Engenerate Privacy Policy

Last Updated: February 01, 2026 Effective Date: February 01, 2026

This Privacy Policy explains how Engenerate, Inc. (“Engenerate,” “we,” “us,” or “our”) collects, uses, discloses, and otherwise processes personal information in connection with our websites, applications, APIs, and related services (collectively, the “Services”).

This Privacy Policy does not cover our privacy practices for job applicants, employees, or contractors, or information that is not regulated as “personal information” or “personal data” under applicable law (such as properly de-identified or aggregated information).

1. Scope of This Privacy Policy

This Privacy Policy applies when you:

Visit our websites;
Create or administer an account;
Use our platform and APIs to process documents (including documents containing graphs, figures, and tables);
Communicate with us (e.g., support, sales, events); or
Otherwise interact with us in a business context.

If you use Engenerate through an enterprise subscription managed by an organization (e.g., your employer), your organization’s administrators may have access to your account information and activity within that organization’s workspace.

2. Our Role: Controller vs. Processor

Data protection laws sometimes distinguish between a “controller” (who decides why and how personal data is processed) and a “processor” (who processes personal data on the controller’s behalf).

When we act as a controller: We act as a controller for personal information related to operating our websites, creating and managing accounts, billing, marketing, and general business operations.
When we act as a processor/service provider: When customers upload or submit documents and related content to the Services (“Customer Content”), we typically process that data on the customer’s instructions to provide the Services. In those cases, the customer is generally the controller and Engenerate is the processor/service provider.

If you have a request about personal data contained in Customer Content that we process on behalf of a customer, we may direct you to the customer (controller) to make the request.

3. Personal Information We Collect

The categories of personal information we collect depend on how you interact with the Services.

3.1 Information you provide directly

We may collect:

Contact and professional information: name, email, phone number, company, title.
Account information: account credentials, authentication information, workspace/role, preferences.
Billing and transactional information: billing contact details, invoice history, payment status (payment processing is typically handled by third-party payment processors).
Communications: messages you send to us (e.g., support tickets, email correspondence, chat messages), and any information you choose to provide during communications.

3.2 Customer Content submitted to the Services

When you use the Services, you may submit documents and other data for processing, which may include personal information (for example, names or identifiers appearing inside business reports or PDFs). Customer Content may include:

Uploaded files (e.g., PDFs, images, documents),
Extracted structured data (e.g., tables converted to CSV/JSON),
Detected chart/figure information (e.g., labels, series values, legends),
Outputs and exports you generate.

Important: Customer Content is stored by default (see Section 7).

3.3 Information collected automatically

We (and our service providers) may automatically collect:

Device and network data: IP address, browser type, device identifiers, operating system, approximate location (derived from IP).
Usage data: log-in events, feature usage, pages/actions within the Services, timestamps, performance and error logs.
Cookies and similar technologies: cookies, pixels, SDKs, and similar tools used for functionality, security, analytics, and (if enabled) marketing. See Section 8.

3.4 Information from third parties

We may receive information from:

Single sign-on providers (if you choose SSO): basic profile data such as name and email.
Service providers that help us operate the Services (e.g., hosting, security, analytics).
Business partners (e.g., referrals) and publicly available sources (e.g., corporate websites), where permitted by law.

4. How We Use Personal Information

We use personal information for the following purposes:

4.1 Provide and operate the Services

Create and manage accounts and workspaces
Authenticate users and provide access
Process documents to produce outputs (including extraction of graphs, figures, and tables)
Provide customer support and respond to requests

4.2 Security, integrity, and fraud prevention

Protect accounts and the Services
Detect, prevent, investigate, and respond to security incidents, abuse, and fraud
Enforce our terms, policies, and legal rights

4.3 Improve and maintain the Services

Diagnose technical issues
Monitor performance, reliability, and feature usage
Improve user experience and service functionality
We may use usage analytics and de-identified/aggregated information to improve the Services.

4.4 Communications and marketing (business-to-business)

Send administrative and service-related messages (e.g., security notices, product updates)
Send marketing communications where permitted by law (you can opt out; see Section 9)

4.5 Legal compliance

Comply with applicable laws and lawful requests
Maintain appropriate records for accounting, tax, and compliance obligations
Establish, exercise, or defend legal claims

We do not sell your personal information. We share personal information only as described below:

5.1 Service providers (subprocessors): We may share personal information with vendors and service providers that help us operate the Services (e.g., cloud hosting, content delivery, security monitoring, customer support tools, analytics, billing systems). These providers are contractually required to protect personal information and process it only on our instructions.
5.2 Third-party integrations you enable: If you connect the Services to third-party applications (e.g., storage providers, databases, collaboration tools), we may share Customer Content and related information as directed by you to perform the integration. Your use of those third parties is governed by their terms and privacy policies.
5.3 Legal, safety, and rights protection: We may disclose information when we believe in good faith it is necessary to comply with law, regulation, or legal process; respond to lawful requests from public authorities; protect the rights, property, and safety of Engenerate, our users, and others; or enforce our agreements and policies.
5.4 Business transfers: If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, personal information may be disclosed or transferred as part of that transaction, subject to reasonable confidentiality protections.

6. No Training on Customer Content

Engenerate does not use Customer Content (including documents you upload and outputs you generate) to train, fine-tune, or improve generalized AI models.

We may access Customer Content only as needed to:

Provide the Services and generate outputs,
Maintain reliability and security,
Provide customer support (which may involve limited human review by authorized personnel bound by confidentiality),
Comply with legal obligations, and
Prevent fraud or abuse.

If we ever offer an optional program involving training on Customer Content, we will do so only with your explicit opt-in (e.g., a written agreement or a clear in-product opt-in by an administrator).

7. Data Retention and Deletion

7.1 Stored by default: Engenerate retains Customer Content by default to provide the Services (for example, to enable document history, reprocessing, collaboration, exports, and support), subject to your account/workspace settings and any applicable agreement.
7.2 How long we retain information: We retain personal information for as long as reasonably necessary to provide the Services, meet the purposes described in this Privacy Policy, comply with legal and accounting requirements, and resolve disputes and enforce agreements.
7.3 Deletion: You may be able to delete Customer Content through the Services or request deletion by contacting us (see Section 12). After deletion, certain information may persist for a limited period in backups or logs consistent with standard backup practices and legal/security needs.

8. Cookies and Similar Technologies

We use cookies and similar technologies to enable core functionality, secure the Services, remember preferences, and understand usage and performance. Where required by law, we will present cookie choices and obtain consent for non-essential cookies. You can also control cookies through your browser settings; however, disabling cookies may affect how the Services function.

[Cookie Notice link]

9. Your Privacy Choices

Depending on your relationship with us and applicable law, you may have the following choices:

Account information: You can review and update certain account information in your profile/settings.
Marketing emails: You can opt out of promotional emails by using the unsubscribe link in the email. You will still receive service-related communications (e.g., security or billing notices).
Cookies: You may adjust cookie preferences through our cookie banner/settings (if enabled) and through browser/device controls.

10. Your Privacy Rights

Depending on where you live, you may have rights to:

Request access to personal information we hold about you;
Request correction of inaccurate personal information;
Request deletion of personal information (subject to exceptions);
Request information about our disclosures of personal information; and
Object to or restrict certain processing in some jurisdictions.

We will verify your request as required by law. If you are an authorized agent making a request on behalf of someone else, we may require proof of authorization.

Important: If your request relates to personal information within Customer Content processed on behalf of a business customer, we may refer you to that customer.

11. International Data Transfers

We are headquartered in the United States and may process and store information in the United States and other locations where we or our service providers operate. If you access the Services from outside the United States, you understand your information may be transferred to jurisdictions that may have different data protection laws than your jurisdiction.

12. Children’s Privacy

The Services are not intended for use by individuals under 18. We do not knowingly collect personal information from children. If you believe a child has provided us personal information, please contact us and we will take appropriate steps consistent with applicable law.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will provide notice by updating the “Last Updated” date and, where appropriate, providing additional notice (e.g., via the Services or email).

14. Contact Us

If you have questions or concerns about this Privacy Policy or our privacy practices, contact:

Engenerate, Inc. Email: [[email protected]]

1. Scope of This Privacy Policy​

2. Our Role: Controller vs. Processor​

3. Personal Information We Collect​

3.1 Information you provide directly​

3.2 Customer Content submitted to the Services​

3.3 Information collected automatically​

3.4 Information from third parties​

4. How We Use Personal Information​

4.1 Provide and operate the Services​

4.2 Security, integrity, and fraud prevention​

4.3 Improve and maintain the Services​

4.4 Communications and marketing (business-to-business)​

4.5 Legal compliance​

5. How We Share Personal Information​

6. No Training on Customer Content​

7. Data Retention and Deletion​

8. Cookies and Similar Technologies​

9. Your Privacy Choices​

10. Your Privacy Rights​

11. International Data Transfers​

12. Children’s Privacy​

13. Changes to This Privacy Policy​

14. Contact Us​