Introduction

Transform AI is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, share, and protect your personal information when you use our services, visit our website, or otherwise interact with us. We believe in transparency and want to ensure you understand your rights and how we handle your data.

Scope

This Privacy Policy applies to all personal information we collect from or about you through our services, websites, applications, and any other digital properties we operate. This includes information collected from:

• Users of Transform AI's platform and services

• Visitors to our websites

• Individuals who contact us or interact with us

• Business contacts and prospective customers

Information We Collect

Information You Provide to Us

Account and Profile Information: When you create an account or use our services, we collect information such as your name, email address, company information, job title, and contact details.

Communications: When you contact us for support, send us emails, or communicate with us through our platform, we collect the content of those communications and any information you choose to provide.

Payment Information: If you make purchases, we collect billing information such as your name, billing address, and payment method details. Payment card information is processed by our secure third-party payment processors.

Service Usage Data: Information about how you use our platform, including features accessed, settings configured, and data you upload or create within our services.

Information We Collect Automatically

Technical Information: When you use our services, we automatically collect technical information including IP addresses, device identifiers, browser type and version, operating system, and device information.

Usage Analytics: We collect information about your interactions with our services, including pages visited, features used, time spent on our platform, click-through rates, and usage patterns.

Cookies and Similar Technologies: We use cookies, web beacons, and similar tracking technologies to collect information about your browsing behavior.

Log Data: Our servers automatically record information when you use our services, including your IP address, the time and date of your request, the pages you visit, and how you interact with our platform.

How We Use Your Information

We use your personal information for the following purposes:

Service Provision: To provide, operate, maintain, and improve our services, including processing your requests, authenticating users, and delivering the features you've requested.

Communication: To communicate with you about our services, respond to your inquiries, provide customer support, and send important notices about your account or our services.

Personalization: To customize and personalize your experience with our services, including providing relevant content and recommendations.

Analytics and Improvement: To analyze how our services are used, identify trends, measure the effectiveness of our services, and improve our platform's functionality and user experience.

Marketing: With your consent where required, to send you promotional materials, newsletters, and information about our services that may interest you. You can opt out of marketing communications at any time.

Legal and Security: To comply with legal obligations, protect our rights and property, prevent fraud, ensure platform security, and investigate and prevent prohibited or illegal activities.

Legal Basis for Processing

We process your personal information based on the following legal grounds:

• Contract Performance: Processing necessary to provide our services under our Terms of Service

• Legitimate Interests: Processing for our legitimate business interests, such as improving our services, security, and analytics

• Consent: Where you have provided clear consent for specific processing activities

• Legal Obligation: Processing required to comply with applicable laws and regulations

Data Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

Service Providers: We work with trusted third-party service providers who assist us in operating our platform, processing payments, providing customer support, conducting analytics, and other business functions. These providers are contractually obligated to protect your information and use it only for the services they provide to us.

Business Partners: With your consent, we may share information with business partners for joint offerings or integrations that you have requested.

Legal Requirements: We may disclose your information when required by law, legal process, or government request, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

Business Transfers: In connection with any merger, acquisition, sale of assets, or similar business transaction, your information may be transferred to the acquiring entity, subject to the same privacy protections.

Aggregated Information: We may share aggregated, de-identified information that cannot reasonably be used to identify you for research, analytics, or business purposes.

Data Retention and Disposal

We retain your personal information for as long as necessary to provide our services and fulfill the purposes described in this Privacy Policy. Specific retention periods depend on the type of information and how we use it:

Account Information: Retained while your account is active and for a reasonable period afterward to comply with legal obligations and resolve disputes.

Usage Data: Typically retained for up to 24 months for analytics and service improvement purposes.

Communication Records: Retained for up to 3 years to provide customer support and resolve issues.

Legal and Compliance: Some information may be retained longer to comply with legal obligations, resolve disputes, and enforce our agreements.

When we no longer need your personal information, we securely delete or anonymize it using industry-standard methods. Electronic data is securely wiped or destroyed, and physical records are shredded or destroyed using secure methods.

Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal information:

Access: You can request a copy of the personal information we hold about you.

Correction: You can request that we correct inaccurate or incomplete information.

Deletion: You can request that we delete your personal information, subject to certain exceptions.

Portability: You can request a copy of your personal information in a structured, machine-readable format.

Objection: You can object to our processing of your personal information in certain circumstances.

Restriction: You can request that we restrict how we process your personal information in certain circumstances.

Withdrawal of Consent: Where processing is based on consent, you can withdraw your consent at any time.

To exercise these rights, please contact us using the information provided in the "Contact Us" section below. We will verify your identity before processing your request and respond within the timeframes required by applicable law (typically 30 days).

Marketing Opt-Out: You can opt out of marketing communications by clicking the unsubscribe link in our emails or by contacting us directly.

Security Measures

We implement robust technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. Our security measures include:

• Encryption of data in transit and at rest using industry-standard protocols

• Access controls and authentication requirements for our systems

• Regular security assessments and penetration testing

• Employee training on data protection and security practices

• Incident response procedures to address potential security breaches

• Physical security controls for our facilities and equipment

While we strive to protect your information using industry-standard security measures, no method of transmission or storage is 100% secure. We cannot guarantee absolute security but are committed to maintaining appropriate safeguards.

International Data Transfers

Transform AI operates globally, and your information may be transferred to and processed in countries other than your country of residence. When we transfer personal information across borders, we ensure appropriate safeguards are in place to protect your information in accordance with applicable data protection laws.

For transfers from the European Economic Area (EEA) or United Kingdom, we rely on adequacy decisions, Standard Contractual Clauses, or other approved transfer mechanisms to ensure your information receives adequate protection.

Children's Privacy

Our services are not directed to children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information promptly.

Data Breach Notification

In the event of a data breach that poses a risk to your personal information, we will:

• Assess the breach and take immediate steps to contain it

• Notify affected individuals without undue delay and within 72 hours where required by law

• Notify relevant regulatory authorities as required by applicable law

• Provide clear information about the nature of the breach and steps being taken to address it

• Implement additional safeguards to prevent similar incidents

Third-Party Links and Services

Our services may contain links to third-party websites, applications, or services that are not operated by us. This Privacy Policy does not apply to these third-party services. We encourage you to review the privacy policies of any third-party services you access through our platform.

Updates to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or other operational reasons. When we make material changes, we will:

• Post the updated Privacy Policy on our website

• Update the "Effective Date" at the top of this policy

• Notify you by email or through our platform if the changes significantly affect how we handle your personal information

• Obtain your consent where required by applicable law

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Privacy Contact: security@transform.ai

Data Protection Officer: security@transform.ai

Mailing Address:
Transform AI
125 Park Avenue, 25th Floor, New York, NY 10017

Response Time: We respond to privacy-related inquiries within 10 business days and work to resolve concerns promptly.

Dispute Resolution

If you have concerns about our privacy practices that we cannot resolve through direct communication, you may have the right to lodge a complaint with your local data protection authority. We are committed to working with appropriate regulatory authorities to resolve any privacy-related disputes.

Applicable Laws and Compliance

This Privacy Policy is designed to comply with applicable privacy laws and regulations, including:

• General Data Protection Regulation (GDPR)

• California Consumer Privacy Act (CCPA) / California Privacy Rights Act (CPRA)

• SOC 2 Privacy Criteria

• Personal Information Protection and Electronic Documents Act (PIPEDA)

• Other applicable state, national, and international privacy laws