Privacy Policy

1. Information We Collect

1.1 Information You Provide Directly

We collect information you provide when you interact with us, including:

• Account Information: Name, email address, company name, job title, and password when you create an account or sign up for our services.
• Contact Information: Name, email, phone number, and message content when you submit a contact form or request a demo.
• Payment Information: Billing address and payment method details processed securely through our third-party payment processor (Stripe). We do not store raw credit card numbers.
• Profile Information: Any additional information you choose to add to your account profile.
• Communications: Records of your communications with our support team, including emails, chat logs, and support tickets.

1.2 Information Collected Automatically

When you visit our website or use our products, we automatically collect:

• Usage Data: Pages visited, features used, time spent, clickstreams, and interaction data within our platform.
• Device & Technical Data: IP address, browser type and version, operating system, device identifiers, screen resolution, and referring URLs.
• Log Data: Server logs including access times, error logs, and API request details.
• Location Data: General geographic location derived from your IP address (country and city level — not precise location).

1.3 Customer Data You Upload

When you use our AI platforms, you may upload or connect data from your own systems ("Customer Data"). This may include proprietary business data, customer records, or other sensitive information. We process this data solely to provide our services to you and in accordance with our Data Processing Agreement (DPA).

2. How We Use Your Information

We use the information we collect to:

• Provide and operate our Services: Deliver the AI products and services you have subscribed to, process transactions, and manage your account.
• Improve and develop our Services: Analyze usage patterns to identify bugs, enhance existing features, and develop new capabilities. Aggregate, de-identified data may be used for model improvement.
• Communicate with you: Send service updates, security alerts, billing notifications, and respond to support requests.
• Marketing and promotional communications: With your consent where required, send newsletters, product updates, and promotional content. You may opt out at any time.
• Security and fraud prevention: Monitor for unauthorized access, fraudulent activity, and compliance with our Terms of Service.
• Legal obligations: Comply with applicable laws, regulations, court orders, or legal processes.
• Analytics and research: Understand how our products are used to make data-driven product decisions.

We rely on the following legal bases for processing under applicable law: performance of contract, legitimate business interests, your consent, and compliance with legal obligations.

3. How We Share Your Information

We do not sell your personal information. We share information only in the following circumstances:

• Service Providers: Trusted third-party companies that help us operate our business (cloud hosting, payment processing, email delivery, analytics, customer support tools). These providers are contractually bound to protect your information.
• Business Transfers: If Axiomize is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our website prior to any such transfer.
• Legal Requirements: When required by law, subpoena, court order, or governmental authority, or to protect the rights, property, and safety of Axiomize, our clients, or others.
• With Your Consent: When you have explicitly authorized us to share your information for a specific purpose.
• Aggregated/De-identified Data: We may share aggregated, anonymized data that cannot reasonably identify you for industry research, benchmarking, or marketing purposes.

4. Data Retention

We retain personal information for as long as necessary to provide our Services and fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.

• Account Data: Retained for the duration of your account plus 90 days after account closure, unless otherwise required by law.
• Customer Data: Retained for the duration of your service subscription. Upon termination, we delete or return Customer Data within 30 days, subject to legal hold obligations.
• Contact Form & Marketing Data: Retained for up to 3 years from last interaction.
• Log Data: Retained for up to 12 months for security and operational purposes.
• Financial Records: Retained for 7 years to comply with tax and accounting regulations.

After the applicable retention period, we securely delete or anonymize your personal information.

5. Data Security

We implement industry-leading security measures to protect your personal information, including:

• AES-256 encryption for data at rest
• TLS 1.3 encryption for all data in transit
• Multi-factor authentication (MFA) options for all accounts
• Role-based access controls and least-privilege principles
• Regular penetration testing and security audits
• SOC 2 Type II compliance program
• 24/7 security monitoring and incident response
• Employee security training and background checks

While we employ robust security practices, no method of electronic transmission or storage is 100% secure. In the event of a data breach affecting your information, we will notify you as required by applicable law.

6. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

• Right to Access: Request a copy of the personal information we hold about you.
• Right to Correction: Request correction of inaccurate or incomplete personal information.
• Right to Deletion: Request deletion of your personal information, subject to certain legal exceptions.
• Right to Data Portability: Request your data in a structured, machine-readable format.
• Right to Object: Object to certain types of processing, including direct marketing.
• Right to Restrict Processing: Request that we limit how we use your data in certain circumstances.
• Right to Withdraw Consent: Where processing is based on consent, withdraw your consent at any time without affecting the lawfulness of prior processing.
• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.

California residents may have additional rights under the California Consumer Privacy Act (CCPA/CPRA). Wyoming residents are protected under the Wyoming Consumer Protection Act. To exercise any of these rights, please contact us at abbey@axiomize.org. We will respond within 30 days.

7. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience and gather analytics data. Types of cookies we use:

• Essential Cookies: Required for the website and platform to function properly. Cannot be disabled.
• Analytics Cookies: Help us understand how visitors use our site (e.g., pages viewed, time spent). We use privacy-preserving analytics tools.
• Preference Cookies: Remember your settings and preferences for future visits.
• Marketing Cookies: Used to deliver relevant advertising and track campaign effectiveness. Only deployed with your consent.

You can manage cookie preferences through your browser settings or our cookie consent banner. Note that disabling certain cookies may affect website functionality.

We honor "Do Not Track" signals where technically feasible.

8. Third-Party Services

Our website and products may contain links to or integrations with third-party services. These services have their own privacy policies, and we are not responsible for their privacy practices. We encourage you to review the privacy policies of any third-party services you connect to Axiomize.

Our primary third-party service providers include:

• Cloudflare: Infrastructure, security, and content delivery
• Stripe: Payment processing
• AWS / Google Cloud: Cloud infrastructure and data storage
• Intercom / Zendesk: Customer support
• Hubspot: CRM and marketing automation

Each provider is bound by data processing agreements aligned with applicable privacy laws.

9. Children's Privacy

Our Services are not directed at children under 16 years of age. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at abbey@axiomize.org and we will promptly delete such information.

10. International Data Transfers

Axiomize LLC is based in the United States (Wyoming). If you access our Services from outside the United States, your information may be transferred to, stored, and processed in the U.S. or other countries where our service providers operate.

For users in the European Economic Area (EEA), United Kingdom, or Switzerland, we ensure appropriate safeguards are in place for cross-border data transfers, including Standard Contractual Clauses (SCCs) as approved by the European Commission.

By using our Services, you consent to the transfer of your information to the United States and other jurisdictions that may have different data protection laws than your home country.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or for other business reasons. When we make material changes, we will:

• Update the "Last Updated" date at the top of this policy
• Notify registered users via email at least 30 days before the changes take effect
• Display a prominent notice on our website

Your continued use of our Services after any changes constitutes your acceptance of the updated Privacy Policy. We encourage you to review this policy periodically.

12. Contact Us