Updated on: May 20, 2026
Limitls AI operates the Vigil platform at vigil-intel.com. We are committed to protecting your personal data and processing it in accordance with the UAE Personal Data Protection Law (UAE PDPL Federal Decree-Law No. 45 of 2021) and, where applicable, the EU General Data Protection Regulation (GDPR). This Privacy Policy explains what data we collect, how we use it, and your rights.
Name, work email address, password (hashed), and authentication provider (Google OAuth or email/password). This is required to operate your account.
Subscription tier, billing interval, and payment status. Card and payment instrument data is handled exclusively by our PCI-compliant payment processor; we never store card numbers or CVVs.
Brief generation history (country selections, role, sectors, time window, generated content), watchlist preferences (per your subscription tier limits), brief quality ratings, and feature interaction logs (pages visited, filters applied). Basic tier brief history is retained to enforce the one-lifetime sample-brief limit.
Any free-text context you optionally provide when generating a brief (e.g., portfolio exposure, areas of concern). This is passed to the Vigil AI Engine to generate your brief.
IP address (for fraud prevention), browser type, and session tokens. We use a privacy-first analytics provider that does not use cookies and does not track individuals across sessions.
We do not use your data for advertising, profiling, or selling to third parties.
We share the minimum necessary data with trusted third-party service providers to enable core platform functions, including payment processing, email delivery, and hosting. All sub-processors are bound by data processing agreements and are prohibited from using your data for any purpose other than providing their specific service to us.
Account and subscription data is retained for the lifetime of your account plus 3 years for financial record compliance. Brief generation history is retained for the lifetime of your account. You may request deletion at any time (see Section 6). Anonymized, aggregated usage data may be retained indefinitely for product analytics.
Under the UAE PDPL and GDPR (where applicable), you have the following rights:
To exercise any right, email privacy@vigil-intel.com. We will respond within 30 days. We may require identity verification before fulfilling requests.
Our legal bases for processing under GDPR are: (a) contract performance (service delivery, subscription management); (b) legitimate interests (product improvement, fraud prevention, security); (c) legal obligation (financial record keeping); and (d) consent (marketing communications, where applicable).
Under the UAE PDPL, we process personal data only to the extent necessary for the purposes described in this policy and maintain appropriate technical and organizational safeguards. Data transfers outside the UAE are governed by standard contractual clauses or equivalent transfer mechanisms.
We implement technical and organizational measures including database row-level security (RLS), externally managed payment processing (we never store card data), encrypted connections (TLS), industry-standard password hashing, and access controls limited to essential personnel. In the event of a data breach affecting your personal data, we will notify you in accordance with applicable legal requirements.
We use session cookies strictly necessary for authentication. We do not use advertising or tracking cookies. Our analytics provider is cookieless. You may delete session cookies via your browser settings, which will log you out of the platform.
We may update this Privacy Policy from time to time. We will notify registered users of material changes by email. Continued use of the platform after notification constitutes acceptance of the updated policy.
Privacy inquiries and data rights requests: privacy@vigil-intel.com
General: vigil-intel@limitls.ai