Legal

Privacy Policy

Last updated: April 1st, 2026

At Auron, our mission is to enable enterprises to capture, understand, and act on the intelligence embedded within every customer and stakeholder conversation. Our agentic engagement Platform turns fragmented conversations into shared knowledge, enabling teams to collaborate effectively, make informed decisions, and engage with clarity and consistency.

We respect your privacy and care about how your Personal Information is used. This Privacy Policy (the “Policy”) outlines how Oraczen Inc. (“Company” or "us" or "we" or "our") including our affiliates collect, use, store, process, transfer, and disclose your information through our Website www.useauron.ai, (“Website”), our Software, our Services, and any of our other websites, mobile or digital applications, or any other services we offer from time to time by or in connection therewith (the “Platform” or “Auron”). This Policy governs access to and use of the Platform, which enables Authorized Users to capture, store, and analyse voice logs and interaction data from stakeholders engagements, including End Users to build customer knowledge graphs and enterprise profiles, while supporting CRM and other enterprise system integrations via MCP tools, document and knowledge base uploads, and the creation of Custom Agents for specific workflows. (the “Services”). By reviewing this Policy, you will gain a comprehensive understanding of your privacy rights and choices.

Your access to or utilization of our Platform and/or Services operated by the Company linked to this Policy implies your agreement to be governed by this Policy. By providing us with your Personal Information, you expressly consent to the use and disclosure of your Personal Information as outlined in this Policy. This Policy, along with the Terms of Service, is applicable to your use of the Services, and you explicitly agree and acknowledge to read the Privacy Policy in conjunction with the Terms of Service.

Please note that the capitalized terms not defined in this Policy are defined in the Terms of Service.

The term “Personal Information” shall mean any information that relates to an identified or identifiable individual or entity. This may include, but is not limited to, information that you voluntarily provide to us (such as your name, email address, phone number, or professional details) and information that we collect automatically through your use of our Platform or Services (such as IP address, location, device identifiers, browser type, and usage data). “Personal Information” shall include equivalent terms in other Data Protection Laws, such as the GDPR-defined term “Personal Data,” as the context requires.

For this Policy or any other Platform policies, “Data Controller” shall mean the individual or entity who, alone or jointly with others, determines the purpose and means of collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction of Personal Information and shall include the meaning assigned to the term in the applicable Data Protection Laws. Similarly, “Data Processor” shall mean the person who processes Personal Information on behalf of the Controller and shall include equivalent terms in other Data Protection Laws, as the context requires.

By accessing and using the Platform and/or Services, or furnishing your Personal Information, you explicitly agree and acknowledge that you accept the terms delineated in this Policy. The terms “Users”, “you”, or “your” mean any natural or legal person or entity who accesses or utilizes the Platform or Services, including but not limited to the Clients, Authorized User and/or End Users, depending on the context in which the Platform or Services are accessed or used. Any information relating to Authorized Users or End Users is processed by the Platform strictly in connection with the Client’s use of the Services and in accordance with the Client’s instructions.

By visiting the Platform or providing your information, you expressly agree to be governed by the privacy laws of the United States, including but not limited to the California Consumer Privacy Act (CCPA), General Data Protection Regulation (GDPR) and other relevant regulations governing data protection and privacy (collectively, “Data Protection Laws”).

IF YOU DO NOT CONSENT TO THE COLLECTION, USE, AND DISCLOSURE OF YOUR PERSONAL INFORMATION AS SET FORTH IN THIS PRIVACY POLICY, PLEASE REFRAIN FROM ACCESSING AND/OR USING OUR PLATFORM.

TO WHOM DOES THIS POLICY APPLY?

    1. This Policy is inclusive and applies to all Users of our Platform and/or Services, irrespective of their browsing intent or their extent of using the Services offered on our Platform.
    2. The applicability of this Policy extends to users regardless of the device type used for accessing our Platform and/or Services, whether it be a laptop/desktop or a mobile/tablet device.
    3. Pursuant to Section 12, we do not knowingly collect or solicit Personal Information from anyone under the age of eighteen (18) or knowingly allow such persons to register for and/or utilize the Services. If you are under the age of eighteen (18), please do not attempt to register for the Services or send any information about yourself to us.

WHAT IS THE INFORMATION THAT WE COLLECT FROM YOU?

    1. To access and use our Services, you are provisioned with your own customized subdomain. The Users are required to provide the following information to the Company at the time of setting up their Account or at different instances, including, without limitation:
      1. Basic Information: This will include full name, business addresses, and professional roles or designations.
      2. Contact Information: Business email address and phone number.
      3. Verification Data: We implement verification and security measures at the time of Account creation and login, including One-Time Password (OTP) verification and Two-Factor Authentication (2FA), and may collect related information such as verification emails, internal authentication tokens, or OTPs solely to validate user identity, Account access, and system login.
      4. Communication with Us: Any communications sent to us, including emails, support requests, onboarding discussions, or security notifications.
      5. Sensitive Information: If uploaded, shared, or generated through your use of the Platform, we may collect biometric information such as voice recordings or facial likenesses (e.g., voice logs, facial expressions, gestures, speech patterns, behavioral signals, and audio-visual cues captured during meetings or interactions with the Platform). Such information is collected only with your explicit consent or as otherwise authorized by the Client, and is handled in accordance with applicable Data Protection Laws.
      6. Payment and Financial Information: Although transactions are not processed through the Platform, we may receive limited payment-related information, such as billing addresses, bank account details, or other invoicing particulars, through offline or external channels, solely for invoicing, billing, or contract fulfilment;
      7. Device and Technical Information: This includes information that may assist us in identifying your device, including browser type and version, session logs, IP address, login timestamps, and software usage patterns, etc.;
      8. Administrative and Configuration Activity Data: This includes logs and records relating to administrative actions performed on the Platform, such as creation, modification, or deletion of User Content, configuration of access controls, permissions, integrations, subscription settings, and security-related changes.
      9. Interaction and AI Agent Configuration Data: This includes prompts, commands, or inputs provided by you to configure or interact with Platform, including text, documents, preferences, workflow settings, AI-generated outputs, and any other content you voluntarily contribute while using the Platform as well as information collected, generated, or inferred through the Platform’s Agentic AI systems during or after live meetings, interactions, or engagements, and from recordings, summaries, artifacts, or outputs generated during or after such meetings;
      10. Additional Information: It includes, without limitation, when you voluntarily provide during participation in feedback surveys, product demos, webinars, support queries, or beta-testing initiatives.
      11. Other Data: This can include the following, based on your interaction with the Platform and/or Services- 1. Number of times you access our Platform and/or Services; 2. The length of time you spent on the Platform; 3. Your engagement patterns, including the time when you became active and have continued to be active on the Platform; 4. In-Platform actions and interactions; 5. Other similar statistics we may collect with the intention of improving the user experience of the Platform.
    2. You agree to provide us with your Personal Information whenever you use our Services by performing any of the following functions:
      1. Accessing our Platform and/or Services by means of any web browser or any device;
      2. Signing in and registering for our Services;
      3. Inquiring about our Services through our Platform;
      4. Initiating and maintaining correspondence with us.
      5. Interacting with our platform, which includes inputting data, receiving outputs, and engaging with personalized recommendations and insights.
    3. You understand and agree that all Personal Information, sensitive or otherwise, collected through our Platform is provided solely by the User. We do not collect any personal or sensitive information without the User’s explicit input and consent. Users are responsible for the accuracy and completeness of the information they provide.
    4. We strive to take additional precautions to ensure that such Personal Information is kept secure and confidential, and we retain this data only for as long as is necessary to fulfil the purposes for which it is collected, in accordance with applicable laws. The Company stores and uses all Personal Information solely for the purpose of providing the Services and does not use such Personal Information for any unrelated or commercial activities without your additional, explicit consent.
    5. Further, you understand and acknowledge that, to operate and provide the Platform and Services, we utilize certain trusted third-party service providers as mentioned in Section 5. While we manage your Personal Information in accordance with this Policy, certain data may be processed by these third-party service providers solely for the purpose of enabling the Services. By using our Platform and Services, you acknowledge that you are bound by the terms and policies of our third-party service providers. We prioritize user privacy and security by relying on trusted third-party service providers, and we encourage Users to review and understand the policies of these platforms to protect their interests.
    6. This Policy will not apply to any unsolicited information provided by you through the Platform or through any other means. This includes but is not limited to information posted on any public areas of the Platform and other social media. All such unsolicited information shall be deemed to be non-confidential, and we will be free to use and disclose such unsolicited information without limitation.
    7. We shall not be liable for any loss or damage sustained by you as a result of any disclosure (inadvertent or otherwise) of payment-related information shared by you through offline or external invoicing and billing processes, including invoices raised through third-party accounting or payment service providers. For this purpose, you are advised to review the terms of service and privacy policies of such third-party service providers, as the handling of payment-related information by them is governed by their respective policies.
    8. Access to your Personal Information is limited to employees, agents, partners, and third parties, who we reasonably believe will need that information to enable us to provide Services to you. However, we are not responsible for the confidentiality, security, or distribution of your own Personal Information by our partners and third parties (who have their own privacy policies) outside the scope of our agreement with such partners and third parties.
    9. When you use our Platform, we collect and store your information, which is provided by you from time to time. In general, you can browse the Platform without telling us who you are or revealing any Personal Information about yourself. Once you give us your Personal Information, you are not anonymous to us. Where possible, we indicate which fields are required and which are optional. You always have the option to not provide information by choosing not to use a particular service, product, or feature on the Platform.

HOW DO WE COLLECT THE INFORMATION?

    1. We employ various methods to gather information, ensuring a comprehensive understanding of user interactions and preferences. The collection of Personal Information is facilitated through the following processes:
      1. Information you give us: When you provide us with the information referred to in Sections 2.1 and 2.2 through the methods outlined in Section 2.3;
      2. Session Management: We study session metrics to understand how Users interact with the Platform. This helps us learn the average time Users spend on the Platform and when they prefer to engage. We use tools like Google Analytics or CRM Hubspot (or alternatives), any other tool used by the company to collect anonymous data, including the number of views, how long Users stay, and where they're visiting from. This data allows us to optimize the user experience, making informed enhancements to cater to user preferences and behaviours.
      3. User analytics: We analyse User behaviour and preferences by collecting, processing and analysing Personal Information across our Platform. This helps us maintain accuracy, promptly identify any unusual behaviour, and detect fraudulent activities across all managed platforms. By tracking interactions, we ensure that corrective actions are taken immediately to protect both our own systems and those of our Users, while optimising the overall user experience.
    2. In addition to direct User interactions, we utilize various browser-based and server-side data collection methods to enhance User experience, ensure Platform security, and optimize the performance and reliability of the Platform. These methods assist in maintaining secure access, monitoring Platform usage, within customer-specific tenant environments, supporting enterprise-grade deployments, and improving the functionality of the Services. The Platform is primarily accessed through web browsers on desktop or laptop devices, and the data collection methods described below apply to browser-based access and server-side operations. Users may manage certain data preferences through their browser settings, where applicable. Below are the categories of data collection methods used in our Platform, along with a description of what they are used for:
      1. Essential Data Storage: These mechanisms are essential for running our Platform, maintaining authenticated access, and keeping it secure. They also help us comply with applicable regulations and keep your details safe and private. Examples include browser-based cookies, essential storage or server-side session management.
      2. Functional Data Storage: These mechanisms remember user preferences within the Platform such as your region or country, preferred language, and accessibility options like large font or high-contrast pages. They ensure the Platform functions according to your preferences every time you use it.
      3. Performance Tracking: These mechanisms provide aggregated insights into how Users interact with the Platform. We aggregate and analyse this data to improve the performance and functionality of our services. Examples include tracking page views, clicks, and scrolls.
      4. Event Tracking: The Platform may define and record system-generated and User-initiated events that occur within the web-based Platforms or Dashboards to understand how specific features are accessed and used. Such events may include creating or configuring agents, starting or ending browser-based meetings or sessions, uploading or managing documents, invoking workflows, and interacting with AI-generated outputs or responses;
      5. Log Files: Our servers automatically collect certain technical information transmitted by Users’ browsers when they access the Platform or Client- specific subdomains, commonly referred to as log files. This information may include IP addresses, browser type, operating system, date and time of access, and requested pages. Log files are used for security monitoring, analysing usage trends, administering the Platform, and diagnosing technical issues;
      6. Location Data: The Platform does not collect precise GPS-based location data or device-level location permissions. Any location-related information collected is limited to coarse or inferred data (such as country or region) derived from IP addresses, solely for security, compliance, or access-control purposes.
      7. Third-Party Web SDKs and Infrastructure Services: The Platform integrates certain third-party web-based software development kits and infrastructure services to support analytics, communications, monitoring, and operational functionality. These services may collect limited technical and usage data necessary to deliver the Services in a secure and reliable manner, in accordance with this Policy and the respective third-party providers’ privacy policies.
    3. In addition to direct user interactions and the data collection mechanisms described above, we leverage cookies and similar technologies to enhance the functionality and user experience on the Platform. These allow us to collect and process additional information for various purposes. You may reject all non-essential cookies through the cookie banner displayed on our Platform (subject to geographic availability) or through the relevant browser settings. If you choose to reject non-essential cookies, only cookies that are strictly necessary for the functioning of the Platform will be enabled. You may also configure your browser to refuse cookies or delete existing cookies; however, please note that disabling cookies may result in certain features of the Platform not functioning as intended:
      1. Cookies: We utilize cookies, which are small text files stored by your web browser on your device. These cookies help us and third parties identify Users, track preferences, analyse usage patterns, and optimize the Platform’s functionality to provide a customized experience. Cookies enable us to store preference information and understand browsing activities. You may manage cookie preferences through your browser settings. Below is the limited list of the categories of cookies we use, along with their purposes:
        1. Strictly Necessary Cookies: These cookies are needed to run our Platform, to keep it secure if you are logged in, and to obey regulations that apply to us. They also help us keep your details safe and private.
        2. Functional Cookies: These cookies are used for remembering things such as your region or country, your preferred language, and accessibility options like large font or high-contrast pages.
        3. Performance Cookies: These cookies provide aggregated information on how Users interact with the Platform. We combine all this data together and study it. This helps us to improve the performance of our Services and/or the Platform.
        4. Session Cookies: We use session cookies, which are stored temporarily during your browsing session and deleted when you close your browser or application. These cookies support Platform functionality and help us analyse usage, including pages visited, links clicked, content viewed, and time spent on each page.
        5. Analytics Cookies: Analytics cookies collect data about your use of the Platform, allowing us to improve its performance. These cookies provide aggregated information to monitor Platform functionality, track page visits, identify technical issues, analyse user traffic, and improve Service performance.
      2. Purpose of Cookies We Use: We utilize Personal Information obtained through cookies to enhance the speed, security of your interaction with us, and overall user experience. These cookies serve various purposes:
        1. Preferences: Cookies enable the Platform to remember information that alters the site’s behavior or appearance, such as your preferred language or geographic region. By retaining your preferences, we can customize the presentation and functionality of the Platform..
        2. Security/Optimization: Cookies play a crucial role in maintaining security by verifying Users, preventing fraudulent use of Services, and safeguarding User data from unauthorized access. Specific types of cookies assist in blocking various types of attacks, such as attempts to pilfer content from Platform forms.
        3. Processing: Cookies contribute to the efficient functioning of the Platform, allowing us to deliver the Services expected by visitors and/or Users. These cookies facilitate tasks like navigating web pages and accessing secure sections of the Platform.
        4. Communication: Information collected through cookies may be utilized to communicate with you, including sending newsletters, seeking your opinions and feedback, and providing Services and promotional materials.
        5. Analytics and Research: Cookies aid in comprehending how individuals utilize our Services, enabling us to enhance them for a better user experience. This data-driven insight helps us refine and improve our offerings.
    4. Web Beacons, Pixel Tags, and Trackers: We may use web beacons, pixel tags, or similar technologies on the Platform and in service-related communications to understand how Users interact with specific pages, features, or messages. These technologies are small graphic elements or blocks of code that help us determine whether a page has been accessed or a communication has been opened. The information collected through these tools is used solely to monitor Platform usage, improve functionality, assess the effectiveness of service-related communications, and support operational analytics, and is not used for behavioral advertising or targeted marketing unless expressly disclosed.
    5. Metadata: When you interact with our Platform, including while conversing with agents, participating in browser-based sessions, configuring agents, or uploading inputs using voice, text, or documents, we may collect certain metadata to enhance and optimize the functioning of the Platform and Services. Such metadata may include interaction timestamps, types or categories of queries or commands, response times, and technical information transmitted by your browser, such as IP addresses, browser type, operating system, and usage patterns. This metadata is used solely for operational purposes, performance monitoring, system reliability, and improvement of accuracy and Platform functionality, and is not used for profiling, behavioral advertising, or targeted marketing unless expressly disclosed.
    6. Information from Other Sources: We may collect Personal Information from other sources, including but not limited to:
      1. If a User or any third party submits a complaint about you, we may receive information relating to the specific complaint made in order to understand and, where relevant, address the complaint; and
      2. To the extent permitted by Applicable Law, we may receive additional information about you, such as references, demographic data, and information to help detect fraud and safety issues from:
        • (i) third-party service providers, other third parties, and/or partners, or
        • (ii) Users and any other individuals, entities, and authorities, and combine it with information we have about you. For example, we may receive background check results or fraud warnings from identity verification service providers for use in our fraud prevention, security investigation, and risk assessment efforts. We may receive information about you and your activities on and off the Platform, including from Users of our Platform, members of the public, governmental, public, or tax authorities, or about your experiences and interactions with our partners.

WHY DO WE COLLECT YOUR INFORMATION?

    1. We shall collect your information only for lawful and legally permissible purposes, which are as follows:
      1. Contractual Necessity: We process your Personal Information to fulfil our contractual obligations with you, which include, without limitation, providing access to the Platform, enabling secure access through enterprise authentication systems (such as Microsoft Single Sign-On), verifying user identity, managing user roles and access permissions, configuring Platform settings and agent workflows, supporting integrations with enterprise systems, and providing technical support, maintenance, and related Services.
      2. User Authentication: We collect your information to help us identify you as and when you access the Platform, when you register an Account with us or log in, or when you utilize our Services;
      3. Conversation Context Creation: We collect Personal Information, including audio recordings, conversation inputs, biometric data, including but not limited to facial expression or audio, and other data shared by you, to generate brief contextual summaries of conversations, enrich interaction intelligence within system, and adapt agent responses based on your usage preferences and enabled features on the Platform;
      4. Research and development: We will utilize Personal information to deliver the Services and to develop, test, and enhance the quality and usability of both the Platform and Services. Our primary approach will involve de-identifying this information before utilization, and subsequently integrating it with de-identified browser data for these purposes;
      5. Communicate with you: We use your Personal Information to communicate with you concerning our Services via different channels (e.g., by phone, e-mail, chat);
      6. Fraud Prevention and Credit Risks: We use your Personal Information to prevent and detect fraud and abuse to protect the security of our Users;
      7. Troubleshoot Problems: We use your Personal Information to provide functionality, analyse performance, fix errors, and improve the usability and effectiveness of the Platform and/or Services;
      8. Compliance with law: To be able to perform any contractual and legal obligation;
      9. Enhancing User Experience: To analyse User behavior and preferences for improving our Services and User experience, and to be able to provide location-specific services, if any;
      10. Transactions and Payments: While no transactions or payment collection features are integrated into our Platform, we may collect certain financial or billing-related information, such as bank account details, debit card details, credit card details, contact details, or any online payment gateway details for invoicing and offline payment processing related to the Services. Such information may also be used for due diligence, verifying transactions, detecting fraud or unauthorized activity, and ensuring compliance with applicable financial and anti-money laundering laws;
      11. Enhanced Advertising and Marketing Efforts: In our efforts to provide, personalize, measure, and enhance our advertising and marketing endeavors, we engage in several key activities. Firstly, we utilize User information to send promotional and marketing messages, tailoring them to suit individual preferences and interests. Additionally, we strive to customize and optimize advertising on various platforms to ensure relevance and effectiveness. Furthermore, we may administer referral programs, rewards, surveys, sweepstakes, contests, and other promotional activities to engage Users and foster community participation. Through the analysis of User characteristics and preferences, we aim to send targeted promotional messages that resonate with each User segment. Finally, we extend invitations to Users for events and relevant opportunities, enriching their overall experience with our Platform; and
      12. Providing alerts/notifications: To effectively communicate with you through emails/SMS/notifications through the Platform to inform you about any other new apps or services that we may from time to time develop.
    2. For the users residing in the United States, specific provisions and disclosures may apply, as detailed in our Supplemental Document (Schedule I). This document provides comprehensive information regarding the processing of Personal Information, including details about responsible controllers, legal bases, user rights, and contact information for inquiries. By referencing this Supplemental Document, users gain insights into our compliance with regulations such as the General Data Protection Regulation (GDPR) and gain transparency into how their information is handled.
    3. In the course of operating the Platform and/or Services, we collect and utilize Personal Information in accordance with our Privacy Policy. For users residing in the European Union, or who are otherwise protected by privacy or consumer health data laws in those jurisdictions, please refer to Schedule II that supplements our main Privacy Policy and outlines state-specific rights and protections afforded to you.
    4. You consent and recognize that your Personal Information may be disclosed on our Platform authorized by you for the purpose of utilizing our Services. Additionally, you agree and acknowledge that we are permitted to communicate with you through messaging, calls, emails, or other means, to facilitate the performance of our Services wherever necessary.

WHO DO WE SHARE YOUR PERSONAL INFORMATION WITH AND WHY?

    1. To facilitate our Services and enhance user experience, we may share Personal Information with the following entities:
      1. Third-party Service Providers:
        1. We engage the services of third-party service providers to carry out various functions on our behalf, such as AI capabilities, data analysis, postal and email communications, financial transactions, hosting services, storage, system monitoring, customer service, and marketing assistance. These third-party service providers have access to the necessary Personal Information to fulfil their functions and are contractually obligated to process such data solely for the purpose of providing their services to us. However, they are strictly prohibited from using it for any other purposes. Moreover, they are obligated to process the Personal Information in compliance with applicable privacy laws, including but not limited to the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA) and other Data Protection Laws. While we do not own or control these third parties, when you interact with them and choose to use their services, you are providing your information to them.
        2. You acknowledge that our AI-powered features are enabled through third-party API integrations, including but not limited to OpenAI, Anthropic and Google (collectively, the “LLM Service Providers”). These third-party providers process the Personal Information, prompts, media, and interactions you input in order to generate responses and deliver AI functionalities. While we do not directly share your Personal Information with these providers, your inputs may be accessed and processed by them as part of their service delivery. To the best of our knowledge, these providers do not retain or use your data for model training or improvement unless explicitly stated in their respective privacy policies or required by law. Most LLM Service Providers process input data solely for operational needs such as abuse monitoring, service reliability, and diagnostics. We encourage you to review the individual policies of these providers listed above to understand how your data may be handled during your use of AI-powered tools on our Platform.
        3. Your use of these services is subject to the policies of those providers, including but not limited to the following:
Sr. No.Service ProvidersPurpose/FunctionLinks
1Amazon Web ServicesCloud & Storagehttp://aws.amazon.com/
2LiveKitWebRTC infrastructurehttps://livekit.io/
3SvixWebhooks-as-a-servicehttps://www.svix.com/
4NovuMessaging & notificationshttps://novu.co/
5OpenAILarge Language Model (LLM)https://openai.com/
6AnthropicLarge Language Model (LLM)https://www.anthropic.com/
7Google (LLM Services)Large Language Model (LLM)https://cloud.google.com/ai/llms
8PostHogUser and Platform Observabilityhttps://posthog.com/
9GitHub ActionsDevOpshttps://github.com/
10StripePayment processinghttps://stripe.com/in
11QdrantVector database used for embeddings and semantic searchhttps://qdrant.tech/
12MongoDBPrimary data store for structured and unstructured Platform datahttps://www.mongodb.com/
13RedisIn-memory caching to improve performance and response timeshttps://redis.io/
14TensorLakeFile processing and data pipeline managementhttps://www.tensorlake.ai/
15ScrutCompliance management and security posture monitoringhttps://www.scrut.io/lp1/scrut-comparison
16LinearInternal issue tracking and workflow managementhttps://linear.app/
17LangfuseAI and Agent Observabilityhttps://www.langfuse.com
      1. Employees and Independent Contractors: Employees and independent contractors of the Company have access to Personal Information strictly on a need-to-know basis for their job functions or contractual obligations. They comply with this Policy and are trained to protect Personal Information. Confidentiality obligations prohibit unauthorized disclosure or misuse of Personal Information. We monitor compliance and may enforce disciplinary action for breaches, ensuring appropriate security measures are in place to safeguard all accessed Personal Information.
      2. Affiliates: We may share your information with our affiliates, in which case we will require those affiliates to honor this Policy. Affiliates may include our parent company and any subsidiaries, joint venture partners, or other companies that we control or that are under common control with us.
      3. Business Transfers: If we reorganize or sell all or a portion of our assets, undergo a merger, or are acquired by another entity, we may transfer your information to the successor entity. If we go out of business or enter bankruptcy, your information would be an asset transferred or acquired by a third party. You acknowledge that such transfers may occur and that the transferee may decline to honor commitments we made in this Policy.
      4. Legal Compliance:
        1. We may disclose your information to courts, law enforcement, governmental or public authorities, tax authorities, authorized third parties, or other Users, if and to the extent we are required or permitted to do so by law or where disclosure is reasonably necessary to:
          • (i) comply with our legal obligations,
          • (ii) comply with a valid legal request, such as a subpoena or court order, or to respond to claims asserted against Company,
          • (iii) respond to a valid legal request relating to a criminal investigation to address alleged or suspected illegal activity, or to respond to or address any other activity that may expose us, you, or any other of our Users to legal or regulatory liability,
          • (iv) enforce and administer our agreements with users, including our Terms, additional legal terms, and policies,
          • (v) respond to requests for or in connection with current or prospective legal claims or legal proceedings concerning the Company and/or third parties, in accordance with applicable law, or
          • (vi) protect the rights, property or personal safety of the Company, its employees, its user, or users of the public. Notwithstanding the above, you understand that before responding to any request for Personal Information, we conduct a thorough legal review to ensure the request complies with applicable laws, is specific, and is valid under the relevant legal framework. Requests that do not meet these criteria will not be processed. We reserve the right to seek clarification or additional information from the requesting authority if needed to validate the request.
        2. Where legally required or permissible according to applicable law, we may disclose user information to relevant tax authorities or other governmental agencies, depending on where you are based, for the purpose of the tax authorities’ determination of proper compliance with relevant tax obligations.
        3. Furthermore, we adhere to a strict data minimization policy, disclosing only the minimum amount of Personal Information necessary to comply with lawful requests. Before responding to any request, we thoroughly assess its scope to ensure only information specifically relevant and necessary to fulfil the legal requirement is disclosed. Additionally, any data irrelevant to the specific request is redacted or withheld. If data must be disclosed, it is shared in aggregate or anonymized form wherever possible to safeguard individual privacy.
        4. We maintain detailed documentation of all requests from public authorities for user information to ensure accountability and transparency. This includes, without limitation,
          1. the nature and content of the request,
          2. verification of the requesting authority's credentials,
          3. legal basis cited in the request (e.g., court orders, subpoenas, statutory authority),
          4. internal legal review processes, including opinions sought from legal counsel,
          5. specific information disclosed (if any) and the date of disclosure,
          6. any communication with the requesting authority, including objections or clarifications sought, and
          7. steps taken to comply with jurisdiction-specific laws and regulations.
        5. Where appropriate and/or legally required, we may notify the User about legal requests, unless:
          • (i) providing notice is prohibited by the legal process itself, by court order we receive, or by applicable law, or
          • (ii) we believe that providing notice would be futile, ineffective, create a risk of injury or bodily harm to an individual or group, or create or increase a risk of fraud upon or harm to us, our Users, or expose us to a claim of obstruction of justice. If a request for Personal Information is deemed unlawful, overly broad, or lacking in sufficient legal basis, we will take appropriate measures to challenge or refuse the request. This may include engaging with the requesting authority to clarify the scope of the request or initiating or participating in legal proceedings to challenge the request where warranted.
      5. Service Improvement: We may share certain aggregated, anonymized information with third parties (for example, for Google Analytics) in order to assess the Platform usage and information pertaining to the ease of navigation.
      6. Advertisements: We use third-party advertising companies to serve ads when you visit our Platform. These companies may use information (not including your name, address, email address, or telephone number) about your visits to the Platform and other websites in order to provide personalized advertisements about goods and services of interest to you.
      7. Collaborations: We may share your Personal Information with reputable partners to facilitate joint initiatives, promotions, or integrated services; and
      8. Growth and Expansion: As our Platform evolves and expands, there may be instances where sharing Personal Information with new entities or parties becomes necessary for the enhancement of our Services. Any such sharing will be carried out with the utmost consideration for user privacy and in accordance with relevant legal frameworks.
    1. We do not ever sell or rent your Personal Information without your express approval.
    2. We do not share Personal Information with advertisers or third-party sites displaying our interest-based ads. However, advertisers may infer user interests from interactions with ads and might provide us with demographic information to enhance ad relevance. Advertisers can serve ads directly to your browser, receiving your IP address, and may use cookies to evaluate ad effectiveness. We do not control these cookies or the practices of third-party advertisers, so please refer to their privacy policies for more information.
    3. We are not responsible for the actions of third parties with whom you share personal or sensitive data, and we have no authority to manage or control third-party solicitations. If you no longer wish to receive correspondence, emails, or other communications from third parties, you are responsible for contacting the third party directly.
    4. We may also de-identify or aggregate information and convert it into non-personal information so that it can no longer reasonably be used to identify you (“De-identified Information”). We use and retain De-Identified Information for any of the purposes described in Sections 4 and 5 of this Policy. We will maintain and use De-Identifying Information in de-identified form and will not attempt to re-identify the information, except to confirm our de-identification processes or unless required by law.
    5. De-identified Information that cannot be able to personally identify particular individuals is referred to as anonymized information. Additionally, De-identified Information that can identify individuals only if it is combined with another, separate piece of information is referred to as pseudonymized information.
    6. Where possible, we will aim to collect, store, and use anonymized information as a first preference, and if not, then pseudonymized information. Please note that we may retain anonymized information for analytic and service development purposes.
    7. We may share aggregated, anonymized information to third parties for analytical and/or marketing purposes.
    8. We are not responsible for the actions of third parties with whom you share personal or sensitive data, and we have no authority to manage or control third-party solicitations. If you no longer wish to receive correspondence, emails, or other communications from third parties, you are responsible for contacting the third party directly.

HOW LONG DO WE KEEP YOUR PERSONAL INFORMATION?

    1. In compliance with applicable Data Protection Laws, we retain your Personal Information for a duration no longer than necessary for the purpose for which it was collected or as mandated by relevant Data Protection Laws. By default, your Personal Information is retained for a period of up to five (5) years from the date of last active use or termination of Account, unless a shorter retention period is requested by the Client or a longer retention period is mandated by applicable law, or regulatory guidelines.
    2. You may request permanent deletion of your Account and all associated data at any time. Upon receiving such a verified request, we will initiate the deletion process and complete it within thirty (30) days, including purging of associated backups as part of our secure data sanitization protocols. During this period, you may request to export or recover your data. In some cases, where immediate deletion is not feasible due to technical or legal constraints, we may instead anonymize your data to ensure it can no longer be linked to you, effectively removing all personal identifiers. The anonymized data may be retained solely for analytical and research purposes.
    3. All Personal Information is stored securely on encrypted cloud infrastructure, and our retention practices are aligned with industry standards, and the terms of our agreements with User.
    4. However, certain data related to you may be retained beyond its primary retention period if it is deemed reasonably necessary to prevent fraud, mitigate abuse, exercise our legal rights, defend against claims, or fulfil legitimate purposes as required by law. We may also retain your Personal Information for analytical and research purposes, or for purposes in the public interest. Additionally, we may retain your Personal Information for the following purposes:
      1. Legitimate Business Interest: We may retain your Personal Information as necessary for our legitimate business interests, such as the prevention of money laundering, fraud detection and prevention, and enhancing safety. For example, if we suspend your access to our Services for fraud or safety reasons, we may retain information to prevent that User from accessing our Services again in the future;
      2. Legal, Tax, Reporting, and Auditing Obligations: We may retain and use your Personal Information to the extent necessary to comply with our legal, tax, reporting, and auditing obligations;
      3. Shared Information: Information you have shared with others, such as reviews and forum postings, may continue to be publicly visible on the Platform, even after your Account is cancelled; and
      4. Residual Copies: Residual copies of your Personal Information (either in the form of De-Identified Information, Non-Identifying Information, or identified information) may remain in our backup systems, primarily to ensure compliance with legal obligations and to protect against accidental loss or destruction. However, non-identifiable usage patterns, data, and analytics may be retained for performance improvement of our Platform and/or Services. We strive to anonymize your data to prevent any personal identifiers from being linked to you. However, in rare cases where legal or operational requirements necessitate, identifiable information may be retained temporarily. Such retention is strictly limited and governed by applicable laws.
    5. You further acknowledge that while we manage your Personal Information in accordance with this Policy and do not permit its use for model training or improvement, your inputs and outputs may be accessed, processed, and temporarily stored by the relevant LLM Service Provider solely for purposes such as delivering requested functionality, ensuring service reliability, monitoring for misuse, or complying with legal obligations, in accordance with their respective policies. The retention practices applicable to such inputs and outputs may vary depending on the LLM Service Provider involved, and we do not control the specific retention periods adopted by these providers; however, we engage only with providers that are contractually bound to comply with applicable privacy and security standards. By continuing to use AI-powered features on the Platform, you acknowledge and agree to such third-party processing and retention practices and are encouraged to review the privacy policies, terms and conditions or other policy of the relevant LLM Service Providers for further details.

HOW DO WE PROVIDE FOR THE SECURITY OF YOUR PERSONAL INFORMATION WITH US?

    1. We prioritize the security of your Personal Information and have implemented industry-standard technical and organizational measures to protect it against unauthorized access, disclosure, alteration, or destruction. All data transfers to and from our Platform are protected using Hypertext Transfer Protocol Secure (HTTPS) and TLS 1.2+, ensuring encryption via Secure Sockets Layer (SSL) technology. Data is encrypted both in transit and at rest, using industry-standard encryption mechanisms such as AES-256. Access to Personal Information is governed by strict access-control mechanisms, with multi-factor authentication enforced wherever possible. Access rights are granted on a least-privilege and need-to-know basis and are limited to a minimal number of authorized individuals. We are SOC 2 Type II certified and follow standard security policies and controls consistent with the applicable laws.
    2. In addition, we maintain reasonable administrative, electronic, and physical safeguards in alignment with globally recognized information security practices, ensuring the ongoing confidentiality, integrity, and availability of your Personal Information.
    3. We work to protect the security of your Personal Information during transmission by using encryption protocols. We use multi-layered controls to help protect our infrastructure, constantly monitoring and improving our applications, systems, and processes to meet the growing demands and challenges of security. We ensure that the third parties who provide services to us under appropriate contracts take appropriate security measures to protect your Personal Information in line with our policies. We may update or modify such security measures from time to time, provided that such updates and modifications do not result in the degradation of the overall security of the Service.
    4. The safety and security of your information also depend on you. Where we have given you (or where you have chosen) a password for access to Platform or certain parts of our Platform, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. We urge you to be careful about giving out information in public areas of the Platform, like message boards, as the information you share may be viewed by any user of the Platform.
    5. While we take comprehensive measures to safeguard your information, Users acknowledge and accept the inherent security implications of data transmission over the Internet and the World Wide Web. Despite our efforts, complete security cannot be guaranteed, and inherent risks persist. Users bear the responsibility of safeguarding login credentials for their Accounts. Any transmission of Personal Information is at your own risk. We are not responsible for the circumvention of any privacy settings or security measures contained on the Platform. While acknowledging these risks, we remain committed to continually enhancing our security protocols to address emerging threats and maintain the trust of our Users.

HOW DO WE HANDLE DATA BREACHES AND SECURITY INCIDENTS?

    1. Pursuant to Section 7 of this Policy, we strive to prevent data breaches and security incidents to the best of our ability. However, should a data security breach occur, we have an incident response plan (“Incident Response Plan”) in place as outlined in this Section. In the event of a data breach or security incident, the Company maintains a proactive approach to ensure swift resolution and mitigate potential risks. Additionally, we take appropriate measures to contain the impact of any breach while ensuring compliance with applicable Data Protection Laws.
    2. We have established a comprehensive incident response plan designed to address such occurrences promptly and effectively:
      1. Identification: We promptly identify and acknowledge any signs of a data breach or security incident within our systems or infrastructure;
      2. Containment: Immediate action is taken to contain the impact of the breach, preventing further unauthorized access or damage to data;
      3. Notification: We prioritize transparency by promptly notifying affected parties, including Users and relevant stakeholders, within a reasonable time of discovering the breach. The notifications will be communicated via email and will detail the nature of the breach and its potential impact on their data, along with support resources;
      4. Collaboration: We collaborate with relevant authorities, such as regulatory bodies and law enforcement agencies, to report the incident and comply with any legal obligations or regulatory requirements; and
      5. Post-Incident Assessment: Following the resolution of the incident, we conduct thorough assessments to evaluate the effectiveness of our response measures and identify areas for improvement. Our employees are trained on the Incident Response Plan to ensure preparedness and effective response.

DO WE TRANSFER YOUR PERSONAL INFORMATION ACROSS THE BORDER?

    1. Storage Information: User data is securely stored on our servers and databases, using third-party storage partners, including AWS. These servers are strategically located based on the User's location to minimize latency for each User. At present, our servers are located in the United States. However, this may change as we scale and transition to data centers in other jurisdictions, based on operational requirements.
    2. While our primary practice is to store all data on servers located within the United States, it’s important to note that certain circumstances may necessitate the transfer of your Personal Information to countries outside your residential country. These transfers may occur for various purposes outlined in this Policy.
    3. You understand and accept that other countries may have differing (and potentially less stringent) laws relating to the degree of confidentiality afforded to the information it holds and that such information can become subject to the laws and disclosure requirements of such countries, including disclosure to governmental bodies, regulatory agencies, and private persons, as a result of applicable governmental or regulatory inquiry, court order or other similar processes. In addition, a number of countries have agreements with other countries providing for the exchange of information for law enforcement, tax, and other purposes.
    4. If we transfer your Personal Information to third parties for purposes stated in this Policy, we will use our best endeavors to put in place appropriate controls and safeguards to ensure that your Personal Information is kept accurate, adequately protected, and processed only for specified and reasonable purposes in a manner that is fair, transparent and has a lawful basis, and is stored for no longer than is absolutely necessary.

WHO IS THE DATA CONTROLLER, DATA PROCESSOR AND DATA SUB-PROCESSOR OF YOUR PERSONAL INFORMATION?

    1. The Company will act as the Data Controller, where we make decisions on how your Personal Information is used in connection with the Platform or our Services. We will act as the Data Processor, where we only use your Personal Information as authorized and instructed by a third party in connection with the Platform or Services.
    2. Where we are acting as the Data Controller, we are responsible for the obligations of a Data Controller under Data Protection Laws in connection with the processing of Personal Information of User, Client and End Users, and we use this Privacy Policy to provide them with information about our use of your Personal Information.
    3. Where we act as a Data Processor, the relevant third party, such as Clients using the Platform, will act as the Data Controller. These third parties are responsible for fulfilling the obligations of a Data Controller under applicable Data Protection Laws in relation to the processing of your Personal Information. In instances where you access the Platform or our Services through a third party or where Clients upload content or manage End Users’ Personal Information, they serve as the Data Controllers. The Company processes this data strictly on their behalf, following their instructions and acting solely as a Data Processor. If you have any queries regarding the processing of your data by such third parties, you should contact the respective Data Controller directly for further information or clarification on their compliance with Data Protection Laws.
    4. The third-party service providers identified under Section 5 of this Policy act as sub-processors of the Company. Such Data sub-processors are engaged by the Company in its capacity as a Data Processor to process Personal Information solely on behalf of, and in accordance with, the documented instructions of the applicable Data Controller, and strictly for the purpose of enabling the operation and delivery of the Platform and Services. All Data sub-processors are contractually bound to comply with applicable Data Protection Laws, maintain appropriate technical and organizational safeguards, and process Personal Information only in accordance with the Company’s contractual obligations and instructions.
    5. You understand and acknowledge that the Company is the controller for the processing of your Personal Information. Our contact information is:

Address: 4112, Saguaro Ln, Irving, Texas 75063

Email: contact@useauron.ai

WHAT ARE YOUR RIGHTS AS A DATA SUBJECT?

    1. You, as a data subject, have certain rights to your Personal Information under the applicable laws, as outlined below:
      1. Request access to your Personal Information: This allows you to receive a copy of the Personal Information we hold about you, and to check that we are lawfully processing it;
      2. Request the correction of your Personal Information: This allows you to ask for any incomplete or inaccurate information we hold about you to be corrected;
      3. Request the erasure of your Personal Information: This allows you to ask us to delete or remove your Personal Information from our systems where there is no good reason for us to continue processing it;
      4. Object to the processing of your Personal Information: This allows you to object to our processing of your Personal Information for a specific purpose (for example, for marketing purposes);
      5. Request the transfer (data portability) of your Personal Information: This allows you to request the transfer of your Personal Information in a structured, commonly used, machine-readable format, either to you or to a third party designated by you and, if technically feasible, have it transmitted to another controller without any hindrance. This provision is applicable provided that your information is processed by automated means and that the processing is based on your consent, on a contract of which you are a part, or on pre-contractual obligations thereof;
      6. Request the restriction: You have the right to request the restriction of the processing of your Personal Information. This means we will store your Personal Information but not further process it, except in limited circumstances (e.g., with your consent or for legal claims);
      7. Request further information on the processing of your Personal Information: You have the right to obtain further information on how we process your Personal Information. This includes details about the purposes of the processing, the categories of Personal Information involved, the recipients or categories of recipients with whom the Personal Information has been or will be shared, and the envisaged retention period of the Personal Information;
      8. Withdraw your Consent: This right only exists where we are relying on your consent to process your Personal Information. If you withdraw your consent, we may not be able to provide you with access to certain features of our Platform. We will advise you if this is the case at the time you withdraw your Consent.
      9. Opting Out of Marketing Materials: You may object to our use of your Personal Information for marketing purposes. You can always opt out of this through the functionality provided in each marketing communication (e.g. by clicking “unsubscribe” at the bottom of an email).
      10. User’s State-Specific Rights: 1. If you are residing in the United States including states such as California, Colorado, Connecticut, Delaware, Florida, Iowa, Montana, Nevada, Oregon, Texas, Utah, Vermont, Virginia, or Washington, or are otherwise protected by privacy or consumer health data laws in those jurisdictions, please refer to Schedule I that outlines state-specific rights and protections afforded to you. 2. If you are a citizen of the European Union, you may have additional rights listed in Schedule II. Please refer to Schedule I below for more detailed information on your rights.
      11. Please note that these Schedules are supplemental to our Privacy Policy.
      12. In relation to the above, you can exercise such right by sending us an email with your request to contact@useauron.ai along with the necessary proof of identity requirements that we may require prior to processing such a request from you.
      13. We are committed to respecting and protecting your privacy and will make every effort to accommodate your requests and address your concerns in accordance with applicable laws. It's important to note that we may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect. This ensures that your rights are upheld and that we respond to your inquiries promptly and effectively.
      14. While we strive to cover the privacy rights of Users in various jurisdictions through this Privacy Policy and the accompanying Schedules, we understand that some Users may be in regions with specific data protection laws that are not explicitly addressed here. If you are a User whose data subject rights are not clearly covered in this Privacy Policy or the Schedules, please reach out to us for assistance at contact@useauron.ai You can contact us to: (a) inquire about the processing of your Personal Information; (b) request access, rectification, or erasure of your Personal Information; (c) restrict or object to the processing of your Personal Information; and (d) exercise any other rights granted under applicable data protection laws in your jurisdiction.
      15. Please be aware that these rights are subject to legal restrictions. We will respond to your request as soon as possible, typically within one month at the latest. If you believe that our processing of your Personal Information is unlawful, you have the right to complain to contact@useauron.ai We hope that you will first contact us so that we can assess your objections and clarify any misunderstandings.

ARE CHILDREN ALLOWED TO USE OUR PLATFORM?

    1. This Platform is strictly prohibited for use by individuals under the age of eighteen (18) years or the age of majority as defined by the applicable laws of their country of residence. Specifically, individuals under the age of sixteen (16) residing in European Union (EU) countries and those under thirteen (13) years old in the United States or United Kingdom are also restricted from accessing our Platform and Services (collectively referred to as “Minors”) Accessing or using the Platform by Minors constitutes a violation of our Terms of Service and Privacy Policy.
    2. We do not knowingly collect, solicit, or process any Personal Information from Minors. We implement commercially reasonable age verification measures and data protection practices to prevent such unauthorized collection and usage.
    3. If you are a parent or legal guardian ("Guardian") and believe your child has provided us with Personal Information, we urge you to promptly contact us at contact@useauron.ai Upon verification of your Guardian status, we will promptly take all necessary steps to remove and delete such information from our records.

HOW CAN YOU EXPRESS YOUR COMPLAINTS AND CONCERNS?

User satisfaction is one of the key focus areas and an integral part of our Platform’s founding principles and business policies. We strongly believe that user satisfaction is the most important factor in the growth and development of our business, and hence, we have adopted user-centricity as a priority in developing our business processes. The terms below shall constitute our “User Grievance Redressal Policy”, which outlines the framework for addressing user grievances:

    1. Objective: The objective of this Grievance Policy is to provide a framework:
      1. to ensure the provision of timely and effective resolution of issues raised by users; and
      2. to keep users informed about the manner in which they can reach out to us to resolve their queries and grievances.
    2. Governing Principles: The policy on grievance redressal is governed by the following principles:
      1. User shall be treated fairly at all times;
      2. Issues raised by users are always attended to with courtesy and on time;
      3. Users are provided with effective and satisfactory resolution within a reasonable time period; and
      4. Users are fully informed of avenues to escalate their issues/ grievances if they are not fully satisfied with the response to their complaints.
    3. Grievance Redressal: Any user can reach our Data Protection Officer through electronic mode by way of email communication at contact@useauron.ai for availing rights mentioned under Section 11 or for any other grievance redressal;
    4. Must Know: You must know and understand that:
      1. We DO NOT solicit confidential details like your OTP/CVV/PIN/Card Number/ Bank account details through any means other than explicitly mentioned by us.
      2. Scamsters and fraudsters employ various techniques, such as ‘phishing’, to contact, influence, and defraud consumers. We regularly caution our users against sharing any personal or payment-sensitive information with unknown individuals, as such sharing can lead to unauthorized use and/or fraud, resulting in consequent financial loss.
      3. We shall not be liable for any loss, damage, or expense incurred by a user where the user has shared personal and/or payment-sensitive information with scamsters/fraudsters.
      4. Additionally, we also request and encourage our users to report such attempts or incidents to us at contact@useauron.ai to enable us to investigate and explore legal recourse.
      5. We rely on our payment processor and banks. In certain cases involving payment issues, we might see a delay as that is beyond our control once we pass the investigation to them; however, we try our best not to exceed reasonable timelines.

HOW ARE CHANGES MADE TO THIS POLICY?

This Policy may be updated at our sole discretion or due to changes in the law. Such changes, unless otherwise stated, will be effective from the day and date of posting on the Platform. We reserve the right to update the Policy without obligation to notify users. It is recommended to regularly review this Policy for any changes, as your continued access and use of the Platform and/or Services will be considered your approval and acceptance of all modifications to this Policy. In cases where applicable law mandates, we may notify you of updates through email or on the Platform. If you do not agree with this Policy governing our Platform and/or Services, please refrain from using the Platform and/or Services provided by us.

HOW CAN YOU CONTACT US?

Should you need additional information or have any questions or complaints regarding the handling of your Personal Information, please feel free to reach out to us through any of the following channels:

Email: contact@useauron.ai

Additionally, you can reach out to us through our Contact Us page for further assistance.

Schedule I: United States Residents

We are dedicated to adhering to the California Consumer Privacy Act (CCPA), California Privacy Rights Act (CPRA), Virginia Consumer Data Protection Act (VCDPA), Colorado Privacy Act (CPA) and other relevant state privacy regulations. If you are a resident of California, Colorado, Connecticut, Delaware, Florida, Iowa, Montana, Nevada, Oregon, Texas, Utah, Vermont, Virginia, or Washington, or if you fall under the protections offered by privacy laws in those states, this section serves as an addition to our primary Privacy Policy, detailing your specific rights and protections.

According to the CCPA, "Personal Information" encompasses any data that can identify, relate to, describe, or be reasonably associated with a specific consumer or household. This includes a variety of information types such as names, addresses, and online identifiers, among others.

We make every effort to ensure that the Personal Information we gather is precise, relevant, and utilized correctly. You have the right to access, delete, and request disclosures regarding your Personal Information. For any questions or to exercise these rights, please reach out to us using the contact details provided below.

  1. YOUR PRIVACY RIGHTS:
  • Right to access: You can access the information that has been provided by you by reaching out to us at contact@useauron.ai
  • Right to withdraw consent: The consent that you provide for the collection, use, and disclosure of your Personal Information will remain valid until such time it is withdrawn by you in writing. If you withdraw your consent, we will stop processing the relevant Personal Information except to the extent that we have other grounds for processing such Personal Information under applicable laws. We will respond to your request within a reasonable timeframe. You may withdraw your consent at any time by contacting us; and
  • Right to Opt-Out: You have the right to opt out of certain processing activities, such as the sale of Personal Information or the use of Personal Information for targeted advertising purposes. Firmli will respect your preferences and refrain from such activities upon your request.
  • Right to correction: You are responsible for maintaining the accuracy of the information you submit to us, including but not limited to your Contact Information. For any necessary updates or corrections to your Personal Information, Users can easily modify details using the provided Platform functionalities or by reaching out to us at contact@useauron.ai
  • Right of Access and Portability: In some jurisdictions, applicable law may entitle you to request certain copies of your Personal Information or information about how we handle your Personal Information, request copies of Personal Information that you have provided to us in a structured, commonly used, and machine-readable format, and/or request that we transmit this information to another service provider, where technically feasible.
  • Right of Erasure: In some jurisdictions, you can request that your Personal Information be deleted.
  1. DATA CONTROLLER AND PROCESSOR:

Under various U.S. privacy laws, including but not limited to the California Consumer Privacy Act (CCPA) and other state-specific regulations, we act as the “Data Controller” as well as “Data Processor” of Personal Information. To ensure compliance, we operate our services in a manner that guarantees: Personal Information is processed fairly, lawfully, and transparently; and it is collected and used only for legitimate and specified purposes.

  1. APPEAL PROCESS:

If you disagree with the Firm's response to your privacy rights request or believe your rights have not been adequately addressed, you have the right to appeal. You can submit your appeal in writing to our Data Protection Officer at contact@useauron.ai with the subject line "Appeal of Privacy Rights Request"

  1. DATA RETENTION AND DE-IDENTIFICATION:

We are committed to retaining Personal Information only for as long as necessary to fulfil the purposes for which it was collected, as outlined in our main Privacy Policy (see Section 6). We may also take measures to de-identify Personal Information in accordance with applicable laws and regulations.

  1. LODGING A COMPLAINT

If you believe your rights have been violated or are dissatisfied with our response, you have the right to lodge a complaint with the federal agencies such as the Federal Trade Commission (FTC) and the Consumer Financial Protection Bureau (CFPB). You may also contact the State Attorney General’s Office of your residential state. These organizations are responsible for handling complaints related to data protection and ensuring compliance with the privacy laws.

  1. ADDITIONAL INFORMATION:

For more detailed information on how we handle your Personal Information, including our data collection practices, security measures, and third-party disclosures, please refer to our main Privacy Policy available.

Schedule II - European Union Residents

We are committed to ensuring compliance with the European Union General Data Protection Regulation (GDPR).

Although our Privacy Policy explains how we meet all of our obligations for United State Users, we also have some Users who are habitually located in the European Union (‘EU Residents’) who have additional rights with respect to their Personal Data.

Personal Data is defined as: “Any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier”. The term “Personal Data” should be considered fundamentally interchangeable with the expression “Personal Information” for the purposes of this Privacy Policy.

Under the GDPR, we are the “Data Controller” and “Data Processor” of Personal Data. As part of our GDPR compliance, we provide and operate the Platform in a way that ensures: Personal Data (i.e. Personal Information) is processed fairly, lawfully, and in a transparent manner; and collected and processed only for specified and lawful purposes.

We ensure that the Personal Data we collect about you is accurate, complete, and used for its intended purpose. You may access, review, correct, and update your Information by contacting us by email at the contact details below.

EUROPEAN UNION RESIDENTS

In certain circumstances, you have certain rights regarding your Personal Information. A summary of each right and how you can exercise it is detailed below. To exercise any of these rights, please contact us at contact@useauron.ai Such requests should include information to allow us to verify your identity (e.g. your name, address, email address, or other information reasonably required).

Where we receive your request to exercise one of these rights, we will respond without undue delay and within the time required by applicable law. This may be extended in certain circumstances, e.g. where requests are complex or numerous.

We will provide the information free of charge, except where requests are manifestly unfounded or excessive, e.g. because of their repetitive character. In these circumstances, we may charge a reasonable fee or may refuse to act on the request. We will advise you of any fees prior to proceeding with a request. We may ask for additional information to verify your identity before carrying out a request.

HOW CAN YOU EXERCISE YOUR RIGHT?

  1. Right to access and/or correct your Personal Data

You have the right to access the Personal Data we hold about you, and to be provided with a copy of the information (in most circumstances). You also have the right to correct any information we may hold about you that is inaccurate.

  1. Right to restrict the use of your Personal Data

You have the right to ask us to restrict the processing of your Personal Data where one of the following applies:

  • The processing is unlawful, but you want us to restrict the use of the data instead of deleting it;
  • Where you contest the accuracy of your Personal Data, the restriction will apply until we have verified the accuracy or corrected your Personal Data;
  • We no longer require the Personal Data for the purposes of the processing, but are required to keep it in connection with a legal claim;
  • You have exercised your right to object to the processing. The restriction will apply until we have taken steps to verify whether we have compelling legitimate grounds to continue processing.
  1. Right to withdraw consent and request deletion of your Personal Data
  • You have the right to ask us to delete your Personal Data in most circumstances. There are also certain exceptions where we may refuse a request for erasure, for example, where the Personal Data is required to comply with a legal obligation or for the establishment, exercise, or defence of legal claims.
  • You may object to our use of your Personal Data for marketing purposes, and you can let us know via the provided email address.
  • Further, you may also object to the processing of your Personal Data in cases where we have used legitimate interests as the basis for processing. In such cases, we will stop processing your Personal Data until we verify that we have compelling legitimate grounds for processing that outweigh your interests, rights, and freedoms in asking us to stop processing the data, or in limited cases where we need to continue processing the data for the establishment, exercise, or defence of legal claims.
  1. Data retention and anonymization

We are committed to retaining Personal Information only for as long as necessary to fulfil the purposes for which it was collected, as outlined in our main Privacy Policy (see Section 6). We may also take measures to de-identify Personal Information in accordance with applicable laws and regulations.

  1. Right to data portability

In most cases, you have the right to receive all Personal Data you have provided to us in a structured, commonly used, and machine-readable format and to transmit this data to another data controller, where technically feasible.

  1. Right to lodge a complaint with a supervisory authority

If you are a resident of the EU, you have the right to make a complaint at any time to the regulator in your jurisdiction. To find out how to contact your local regulator, please visit https://edpb.europa.eu/about-edpb/about-edpb/members_en.

We will allow and assist Users who are EU Residents to exercise these rights unless we have compelling and legitimate legal grounds not to (e.g. a legal obligation under United Kingdom legislation, or if the Personal Data has been fully anonymized).