Privacy Policy

Exitou, Inc. (“Exitou,” “we,” or “us”) operates the ExpandPro workforce intelligence platform (the “Platform”). This Privacy Policy explains what personal information we collect, how we use and share it, and the choices you have. By using the Platform, you agree to the practices described here.

Account information. Name, email, organization, role, and any authentication credentials managed by our identity provider (Clerk).

Customer Data. Workforce data uploaded or generated through the Platform — including KPI measurements, pulse-survey responses, employee directory entries, engagement records, and goals.

Payment data. Billing information collected and processed by Stripe. Exitou does not store full card numbers on its servers.

Usage data. Log files, device metadata, IP address, browser type, pages visited, and timestamps for analytics, security, and abuse prevention.

Communications. Messages you send us via support channels, forms, or email.

• Provide, operate, and improve the Platform.
• Authenticate users and enforce authorization.
• Generate AI insights, dashboards, reports, and benchmarks for your organization (de-identified across customers in the case of benchmarks).
• Process payments, payouts, and tax-related obligations.
• Send transactional and operational communications (e.g., pulse-survey magic links, recertification reminders).
• Detect, investigate, and prevent fraud, abuse, and security incidents.
• Comply with applicable legal obligations.

We share personal information only as described below:

• With your organization. Authorized administrators and consultants associated with your tenant can access Customer Data within the scope of their role.
• With service providers. Hosting (Vercel), database (Supabase), authentication (Clerk), email delivery (Resend), payments (Stripe), and AI inference (Anthropic). Each is bound by data-protection obligations.
• For legal compliance. When required by law, regulation, legal process, or governmental request.
• In a corporate transaction. If Exitou is involved in a merger, acquisition, or asset sale, personal information may be transferred subject to confidentiality obligations.

We do not sell personal information.

Pulse-survey responses collected through the Platform are aggregated before being shown to administrators. Individual responses are visible only at the aggregate level (e.g., department or organization), except where you have explicitly chosen otherwise. Magic-link tokens used for survey delivery are single-use and expire after the survey closes.

We retain Customer Data while your organization's account is active and for a reasonable period afterward to support business continuity, dispute resolution, and legal compliance. You may request deletion of your account data; we honor verified requests subject to legal retention obligations.

We use administrative, technical, and physical safeguards designed to protect personal information — including TLS encryption in transit, encryption at rest for sensitive fields, strict access controls, and security monitoring. No system is perfectly secure; report any concerns to security@expandpro.ai.

Depending on your jurisdiction, you may have rights to access, correct, delete, port, or restrict processing of your personal information, and to object to certain processing. To exercise these rights, contact privacy@expandpro.ai. We will respond within applicable statutory timeframes.

The Platform uses essential cookies for authentication and session management. Optional analytics cookies may be used to understand usage patterns; these can be controlled via your browser settings.

The Platform is intended for use by adults in a professional context. We do not knowingly collect personal information from children under 13.

Customer Data may be stored and processed in the United States and other jurisdictions where our service providers operate. By using the Platform, you consent to such transfers, subject to appropriate safeguards.

We may update this policy from time to time. The “Last updated” date at the top reflects the most recent revision. Material changes will be communicated by email or in-app notice.

Questions or requests? Contact us at privacy@expandpro.ai.