Privacy Policy
Last updated: May 12, 2026
This Privacy Policy describes how EGI Consulting ("EGI", "we", "us", "our") collects, uses, shares, and protects information across egi-consulting.com and the services we operate from it: the marketing site, the per-client Dashboard, the Survey platform, the LLM Assistant, and the Intake wizard. It also explains how we handle information collected on behalf of our clients when we operate the Survey platform as their service provider.
1. Introduction and our role
EGI Consulting is a market research firm based in the United States. We operate the website at egi-consulting.com and the services accessed through it. This policy covers every surface of that site, including the public marketing pages, the authenticated Client Dashboard, the Survey authoring and response-collection platform, the private LLM Assistant available to authorized users, and the Intake wizard used to scope new engagements.
Our role under privacy law depends on the surface:
- We act as a "business" (CCPA) and "controller" (GDPR / UK GDPR) for information we collect directly through the marketing site, contact form, Intake wizard, account registration, and the LLM Assistant when used by our own staff or clients on their own behalf.
- We act as a "service provider" (CCPA) and "processor" (GDPR / UK GDPR) for survey response data and contact lists processed on behalf of a client organization that commissions a study. In that scenario, the client is the controller; EGI processes the data only on the client's documented instructions to deliver the engagement.
Use of the site is also subject to our Terms of Service.
2. Information we collect
We collect the categories of information described below. We do not collect information we do not need to deliver our services.
2.1 Information you provide directly
- Contact form submissions. The consultation-request form on the marketing site collects your name, email address, an optional interest category, and your message. Submissions are stored in a local JSON file on our server and trigger a notification email to EGI's inbox.
- Account information. If we issue you an account on the Client Dashboard, we store your username, display name, an indicator of administrator status, and a bcrypt-hashed password (cost factor 12). We do not store passwords in plaintext.
- Intake wizard responses. When an authorized administrator uses the Intake wizard to scope a new engagement, the responses are stored alongside the resulting client record.
- Survey content you author. If you are an authoring user, the surveys, themes, contact lists, and email-campaign content you create are stored on our servers so we can deliver them on your behalf.
- LLM Assistant content. If you have access to the Assistant, we store the chat messages you send, any documents you upload for retrieval, any code you run in the in-browser sandbox, any artifacts you generate, and any memory notes you choose to save. Each row is tagged with your username and the database is queried with strict per-user scoping.
2.2 Information collected automatically
- Session cookies. When you sign in, we set a session cookie (described in Section 7) to keep you signed in for up to eight hours.
- Request logs. Our web server writes a JSON access log entry for every request, capturing the timestamp, HTTP method, URL, response code, response time, content length, your IP address (as observed via our reverse proxy), your user agent, the referring URL, and your username if you are signed in. The URL is redacted to strip sensitive query parameters such as password, token, secret, api_key, auth, sid, sessionid, code, and state.
- Survey response metadata. When someone submits a survey response, we record the question answers, a respondent identifier, the response session token, started and submitted timestamps, and a SHA-256 hash of the respondent's IP address truncated to 32 hex characters. We do not store the raw IP address with the response.
- Authentication audit log. Login attempts (successful and failed) generate an audit record including the attempted username, success flag, IP address, and user agent, used for security monitoring and abuse response.
2.3 Information collected via the Assistant's optional tools
The Assistant includes opt-in features that, when used, generate additional records:
- Web search. When you have web search enabled in a conversation, the Assistant queries our self-hosted SearXNG instance with your search terms and stores the resulting citations (URL, title, snippet, hostname, fetched timestamp, HTTP status) so they can be displayed in the chat.
- Document upload (RAG). Uploaded documents are stored as text plus chunked passages, and a vector embedding is computed for each chunk to support retrieval. Uploads are subject to per-user size caps configured in our environment.
- Code sandbox. Code you run in the sandbox is executed in an isolated environment; we record the language, source, exit code, output sizes, duration, and any termination reason for diagnostic and abuse-response purposes.
- Artifacts. Files generated by the Assistant (e.g., .docx, .xlsx, .py, .js, .md, .txt) are stored on the server for download and pruned on a regular sweep (see Section 5).
2.4 Information we do not collect
We do not currently collect biometric data, precise geolocation, payment card data on this site, or special category personal data under GDPR Article 9 (race, religion, health, sexual orientation, etc.) outside the limited case where a client survey legitimately asks such questions of consenting respondents. We do not collect personal information from sources other than you and your interaction with our services.
3. How we use information
We use information for the specific purposes below. Each purpose maps to a lawful basis under GDPR Article 6 and a business or commercial purpose under CCPA.
- Service delivery. Running surveys, returning reports, rendering dashboards, serving Assistant chat completions. Lawful basis: performance of a contract (with you or your employer) or our legitimate interest in operating the services we offer.
- Account management. Authenticating you, maintaining your session, applying your feature flags, hashing and comparing your password. Lawful basis: performance of a contract.
- Client relationship management. Responding to contact-form inquiries and Intake wizard submissions. Lawful basis: steps taken at your request prior to entering into a contract.
- Security and abuse prevention. Rate limiting on login (five attempts per fifteen minutes per IP), on survey response submission (sixty per minute per IP), on the contact form (five per hour per IP), and on the Assistant chat surface; auditing failed logins; hashing IP addresses on survey responses to detect duplicate or fraudulent submissions. Lawful basis: our legitimate interest in protecting our services and our users.
- Survey processing on behalf of a client. When a client commissions us to run a survey, we process responses, contact lists, and invitation tokens solely on the client's documented instructions to deliver the engagement. Lawful basis: the client's lawful basis for processing, as the controller, is relied on here; EGI's role is processor.
- Assistant memory features (opt-in). If you enable automatic memory extraction in the Assistant settings, the Assistant may save factual statements you make for later recall in your future conversations. This is per-user and off by default. You can disable, edit, or delete these notes at any time from the Assistant memory pane.
- Legal compliance. Responding to lawful requests from regulators or courts, defending legal claims, and meeting record-keeping obligations.
We do not use your information for cross-context behavioral advertising, do not run any retargeting pixels, and do not share information with advertising networks. We do not "sell" or "share" personal information as those terms are defined under CCPA/CPRA.
5. Data retention
We retain information for as long as we need it to operate the services, meet legal obligations, defend potential claims, and (for survey data) fulfill the engagement with the client that commissioned the study. Some categories have specific automatic expirations enforced in code; others are retained indefinitely until you ask us to delete them. The table below describes what actually happens today.
| Category | Retention |
|---|---|
Session cookies (egi.sid) |
Eight hours (configurable via SESSION_MAX_AGE) |
| Assistant-generated artifacts | Twenty-four hours by default, then automatically pruned on a recurring sweep |
| Assistant code-sandbox run records | Twenty-four hours by default |
| Market Pulse cache files | Six hours, refreshed on demand |
| Access logs (HTTP request logs) | Up to seven rotated files at ten megabytes each, then the oldest file is overwritten |
| Local nightly database backups | Most recent fourteen backup zips |
| Offsite backup copies (OneDrive) | Sixty days, then pruned |
Contact-form inquiries (data/inquiries.json) |
Indefinite, until you request deletion |
| User accounts and per-client dashboards | Indefinite while the engagement is active, until you request deletion |
| Survey responses, contact lists, invitation records | Indefinite during the engagement (controlled by the commissioning client), until deletion is requested by the client or by you in accordance with applicable law |
| Assistant conversations, memory notes, uploaded documents, embeddings, citations | Indefinite, until you delete the conversation, memory note, or document, or request account deletion |
On receipt of a verified deletion request, we will delete the relevant information within thirty days (with one forty-five-day extension permitted for complex requests, as allowed by CCPA and GDPR). Exceptions: we may retain information that is the subject of an active legal hold, regulatory obligation, or pending claim; backup archives are not selectively edited but will age out on the schedule above.
6. Your rights
You have rights over your personal information under California law (CCPA / CPRA), under European law (GDPR and UK GDPR), and in many other jurisdictions. The specific rights you can exercise depend on where you live and on EGI's role with respect to the data. For survey response data, EGI is the processor and your rights are exercised against the commissioning client as controller; we will assist that client to fulfill verified requests.
6.1 California (CCPA and CPRA)
If you are a California resident, you have the right to:
- Know what categories of personal information we have collected about you, the sources, the purposes, and the categories of third parties to whom we have disclosed it.
- Access the specific pieces of personal information we hold about you.
- Delete personal information we hold about you, subject to legal exceptions.
- Correct inaccurate personal information.
- Opt out of sale or sharing. EGI does not sell or share personal information for cross-context behavioral advertising, so there is nothing to opt out of, but this statement satisfies the required notice.
- Limit use of sensitive personal information. We do not collect sensitive personal information as defined by CPRA in the ordinary course of our marketing and authentication flows.
- Non-discrimination. We will not deny you services, charge a different price, or provide a different level of service because you exercised a CCPA right.
You may use an authorized agent to submit a request on your behalf. We will verify your identity (and your agent's authority) before fulfilling sensitive requests, typically by confirming control of the email address associated with the request and, if necessary, by asking for additional identifying details that we already hold about you.
6.2 Europe and the United Kingdom (GDPR / UK GDPR)
If you are in the European Economic Area, the United Kingdom, or another jurisdiction with similar law, you have the right to:
- Access the personal data we hold about you.
- Rectify inaccurate or incomplete data.
- Erase data (the "right to be forgotten") in the circumstances set out in Article 17.
- Restrict processing in the circumstances set out in Article 18.
- Object to processing carried out on the basis of our legitimate interests.
- Portability — receive your data in a structured, commonly used, machine-readable format, where processing is based on consent or contract and is carried out by automated means.
- Withdraw consent for any processing based on consent, without affecting the lawfulness of processing carried out before the withdrawal.
- Lodge a complaint with your supervisory authority. We would, however, appreciate the chance to address your concern first.
6.3 How to exercise your rights
Send your request to [email protected]. Please describe the right you want to exercise, the data or services it relates to, and any information that will help us verify your identity (typically the email address you used with us). We will acknowledge your request promptly and respond substantively within thirty days. Where the request is complex or we receive a large number of requests, we may extend the response window by an additional forty-five days, as permitted by both CCPA and GDPR; we will tell you if we need that extension and why.
There is no fee for these requests. If a request is manifestly unfounded or excessive, particularly because it is repetitive, we may charge a reasonable fee or refuse to act, in line with the relevant statutes.
7. Cookies and similar technologies
We use a small, fixed set of cookies. All of them are functionally necessary to operate the site; none of them are used for analytics, advertising, retargeting, or cross-site tracking. We do not display a cookie consent banner because no banner is required for strictly necessary cookies under EU ePrivacy guidance.
7.1 Cookies we set
egi.sid— a session cookie that keeps you signed in to the Client Dashboard. Set withHttpOnly,SameSite=Strict, and (in production)Secure. Expires after eight hours of inactivity (or earlier if you sign out).csrf-token— a double-submit anti-CSRF token cookie. Set withSameSite=Strictand (in production)Secure. Readable by client-side JavaScript so it can be echoed in request headers; it cannot be used to identify you.
7.2 Local storage we use
egi-theme— your light/dark theme preference, stored in browser localStorage. It never leaves your device.
7.3 Third-party cookies on the edge
Cloudflare may set its own bot-management cookie (__cf_bm) on the egi-consulting.com domain. This cookie is used to distinguish humans from bots at the network edge; it does not track your behavior across sites. Its purpose and lifetime are described in Cloudflare's own cookie documentation.
7.4 What we do not use
- No third-party analytics (no Google Analytics, no Plausible, no Mixpanel, no Heap).
- No advertising trackers or retargeting pixels (no Meta Pixel, no Google Ads tags, no LinkedIn Insight Tag).
- No social-media embed pixels.
- No cross-site identifiers, fingerprinting libraries, or data-broker scripts.
7.5 Browser controls and Do Not Track
You can clear or block cookies in your browser; blocking egi.sid or csrf-token will prevent you from signing in. We honor Global Privacy Control (GPC) signals as opt-out requests where applicable, though there is currently nothing to opt out of: we do not sell or share personal information.
8. Children's privacy
EGI's services are not directed to children, and we do not knowingly collect personal information from children under thirteen years of age (or under sixteen in jurisdictions that apply the higher GDPR Article 8 threshold). If you are a parent or guardian and believe that a child has provided personal information to us, please contact [email protected] and we will delete it without undue delay.
Our clients are independently responsible for ensuring that any survey they distribute through our platform complies with the Children's Online Privacy Protection Act (COPPA) and any equivalent foreign law.
9. Changes to this policy and contact
9.1 Changes
We may update this Privacy Policy from time to time. When we make material changes — for example, adding a new subprocessor, expanding the data we collect, or changing how we use it — we will update the "Last updated" date at the top of this page and, where appropriate, post a notice on the marketing site or notify signed-in users directly. Non-material changes (typos, clarifications, structural edits) are posted silently. Your continued use of the services after the effective date of a change constitutes acceptance of the revised policy.
9.2 Security
We protect information with a combination of technical and organizational controls: TLS in transit (terminated by Cloudflare at the edge and enforced by HSTS in production), bcrypt password hashing at cost factor twelve, HTTP-only cookies with strict same-site enforcement, double-submit anti-CSRF tokens, SHA-256 hashing of survey respondent IPs (we do not store raw IPs with survey responses), and Windows NTFS access-control hardening that restricts the .env file, the users file, and the sessions directory to the operating account and the SYSTEM principal. SQLite databases are stored on disk in their native format; we rely on filesystem permissions, host security, and offsite backup encryption rather than database-level encryption-at-rest.
9.3 Contact
For privacy questions, rights requests, or any other concern raised by this policy, please contact us:
Fallback: [email protected]
Postal: c/o United States Corporation Agents, Inc.
159 N Wolcott, Ste 133
Casper, WY 82601, United States
The postal address above is our registered-agent address for service of process. Please use the privacy email for fastest response.