All apps

Is Pigment safe with your data?

C
Pigment icon

Pigment

Pigment SAS

55/100

Partial disclosure · medium confidence

Pigment earns a C (55/100) because it discloses its data practices only in part.

#88

of 116 apps ranked

55

score · Finance avg 59

-4

vs category average

Grade scaleA · 85–100B · 70–84C · 55–69D · 40–54F · 0–39

Pigment's GDPR-grounded controller policy covers data-subject rights and legal bases for its website, marketing, and prospecting data, but it explicitly excludes the SaaS product and AI Features, which are governed by separate customer contracts. The policy therefore says nothing about whether AI feature inputs train models, about any deletion timeline, or about breach notification, which keeps the score at the bottom of the C band.

What Pigment's privacy policy says about your data

Full data-subject rights

The policy grants access, rectification, erasure, restriction, objection, portability, and withdrawal of consent, plus the right to lodge a complaint with the CNIL, and names a DPO contact at dpo@pigment.com.

Training disclosure absent

AI Feature inputs and outputs are handled only under separate customer contracts, so the policy never states whether inputs train models and offers no opt-out mechanism. The training-data domain is unscored.

Named transfer safeguards

International transfers outside the EEA rely on EU adequacy decisions or standard contractual clauses established by the European Commission. These are named safeguards for cross-border data flows.

Retention named but no deletion timeline

The legal-basis table sets concrete periods such as three years from the last engagement and the duration of the contract. Even so, the policy gives no specific deletion timeline and no breach notification commitment, and security rests on generic measures like website SSL and monitoring.

What the policy is silent or vague on

  • Not stated: keeping user inputs out of model training
  • Not stated: a way to opt out of training
  • Not stated: whether training use differs by plan
  • Not stated: your ownership of generated outputs

Pigment privacy rating

Training-data use0 of 4 disclosed
Keeps user inputs out of model training, or makes training opt-inSilent
Names a way to opt out of or into trainingSilent
Says whether training use differs by plan or tierSilent
Lets the user keep ownership of generated outputsSilent
Data-subject rights5 of 5 disclosed
Grants a right to access your dataDisclosed
Grants a right to delete your dataDisclosed
Offers data portability in a usable formatDisclosed
Grants a right to correct your dataDisclosed
Grants a way to object to or opt out of processingDisclosed
Retention and deletion0 of 4 disclosed
States a retention period for your dataPartial
States a deletion timeline after closure or requestPartial
Sets a shorter retention for AI conversation logsSilent
Commits to collecting only the data it needsSilent
Third-party sharing2 of 5 disclosed
Lists the categories of third parties it shares withDisclosed
References a sub-processor list or data processing agreementPartial
Does not sell or share data for advertising, or offers opt-outPartial
Names a safeguard for international data transfersDisclosed
States a standard for government and law-enforcement accessPartial
Transparency4 of 4 disclosed
Discloses that you are interacting with AIDisclosed
Marks AI-generated or synthetic outputNot applicable
Enumerates the categories of data it collectsDisclosed
Maps processing purposes to legal basesDisclosed
Is versioned and dated, with change noticeDisclosed
Sensitive data and children0 of 2 disclosed
Discloses automated decisions and a human-review pathNot applicable
Limits the use of special-category dataSilent
Governs biometric data specificallyNot applicable
States protections for children's dataSilent
Security and accountability2 of 3 disclosed
Describes its security safeguardsDisclosed
Commits to breach notificationSilent
Names a certification or a privacy contactDisclosed
DisclosedPartialSilentAdverseNot applicable

Details

Category
Finance
Modalities
text
Processes biometrics
No
Policy last updated
2026-06-01
Region scored
Global / US-default
Assessed
2026-06-20
Read Pigment's privacy policy

Other finance apps

Hebbia iconHebbiaCAlphaSense iconAlphaSenseCRogo iconRogoD

Each grade reflects our analysis of what an app states in its public privacy policy and terms as of the assessment date. It measures the transparency of those documents, not the company's actual data practices, security, or compliance. Grades are our opinion, offered for general information. Full disclaimer.

Is Pigment safe with your data? Grade C | AI App Trust & Transparency Index