Trust statement

Security at Spoiler.

How your data is handled, where it lives, who can see it, and how to delete it. Written for the person evaluating Spoiler — and for the security team they'll hand it to.

Last updated · May 2026

01 · Custody

No outside AI sees your data.

Most AI products split your data across two companies: the app you signed up for, and the AI service it calls behind the scenes. Spoiler doesn't work that way.

Our AI is built with Meta's open Llama 3.3 model — but unlike services that send your data to OpenAI or another AI provider, we run the model ourselves, on our own servers. Meta released the model publicly. We downloaded it, customized it for survey analysis, and run it inside Spoiler. Meta never sees the data you upload. The data you give Spoiler reaches Spoiler, and stops there.

02 · Storage

Where your data lives.

When you upload a survey or run a job, three things are happening:

The file you uploaded — kept so you can come back to it.
The work in progress — temporary; lives only on the server doing the job, not written anywhere permanent.
The results — the themes, codeframes, and coded responses Spoiler returns to you.

We store the file you uploaded and the results in our database. The database is encrypted — your data is never written to disk in a readable form, the same way encryption works on a modern phone. Connections to the database are encrypted too.

All of this lives in the United States. We don't copy your data to other countries, other regions, or other cloud providers.

Backups. A complete copy of the database is taken every night and stored in a separate, encrypted location — also in the United States. If something ever went wrong with the live system, we could restore from a recent backup. We test this regularly to make sure it works.

03 · Access

Who can access your data.

Access to the customer database is tightly restricted. There is no broad team access and no support tooling that allows employees to browse customer data on demand.

We do not view, query, or analyze your data except where strictly necessary — to investigate a reported issue with your account, to comply with a lawful legal request, or to address suspected abuse of the platform.

04 · Authentication

How we sign you in.

Account access is gated by email and password, with mandatory email verification before sign-in. No anonymous accounts can use Spoiler.

Every connection between your browser and Spoiler is encrypted (HTTPS) — the same standard banks use. Passwords are never stored in a readable form; they're transformed by a one-way function, so even Spoiler couldn't recover them.

05 · Retention

Retention and deletion.

Customer data is retained while your account is active. Specific policies (from our Platform Usage Agreement):

Inactivity-based deletion. Accounts with no activity for one (1) year may be considered inactive, and the associated data may be deleted. We make reasonable effort to notify before deletion.
Deletion on request. If you delete your account or request data deletion, we permanently remove all associated data within a reasonable time. Once deleted, data cannot be recovered.

06 · Vendors

Other services we use.

Three other services help Spoiler operate:

Amazon Web Services (AWS) — hosts our servers, database, and backups, in a single United States region. AWS provides the infrastructure; customer data lives inside it but is not accessed by AWS personnel under normal operation.
Stripe — processes credit card payments when you buy credits. Stripe sees your billing information. Stripe never sees the data you upload to Spoiler.
SendGrid — sends account emails (sign-up confirmations, password resets, account notifications). SendGrid sees your email address. SendGrid never sees the data you upload to Spoiler.

About the AI model. Spoiler's AI is built with Meta's Llama 3.3 — an open model Meta releases publicly. We downloaded it once, customized it for survey work, and run it on Spoiler's servers. Meta receives no data, no prompts, and no usage information from anything you do with Spoiler.

We don't use OpenAI, Anthropic, Google, or any other AI service that would process your data on their infrastructure.

07 · Practices

How we keep your data safe.

We follow the practices you'd expect from a serious software vendor:

Encrypted storage. Your data is encrypted on the disk it lives on.
Encrypted connections. Every connection between your browser and Spoiler is encrypted — the same HTTPS standard banks use.
Daily backups. A complete backup of the database is taken every night, encrypted and stored separately.
Restricted access. Database access is tightly controlled — no team-wide credentials, no support tooling that exposes customer data.
Verified accounts. Every account requires email verification before sign-in.
United States only. Your data is stored in the United States and doesn't leave the country.

If your IT or security team needs more technical detail for a formal review, we'll answer their questionnaire directly. Email support@outsizedinsights.com.

08 · Reporting

Reporting a security concern.

If you find a vulnerability, suspect a security issue, or have a question about anything on this page, email support@outsizedinsights.com.

If we ever discover that customer data was accessed by someone who shouldn't have, we'll notify affected customers promptly.

We acknowledge security reports within two (2) business days.

Built with Llama