Privacy Policy

(1) Introduction
AILYZE (“us”, “we”, or “our”) operates www.ailyze.com (hereinafter referred to as “Service”). Our Privacy Policy governs our Service, and explains how we collect, safeguard and disclose information that results from your use of our Service. By using our Service, you agree to the collection and use of information in accordance with this policy. This policy is effective as of 1 January 2023.

(2) Definitions

PERSONAL DATA means data about a living individual who can be identified from those data (or from those and other information either in our possession or likely to come into our possession).

DATA CONTROLLER means a natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed. For the purpose of this Privacy Policy, we are a Data Controller of your data.

SERVICE PROVIDERS means any natural or legal person who processes the data on behalf of the Data Controller. We use the services of various Service Providers in order to process your data more effectively.

(3) Data Collected

While using our Service, we may ask you to provide us with (a) your documents, which may contain personal data; and (b) if you register an account with us, your email address (“Personal Data”).

We do not collect the following data: (a) Usage data (e.g., IP address, browser type, browser version, the time and date of your visit); (b) Cookies or other similar tracking technologies (e.g., preference cookies, advertising cookies); and (c) Payment data (e.g., credit card information, billing address).

Payment data is provided directly to our third-party payment processors whose use of your personal information is governed by their Privacy Policy. These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information.

(4) Data Use

We use your Personal Data for the following purposes: (a) to deliver our Service to you; (b) to deliver product updates and marketing communications; (c) to deliver customer support; and (d) to carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection. ‍

We do not use your Personal Data to train our models.

(5) Data Security
We will take all steps reasonably necessary to ensure that your Personal Data is treated securely. For example, your data is encrypted at rest and in transit using FIPS 140-2 compliant 256-bit AES encryption, such that AILYZE cannot view your data. Your data is also stored in a data center that is ISO-27001, SOC 1 and SOC 2-compliant. Our Service is also served entirely over HTTPS, with API and application endpoints TLS only (v1.2). In addition, no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place.

(6) Data Retention
We will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations, resolve disputes, and enforce our legal agreements and policies.

(7) Data Transfer
Your Personal Data is processed in the United States. It means that your Personal Data may be transferred to and maintained on computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.

(8) Data Disclosure

We may disclose your Personal Data for:

(a) Law Enforcement. Under certain circumstances, we may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities;

(b) Business Transaction. If we are involved in a merger, acquisition or asset sale, your Personal Data may be transferred; and

(c) Service Providers. We may disclose your Personal Data to our Service Providers

(b) Others. We may disclose your Personal Data with your consent in any other cases.

(9) Your Data Protection Rights Under General Data Protection Regulation (GDPR)

If you are a resident of the European Union (EU) and European Economic Area (EEA), you have certain data protection rights, covered by GDPR. See more at https://eur-lex.europa.eu/eli/reg/2016/679/oj .

We aim to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data.

If you wish to be informed what Personal Data we hold about you and if you want it to be removed from our systems, please contact us.

In certain circumstances, you have the following data protection rights: (a) the right to access, update or to delete the information we have on you; (b) the right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete; (c) the right to object. You have the right to object to our processing of your Personal Data; (d) the right of restriction. You have the right to request that we restrict the processing of your personal information; (e) the right to data portability. You have the right to be provided with a copy of your Personal Data in a structured, machine-readable and commonly used format; and (f) the right to withdraw consent. You also have the right to withdraw your consent at any time where we rely on your consent to process your personal information.

We may ask you to verify your identity before responding to such requests. We may not able to provide our Service without some necessary data. You have the right to complain to a Data Protection Authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority in the European Economic Area (EEA).

(10) Your Data Protection Rights under the California Privacy Protection Act (CalOPPA)

CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law’s reach stretches well beyond California to require a person or company in the United States (and conceivable the world) that operates websites collecting personally identifiable information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals with whom it is being shared, and to comply with this policy. See more at https://consumercal.org/about-cfc/cfc-education-foundation/california-online-privacy-protection-act-caloppa-3/ .

According to CalOPPA, we agree to the following: (a) you can visit our site anonymously; (b) our Privacy Policy link includes the word “Privacy”, and can easily be found on our page; (c) you will be notified of any privacy policy changes on our Privacy Policy Page; and (d) you are able to change their personal information by contacting us.

We honor Do Not Track signals and do not track, plant cookies, or use advertising when a Do Not Track browser mechanism is in place. Do Not Track is a preference you can set in your web browser to inform websites that you do not want to be tracked. You can enable or disable Do Not Track by visiting the Preferences or Settings page of your web browser.

(11) Service Providers

We may employ third party companies and individuals to facilitate our Service (“Service Providers”), provide Service on our behalf, perform Service-related services or assist us in analysing how our Service is used. These Service Providers have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

These Service Providers include:

(a) OpenAI (natural language processing company) - see more at https://openai.com/policies/api-data-usage-policies ;

(b) GitHub (development platform to host and review code, manage projects, and build software) - see more at https://help.github.com/en/articles/github-privacy-statement ; and

(c) Stripe (payment processor) - see more at https://stripe.com/us/privacy .

(12) Children's Privacy
Our Services are not intended for use by children under the age of 13 (“Children”). We do not knowingly collect personally identifiable information from Children under 13. If you become aware that a Child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from Children without verification of parental consent, we take steps to remove that information from our servers.

(13) Changes to This Privacy Policy
Supplemental terms and conditions or documents that may be posted on the Services from time to time are hereby expressly incorporated herein by reference. We reserve the right, in our sole discretion, to make changes or modifications to the Privacy Policy from time to time. We will alert you about any changes by updating the effective date of the Privacy Policy, and you waive any right to receive specific notice of each such change. It is your responsibility to periodically review the Privacy Policy to stay informed of updates. You will be subject to, and will be deemed to have been made aware of and to have accepted, the changes in any revised Privacy Policy by your continued use of the Services after the date such revised Privacy Policy are posted.