Join Early Access & Unlock the AI Readiness Assessment

Tell us a bit about your organization so we can prepare the right experience.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Privacy Policy

Your privacy matters to us. This Privacy Policy explains how Aivilo Technologies Inc. ("Aivilo," "we," "us," or "our") collects, uses, shares, and protects information when you use our products, services, and websites (collectively, the "Services").

This Policy applies to Personal Information we process in our role as a controller (e.g., for business contacts) or processor (e.g., Customer Content under our Master Services Agreement). It does not apply to data we process on behalf of customers as a service provider, which is governed by our Data Processing Agreement and customer instructions.

By accessing or using our Services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree, please do not use our Services.

For purposes of this Policy, "Personal Information" (or "Personal Data") means any information relating to an identified or identifiable individual, as defined under applicable laws such as the EU General Data Protection Regulation (GDPR), the UK GDPR, the California Consumer Privacy Act as amended by the California Privacy Rights Act (collectively, CCPA/CPRA), and other US state privacy laws (e.g., those in Colorado, Virginia, Connecticut, Utah, Delaware, Nebraska, Minnesota, Maryland, and others effective in 2025 or later). "Sensitive Personal Information" refers to categories like health, biometric, racial, ethnic, financial, or precise geolocation data, as defined under these laws.

1. Information We Collect

We collect only the information necessary to provide and improve our Services.

1.1 Information You Provide

We collect business contact and account information that you or your employer provide to us in a professional context, such as:

  • Name, business email address, job title, company name, and phone number.
  • Account credentials and communications with us (for example, support requests or billing correspondence).

1.2 Information We Collect Automatically

When you use our Services or visit our websites, we may automatically collect:

Usage Data: technical and analytical information such as IP address, browser type, device identifiers, and interaction logs. This may include aggregated or de-identified data for analytics; we do not track individuals across unaffiliated sites.

Cookies and Analytics: We use only essential cookies and similar technologies (e.g., local storage) that are strictly necessary for the functionality and security of our Services. These include session cookies to maintain user sessions, authentication cookies to verify login status, and security cookies to prevent fraud and protect against unauthorized access. We do not use non-essential cookies, such as those for marketing, analytics, or third-party tracking. Essential cookies do not require your consent, as they enable core features like navigation and access to secure areas. You can manage or disable cookies through your browser settings (e.g., by blocking or deleting them), but doing so may impair Service functionality. We do not share cookie data with third parties except as necessary for Service provision (e.g., with our cloud hosting providers), and all such sharing is governed by data protection agreements.

1.3 Customer Content

We process data you upload (e.g., AI models, datasets) solely as a processor, not for our own purposes, in accordance with our agreements.

1.4 No Sensitive or Children's Data

We do not collect Sensitive Personal Information (e.g., health, biometric, racial, or financial data) or information from children under 16. If such data is inadvertently provided, we will delete it upon discovery.

2. How We Use Information

We use the information we collect for legitimate business purposes, including to:

  • Provide, operate, and maintain the Services.
  • Communicate with customers about accounts, support, and updates.
  • Improve and develop new features, products, and offerings.
  • Ensure the security and integrity of our systems.
  • Comply with applicable laws, regulations, and contractual obligations.

We process Personal Information based on: (a) performance of a contract (e.g., providing Services); (b) legitimate interests (e.g., security, improvements); or (c) consent where required.

For AI-related processing (e.g., analytics in our Services), we comply with applicable regulations such as the EU AI Act (e.g., transparency requirements effective August 2025 for general-purpose AI). We do not use Customer Content to train AI models without explicit consent.

We do not sell Personal Data or use it for targeted advertising.

3. How We Share Information

We share information only as necessary to operate our business. Categories of recipients include:

  • Affiliates: For internal operations.
  • Service Providers: Trusted third-party providers (such as cloud hosting like AWS, analytics, and customer support) to help us deliver the Services.
  • Legal Requirements: We may disclose information if required by law or in response to valid legal requests.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, information may be transferred in accordance with this Privacy Policy.

No sharing qualifies as "selling" or "sharing" under CCPA/CPRA or similar US state laws. We do not share for cross-context behavioral advertising.

All third-party providers are bound by confidentiality and data protection obligations consistent with applicable laws.

4. Data Storage and Security

We host data on secure cloud infrastructure (e.g., AWS) using administrative, technical, and physical safeguards designed to protect against unauthorized access, disclosure, or destruction. Our measures include encryption, access controls, and compliance with certifications like SOC 2 Type I (implemented; Type II in progress for Q1 2026).

While no system can guarantee absolute security, we maintain policies and controls consistent with industry standards.

5. Data Retention

We retain Personal Information only for as long as necessary based on the following criteria:

  • Business contact data: For the duration of our relationship plus 2 years for legal purposes.
  • Usage Data: For up to 3 years for analytics, then anonymized.
  • Billing data: For up to 7 years to comply with tax laws.
  • Other data: As required to provide and support the Services, comply with legal obligations, resolve disputes, and enforce our agreements.

When information is no longer needed, it is securely deleted or anonymized. Specific periods may vary by purpose and jurisdiction.

6. International Transfers

We may process and store Personal Information in the United States or other jurisdictions where we or our service providers operate. For transfers from the EU/UK, we use Standard Contractual Clauses or the UK Addendum, or equivalent mechanisms, to ensure adequate protection.

7. Your Rights and Choices

Depending on your jurisdiction and our role (controller or processor), you may have rights under applicable laws, including:

  • Under GDPR/UK GDPR: Access, rectification, erasure, restriction, objection, portability.
  • Under CCPA/CPRA and similar US state laws: Know (access), delete, correct, opt-out of sale/sharing, limit use of Sensitive Personal Information, non-discrimination.
  • For automated decision-making in AI features: Rights to explanation and human review where applicable.

You may exercise these rights by contacting us at privacy@aivilo.ai. We will verify your identity and respond within 30 days (GDPR/UK GDPR) or 45 days (CCPA/CPRA and US state laws), or as required by law.

We honor Global Privacy Control (GPC) signals and Do Not Track requests for applicable opt-outs.

California residents may file complaints with the California Privacy Protection Agency.

For EU/UK inquiries, contact our Data Protection Officer at dpo@aivilo.ai.

8. California-Specific Disclosures

In the past 12 months, we have collected the following categories of Personal Information: identifiers (e.g., name, email), professional information (e.g., job title), internet activity (e.g., Usage Data). We collected this for purposes described in Section 2. We have not sold or shared Personal Information. Retention periods are as described in Section 5.

9. Updates to This Policy

We may update this Privacy Policy from time to time. If we make material changes affecting your rights, we will notify you by email or prominent website notice, in addition to posting the updated version on our website with a new effective date.

Your continued use of the Services after an update constitutes acceptance of the revised Privacy Policy.

10. Contact Us

If you have questions or concerns about this Privacy Policy or our privacy practices, please contact us at:

Aivilo Technologies Inc.

Attn: Privacy Team

424 31st StreetNewport Beach, CA 92663

privacy@aivilo.ai

https://www.aivilo.ai/privacy-policy