Security

Security and data protection.

How nsight protects your account and data, and why we only ever touch public review data.

Security is built into how nsight operates. We follow industry-standard practices to protect your account, and we deliberately limit what data we handle in the first place.

Data protection

  • Encryption in transit: all traffic is served over HTTPS/TLS.
  • Encryption at rest: sensitive data is encrypted in our database.
  • Secure authentication: sign in with Google OAuth or email magic links, no passwords to leak.
  • Regular reviews: we perform ongoing security reviews of our systems.

We only analyze public data

nsight analyzes publicly available App Store and Google Play reviews. We do not access private end-user data from the app stores, which keeps your blast radius small by design.

Infrastructure & subprocessors

We host on DigitalOcean and rely on a small set of trusted subprocessors:

ProviderPurpose
DigitalOceanHosting & database
Google OAuthAuthentication
OpenAIAI report generation and analysis
ResendTransactional email
Google AnalyticsUsage analytics

Privacy & GDPR

nsight is based in Estonia and built around GDPR. You can request access, correction, export, or deletion of your data at any time; deletion is completed within 30 days, except where retention is legally required. See our Privacy Policy for full detail.

Enterprise

Enterprise plans add SSO authentication (available on request) and custom data-handling arrangements. Contact us to discuss your requirements.

Responsible disclosure

Found a vulnerability? We appreciate responsible disclosure. Email support@nsight.me and we’ll respond promptly.

Questions about security?

We’re happy to walk your team through how nsight handles data.

Contact us