission or storage is 100% secure. In the event of a data breach affecting your rights and freedoms, we will notify affected users and relevant authorities within 72 hours as required by GDPR.
If Portent is acquired, merged with, or its assets are transferred to another company, your personal data may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our website before your data is transferred and becomes subject to a different privacy policy.
We may update this Privacy Policy periodically. We will notify you of material changes by sending an email to your registered address and displaying a prominent notice on portent.ai. We will update the “Last updated” date at the top of this page. Continued use of the service after changes constitutes acceptance of the updated policy.
For any privacy-related questions, requests, or complaints:
Email: support@portent.ai
We aim to respond within 5 business days. If you are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority:
— EU/EEA: your national Data Protection Authority (DPA)
— UK: Information Commissioner's Office (ICO) — ico.org.uk
— Israel: Privacy Protection Authority — gov.il/en/departments/the_privacy_protection_authority
— California: California Privacy Protection Agency — cppa.ca.gov
© 2026 Portent · support@portent.ai