Privacy policy

This policy applies to productharvest.org — the public marketing site for Harvest and its open-source reference implementation, Winnow. It also covers the hosted-Winnow workspaces operated at usewin.now, which are run by the same team using the same infrastructure provider.

What "harvest" means here. Harvest is a methodology that operates on first-party evidence your team has authored — sales notes, research transcripts, decision memos, support tickets — not on customer data harvested from anywhere else. The full version is at where the data comes from, where it goes.

It does not cover self-hosted Winnow installations. When you run Winnow on your own machines, your raw evidence, wiki, and configuration are processed inside your infrastructure. We never see them and have no ability to. The only data we receive from a self-hosted install is whatever you choose to send us through the contact form or the waitlist.

Triple P Digital is the controller of personal information collected through productharvest.org and usewin.now. Our registered address is 28 Westland Wallace Way, Hucknall, Nottingham, NG15 6XU. You can reach us at hello@productharvest.org for any privacy-related question.

We try to be specific here, because vagueness is what regulators care about.

Information you give us directly:

• Contact form / email correspondence — your name, email address, and whatever you put in the message body.
• Waitlist for hosted Winnow (/request-access) — name, work email, company name, and an optional free-text message describing what you'd want from a hosted workspace.
• Account creation (hosted Winnow) — when you accept an invitation to usewin.now, you create an account through Clerk, our authentication provider. Clerk holds your email address, password (hashed by Clerk; we never see plaintext), and the name you give it.
• Billing details (hosted Winnow) — when you subscribe, Stripe handles your payment information end-to-end. We never receive or store your card details. Stripe sends us a customer ID, the email address tied to the subscription, and lifecycle events (checkout.session.completed, customer.subscription.deleted, etc.).
• Workspace data (hosted Winnow) — anything you put inside your hosted workspace: raw evidence, the LLM-maintained wiki, foundation files, configuration. This sits inside an isolated container and an isolated volume tied to your account.

Information collected automatically when you visit the marketing site:

• Standard server logs — IP address, user agent, referring URL, request path, and timestamp. Held briefly by our hosting provider for operational and security purposes.
• Marketing analytics — when you visit productharvest.org, HubSpot's tracking script runs to set a hubspotutk cookie that stitches any subsequent form submission back to the marketing session that brought you to it (including UTM tags on the URL). This lets us see which campaigns are working without needing to ask you anything.
• Aggregate traffic analytics — Vercel Web Analytics records anonymised page views, referrer, country-level location, and device class. Cookieless by default; visitors are identified by a daily-rotated hash, not a persistent cookie. Used for "which pages bring people in" reporting; never tied to an individual.
• Authentication cookies — when you sign in to usewin.now, Clerk sets session cookies needed to keep you logged in.

• We don't sell personal information.
• We don't use your data to train language models, ours or anyone else's.
• We don't access the contents of your hosted workspace except where strictly necessary to operate the service, and never without consent — see "Operator access to hosted workspaces" below.
• We don't share your information with third parties beyond the named processors below.

Each category of data has a specific purpose:

• Contact-form and waitlist submissions — to reply to you, decide whether and when to invite you to hosted Winnow, and (in the waitlist case) send you a Clerk signup invitation when capacity opens up.
• Account and billing data — to operate your hosted workspace, charge the subscription, and send transactional emails about your account.
• Workspace data — to run your workspace. Period. Nothing in your raw/, wiki/, or configuration is read by us, used for analytics, or shared with anyone.
• Server logs and analytics — to operate the site, understand which content brings people in, debug problems, and protect against abuse.

We rely on the following legal bases under UK GDPR / EU GDPR (whichever applies to you):

• Performance of a contract for account, billing, and workspace data.
• Legitimate interests for server logs, security, and basic site analytics — narrowly framed and balanced against your privacy interests.
• Consent for any non-essential cookies and for marketing emails (you can withdraw consent at any time without affecting service).

We use a small number of third-party processors. Each one receives only the data they need to do their job.

For self-hosted Winnow installations, the only processor in this list that's relevant is whichever LLM provider you configure. Everything else stays inside your infrastructure.

Some of these processors operate outside the UK / EEA. Where personal data is transferred internationally, we rely on the safeguards each processor has put in place — Standard Contractual Clauses, the UK / EU adequacy frameworks, or equivalent. You can read each processor's data-processing terms on their website.

• Server logs — typically 30 days, depending on the hosting provider's defaults.
• Marketing analytics cookies — the hubspotutk cookie is valid for 13 months by default; HubSpot's contact records persist until you ask us to delete them.
• Waitlist and contact-form submissions — until we've completed the conversation. We periodically prune older records that haven't moved.
• Account data — for as long as your hosted Winnow subscription is active. After cancellation, your workspace and its data sit in a 30-day export window, then both the container and the volume are destroyed (GDPR-clean).
• Billing records — Stripe retains transaction records as required by tax and accounting law (typically six years in the UK).
• Backups — daily volume snapshots are kept for 5 days then rolled out automatically.

Hosted-Winnow workspaces are isolated containers; we don't read your workspace data as part of normal operation. There are narrow exceptions:

• Diagnosing a fault you've reported. If you ask us to look at something inside your workspace, we'll look at exactly what's needed and nothing else.
• Restoring from a backup at your request.
• Required by law. A valid legal request that we cannot lawfully decline.

We log operator access to customer infrastructure and can show you the audit trail on request.

Under UK GDPR / EU GDPR you have the right to:

• Access what we hold about you and get a copy.
• Correct information that's wrong.
• Delete what we hold (subject to retention requirements above).
• Object to processing based on legitimate interests.
• Withdraw consent at any time, where consent is the basis we rely on.
• Portability — receive your data in a machine-readable format and ask us to send it to another controller.
• Lodge a complaint with your supervisory authority (in the UK, the Information Commissioner's Office at ico.org.uk).

To exercise any of these, email us via the contact route — we aim to respond within 30 days.

We follow standard practice: encrypted transport (HTTPS everywhere), credentials stored in secret stores rather than environment files, principle of least privilege for operator access, and regular dependency updates. Nobody can promise zero risk. If we ever discover a breach affecting you, we'll tell you and the relevant supervisory authority within the timeframes the law requires.

productharvest.org and hosted Winnow are not intended for, or directed at, anyone under 16. We don't knowingly collect data from children.

If we change this policy materially, we'll update the Last updated date at the top, and where the change affects existing users, we'll notify you directly by email. Minor wording fixes happen without notification.

Questions about this policy, or to exercise any of your rights: hello@productharvest.org, or use the contact page.