Privacy Policy

1. About Bizra

Bizra (“the Service”) is a research insights platform that helps organizations conduct studies, analyze qualitative and quantitative data, and surface actionable findings. For any privacy question, email privacy@bizra.io.

2. What We Collect

When you use the Service, we collect data to process and analyze on your behalf — not for our own purposes. Specifically:

• Account information. Name, email address, and organization details provided during sign-up and managed through our authentication provider.
• Imported content (from connected services). Documents, spreadsheets, and other data you choose to bring into Bizra from services you connect, such as Google Docs, Google Sheets, Google Slides, or BigQuery. This content is processed during import to extract research findings and is not retained after processing is complete. Only the extracted findings are stored. See Section 3 for details specific to Google user data.
• Platform-generated research data. Interview transcripts, survey responses, and behavioral data created within Bizra during live research studies. This data is generated by the platform, not imported from external services.
• Authentication tokens. OAuth credentials for third-party services you connect. These are managed by our OAuth provider and are not stored in Bizra’s own database.

3. Google User Data

When you connect a Google account, Bizra requests read-only access to Google Docs, Google Sheets, and Google Slides. A Google Drive scope is used solely to power Google’s built-in file picker so you can browse and select files. Bizra does not programmatically list, scan, or access your Google Drive contents — it only reads the specific documents you select.

• What is accessed. You choose exactly which documents to import using Google’s file picker. Bizra reads the text content and title of the documents you select. For spreadsheets, Bizra reads column names and cell data. For presentations, Bizra reads slide text and speaker notes. No formatting, images, or embedded media are collected.
• How it is used. The content you select is processed by AI to extract research findings such as themes, patterns, and insights. Source content is not retained after processing — only the extracted findings are stored as part of your research study. Your content is never used to train AI models.
• Who it is shared with. Your selected document content is sent to AI processing providers for analysis. These providers operate under API terms that prohibit using your data for model training. No Google user data is sold, shared for advertising, or disclosed to any other third party.
• How it is protected. All data is encrypted in transit and at rest. Access is scoped to your organization — no other Bizra customer can see your data.
• How to delete it. You can delete any study at any time, which permanently removes all extracted findings and processing history associated with that study. You can revoke your Google connection at any time from the Connections page, which removes Bizra’s access to your Google account. You can also revoke access directly from your Google Account permissions.

4. How We Use Your Data

We use your data solely to operate the Service for you:

• Imported content is analyzed by AI to generate research findings (themes, key insights, patterns, and recommendations). Source content is discarded after processing.
• Extracted findings are stored in your organization’s workspace and are only visible to members of your organization.
• We do not sell your data. We do not use your content to train AI models.

5. Service Providers

We use the following categories of service providers to operate the Service. Each provider only receives the minimum data necessary for its function:

• AI processing. Document content and research data are sent to AI providers for analysis. These providers do not retain your data for model training.
• Authentication. Account sign-in and organization management are handled by a third-party authentication provider.
• Hosting and infrastructure. Your data is stored in encrypted databases and served through a content delivery network.
• OAuth management. Third-party connection tokens (such as Google OAuth) are managed by a dedicated OAuth provider and are not stored in Bizra’s database.

6. Data Protection

• All data is encrypted in transit (TLS) and at rest.
• Database access is enforced per organization — queries are scoped so that one organization’s data is never visible to another.
• OAuth tokens for connected services are stored by our OAuth provider in encrypted infrastructure, separate from Bizra’s application database.

7. Data Retention and Deletion

• Imported source content is processed during import and not retained. Only extracted findings are stored.
• You can delete individual studies at any time. Deletion permanently removes all associated findings, interview data, and processing history.
• You can revoke any connected service (such as Google) at any time from the Connections page, which removes Bizra’s access.
• You can request full account and data deletion by emailing privacy@bizra.io. We will process the request within 30 days.

8. Updates

We may update this policy. The current version is always available at this URL, with the “Last updated” date above. Material changes will be communicated by email.