NewParano.ai is now live. Read the launch announcement

Privacy Policy

Last updated: 16 June 2026

At Parano.ai we believe competitive intelligence should never come at the cost of your privacy. This policy explains what personal data we process, why, and the rights you have. We are GDPR-native: hosted in the European Union, and our AI runs on our own infrastructure. Your data is never sent to third-party AI model providers.

1. Who we are (Controller)

The controller responsible for processing your personal data is:

rainmaker labs GmbH (“Parano.ai”, “we”, “us”)
Hopfengarten 7, 35423 Lich, Germany
Email: michael@parano.ai

Full company details are available in our Legal Notice (Impressum).

2. The data we process

Account & profile data

Name, email address, company, password credentials and similar details, collected when you sign up or use the product. Authentication is handled by our identity provider (Clerk).

Billing data

When you subscribe, billing is processed by a third-party payment provider. We receive limited transaction and invoicing data (e.g. plan, amount, billing contact) but we do not store full payment-card numbers.

Product & usage data

The competitors you choose to track, your workspace settings, saved items, integrations you connect, and your interactions with the product (e.g. items viewed, digests opened).

Technical & analytics data

Device and connection information (such as IP address, browser type), and product analytics collected via PostHog to understand usage and improve the service. Where required, this relies on your consent (see Cookies below).

Communications

Messages you send us (support, sales, demo requests) and your notification preferences.

Monitored (competitor) information

To deliver the service, we collect and analyse publicly available information about the companies and competitors you choose to track, for example public websites, blogs, changelogs, pricing pages, public hiring pages, press releases, public review profiles and public code repositories. This is primarily company-level information. Where such public sources incidentally contain personal data (e.g. an executive named in a press release), we process it solely to provide the competitive-intelligence service to you, on the basis of our and your legitimate interests.

3. Why we process it & legal bases

  • To provide the service (create your account, track competitors, generate digests, battlecards and analysis, deliver notifications): performance of a contract, Art. 6(1)(b) GDPR.
  • To operate, secure and improve the product, prevent abuse, and conduct product analytics: our legitimate interests, Art. 6(1)(f) GDPR.
  • To process payments and manage subscriptions: contract performance and compliance with legal (e.g. tax/accounting) obligations, Art. 6(1)(b) and (c) GDPR.
  • For marketing communications and non-essential cookies/analytics: your consent under Art. 6(1)(a) GDPR, which you can withdraw at any time.

4. AI processing

Parano.ai uses large language models to extract, score and synthesise the information we monitor. We run this inference on our own self-hosted infrastructure in the EU. We do not send your account data, your tracked-competitor configuration, or the content we process to third-party AI/LLM providers, and we do not use your data to train models offered to other customers.

5. Cookies & analytics

We use strictly necessary cookies to run the site and keep you signed in. With your consent, we also use analytics (PostHog) to measure and improve the product. You can manage or withdraw consent at any time via your browser settings or our cookie controls.

6. Sharing & sub-processors

We do not sell your personal data. We share data only with service providers (“sub-processors”) that help us run Parano.ai, under appropriate data protection agreements. Our current sub-processors include:

  • Cloud hosting & infrastructure (EU region)
  • Vercel (website hosting/delivery)
  • Cloudflare (content delivery and security)
  • Clerk (authentication and account management)
  • PostHog (product analytics)
  • Our payment provider (subscription billing)
  • Communication channels you connect (e.g. email, Slack, Microsoft Teams, webhooks), only to deliver intelligence where you ask us to

We will keep an up-to-date list available on request. We may also disclose data where required by law.

7. International transfers

We host and process data in the European Union. Where a sub-processor processes data outside the EU/EEA, we rely on an adequacy decision or appropriate safeguards such as the EU Standard Contractual Clauses.

8. Retention

We keep personal data only as long as necessary for the purposes above. Account and workspace data is retained for the life of your account and, after closure, for a limited wind-down period (typically up to 30 days) before deletion, unless a longer period is required by law (e.g. statutory retention of invoices). Analytics data is retained on a rolling basis.

9. Security

We use appropriate technical and organisational measures to protect personal data, including encryption in transit, access controls, and EU-based hosting. No method of transmission or storage is completely secure, but we work hard to protect your data and continuously improve our safeguards.

10. Your rights

Under the GDPR, you have the right to:

  • access the personal data we hold about you;
  • rectify inaccurate or incomplete data;
  • erasure (“right to be forgotten”);
  • restrict or object to certain processing;
  • data portability;
  • withdraw consent at any time, without affecting prior processing.

To exercise these rights, contact us at michael@parano.ai. You also have the right to lodge a complaint with a supervisory authority. For us, the competent authority is the Hessian Commissioner for Data Protection and Freedom of Information (Der Hessische Beauftragte für Datenschutz und Informationsfreiheit, Wiesbaden).

11. Children

Parano.ai is a business product and is not directed to children. We do not knowingly collect personal data from anyone under 16.

12. Changes to this policy

We may update this policy from time to time. We will post the updated version here and revise the “Last updated” date. Material changes will be communicated where appropriate.

13. Contact

Questions about privacy? Email michael@parano.ai or write to rainmaker labs GmbH, Hopfengarten 7, 35423 Lich, Germany.