Ghostwalk

See friction before launch

Privacy Policy

Last updated: March 13, 2026

1. Introduction

Ladder Research ("we", "us", "our") operates Ghostwalk. This Privacy Policy explains how we collect, use, and protect your information when you use our Service.

2. Information We Collect

Account Information

When you create an account via Clerk (our authentication provider), we receive your name, email address, and profile photo. We do not store your password.

Test Data

When you run a test, we collect the URL you submit, your persona selections, and any focus areas you specify. Our system captures screenshots and interaction logs during automated browser sessions of the submitted URL.

Payment Information

Payments are processed by Stripe. We do not store credit card numbers or full payment details. We receive transaction identifiers and purchase history from Stripe.

Usage Data

We collect standard usage data such as pages visited, browser type, and IP address to improve the Service.

3. How We Use Your Information

  • To provide and operate the Service, including running tests and generating reports.
  • To process payments and manage your account.
  • To communicate with you about the Service (e.g., updates, support).
  • To improve and develop new features.
  • To prevent abuse and enforce our Terms of Service.

4. AI Processing

Ghostwalk uses third-party AI models (Google Gemini for browser automation and Anthropic Claude for report synthesis) to conduct tests and generate insights. Screenshots and interaction data from your submitted URLs are sent to these providers for processing. These providers process data according to their own privacy policies and data processing agreements.

5. Data Sharing

We do not sell your personal information. We share data only with:

  • Service providers — Clerk (auth), Convex (database), Stripe (payments), Google (AI), Anthropic (AI), Browserbase (browser infrastructure), Trigger.dev (background task execution), and Railway (hosting) — as necessary to operate the Service.
  • Legal obligations — if required by law, regulation, or legal process.

6. Data Retention

Test data (screenshots, steps, reports) is retained for as long as your account is active. You may request deletion of your data by contacting us. Account deletion removes your personal data and associated test results.

7. Security

We use industry-standard measures to protect your data, including encrypted connections (TLS), secure authentication, and access controls. However, no method of transmission over the internet is 100% secure.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you.
  • Request correction or deletion of your data.
  • Object to or restrict certain processing.
  • Data portability.

To exercise these rights, contact us at [email protected].

9. Cookies

We use essential cookies for authentication and session management. We do not use third-party advertising cookies.

10. Children

The Service is not directed to children under 13. We do not knowingly collect personal information from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page with a revised date.

12. Contact

Questions about this policy? Reach us at [email protected].