Last updated 4 December, 2023

1. Data Collection and Use
   
   

2. Legal Compliance and Sharing
   
   

3. Data Retention and Security
   
   

4. User Rights and Choices
   
   

5. Policy Updates and Contact Information
   
   

6. Data Collection and Use
   
   

We collect the personal information you give us during registration, service engagement, or other interactions. This may include your name, contact details, passwords, payment information, and other necessary data. We do not process sensitive personal data. Payment information is handled by our payment processor, Stripe (privacy details at Stripe's Privacy Page).

Please ensure all provided information is accurate and current.

Automatically Collected Information

When you use our services, we automatically gather information like your IP address, browser and device specifics, operating system, and usage details. This data, which doesn’t directly identify you, helps in maintaining our service’s security and for internal analytics. We also use cookies and similar tracking technologies for data collection, as detailed in our Cookie Notice.

Processing Your Information

We process your data to manage accounts, provide services, support user inquiries, and ensure the safety of individuals. This processing is necessary for our service delivery, legal compliance, and our legitimate business interests.

Legal Basis for Processing (EU and UK Residents)

Under GDPR, we process your data based on consent, contractual necessity, legal obligations, or to protect vital interests. You have the right to withdraw consent at any time. Please contact us on Support@concision.ai for any questions.

Canadian User Provisions:

For our Canadian users, we process your personal data based on your clear consent for specific purposes, or where such consent is inferred from your actions. You have the freedom to withdraw this consent anytime.

Exceptions to Consent Requirement:

There are certain circumstances under Canadian law where we may process your data without consent:

• When immediate action is necessary for an individual's interest and timely consent is not feasible.

• For conducting investigations or detecting and preventing fraud.

• In the context of business transactions, given certain conditions are met.

• If the data is part of a witness statement necessary for evaluating, processing, or settling insurance claims.

• Identifying individuals who are injured, unwell, or deceased and contacting their family.

• If there’s a reasonable basis to believe someone is a victim of financial abuse.

• When obtaining consent might compromise the information’s availability or accuracy, and the collection is part of an investigation into a contract breach or legal infraction.

• If required by law for compliance with subpoenas, warrants, court orders, or legal proceedings.

• If the information is generated in a professional or business context and aligns with the purposes for which it was created.

• For journalistic, artistic, or literary objectives.

• If the information is publicly accessible as defined by regulations.
  
  

Sharing Your Personal Information

We may share your information during business transfers or with third parties in specific situations outlined in our detailed policy.

Retention of Your Information

Your data is retained as long as necessary for the purposes stated in this policy or as required by law. We delete or anonymize your information when it's no longer needed, or securely store it until deletion is feasible.

1. Legal Compliance and Sharing
   

Foundations for Data Processing

Our processing of your personal data is grounded in essential requirements and lawful justifications. These include obtaining your explicit agreement, adhering to legal mandates, providing contracted services, and protecting both your interests and ours. In regions governed by the GDPR (European Union and United Kingdom), our data handling complies with specified legal bases, namely user consent, contract fulfillment, adherence to legal requirements, and safeguarding critical individual interests.

Data Sharing Protocols

In specific instances, such as during corporate restructuring or negotiations, your data may be disclosed as part of business transitions.

Retention and Application of User Data

We maintain your personal data as long as it serves the purpose for which it was collected. This encompasses information obtained through direct user interactions, customer assistance endeavors, survey participation, and other service-related activities.

Interaction with Third-Party Service Providers

Our interaction with third-party service providers involves sharing your data under strict contractual guidelines. For a detailed account of these sharing practices, please refer to the dedicated section titled "Data Sharing Details."

Utilization of Personal Data for Internal Purposes

Our internal operations occasionally necessitate the use of your personal data, primarily for research and development purposes. This activity does not equate to the sale of your data. We affirm that there has been no sale, disclosure, or commercial sharing of user data in the preceding year, nor do we plan such actions in the foreseeable future.

Specific Provisions for California Residents

California law grants its residents unique rights concerning their personal information. These rights encompass the ability to request information about the types of personal data we have collected, used, and shared, as well as the right to request the deletion of their personal data.

Under the California Consumer Privacy Act (CCPA), residents have specific privileges, including the right to be informed about personal data collection, usage, and sharing, and the right to nondiscrimination when exercising privacy rights.

Verification and Response to User Requests

To address your privacy-related requests, we employ a verification process to confirm your identity, matching it with data previously provided to us. In exceptional cases, we might need additional information for thorough verification. If you contact us, please use the associated E-Mail-Address of your registered account.

Extended Privacy Rights

You reserve the right to oppose certain data processing activities, request modification of inaccurate data, or ask for restricted processing of your personal information. Under the CCPA, you may also designate a representative to act on your behalf. We commit to responding to opt-out requests from data sharing or selling within a fifteen-day window.

For privacy-related queries or to exercise your CCPA rights, you can reach us at support@concision.ai We are keen to address any concerns regarding our data handling practices and encourage you to reach out with any issues.

1. Data Retention and Security
   

Duration of Data Retention

Our policy is to retain your data only for the period necessary to serve the objectives stated in this privacy notice, except when extended storage is mandated or permitted by legal provisions, including but not limited to, requirements related to taxation, accounting, or other statutory regulations. We commit to not holding your personal information for any longer than the duration of your active account with us.

In instances where our operational needs for processing your personal data cease to exist, our approach is to proceed with either the deletion or anonymization of your data. However, in situations where immediate deletion is unfeasible, such as when your data is held within backup systems, we ensure that your personal data is securely stored and segregated from any processing activities until such time as deletion can be implemented.

Commitment to Data Security

Our goal is the steadfast protection of your personal information, upheld through a robust blend of technical and organizational security strategies. We have in place a series of carefully considered security protocols and measures intended to safeguard the personal data we handle. These measures are continuously reviewed and enhanced in line with technological advancements and evolving security standards.

It is important to acknowledge, however, that no method of digital data transmission or storage is impervious to breaches. Consequently, while we exert every effort to secure your personal data, the inherent vulnerabilities of the internet and digital storage technologies mean that absolute security cannot be unequivocally guaranteed. We strongly advise you to transmit and interact with your personal data in our Services within a secure and protected environment to further mitigate risks.

Remember, safeguarding your personal information is a shared responsibility. We are dedicated to doing our part by implementing rigorous security measures and encouraging you to be vigilant in maintaining the confidentiality of your data.

1. User Rights and Choices
   

Your Rights Regarding Personal Data

In various jurisdictions, including the European Economic Area (EEA), United Kingdom (UK), Switzerland, and Canada, data protection laws confer you with specific rights over your personal information. You have the flexibility to modify, access, or deactivate your account at any given time.

Residents of regions like the EEA, UK, Switzerland, and Canada are entitled under respective data protection laws to certain privileges. These include (i) the right to access and receive a copy of your personal data, (ii) the right to rectify or delete your data, (iii) the right to limit data processing, (iv) where applicable, the right to transfer data, and (v) the right to opt out of automated decisions. In specific situations, you may also object to how your personal data is processed. For making such requests, please reach out to us through the contact information listed in the "Contact Us" section of this notice.

We are committed to responding to and handling each request in line with relevant data protection regulations.

For EEA or UK residents who feel their personal data is being processed unlawfully, you are entitled to file a complaint with your local data protection authority or the UK data protection authority. Swiss residents may approach the Federal Data Protection and Information Commissioner.

Consent Withdrawal and Marketing Opt-Out

If we are processing your data based on your consent, which might be express or inferred depending on the law, you have the right to retract this consent at any point. Although withdrawal does not invalidate the processing done prior to it, it will cease further processing that relies solely on consent.

You can opt out of receiving marketing communications by clicking the unsubscribe link in our emails or by contacting us as detailed in the "Contact Us" section. While this removes you from marketing lists, we might still need to send you non-marketing communications related to your account, service requests, or other administrative purposes.

Account Information and Management

To review or modify your account information, simply log into your account settings. Should you decide to terminate your account, we will deactivate or delete it from our active databases. Nevertheless, some information may be retained in our records to prevent fraud, resolve issues, assist in investigations, uphold our legal terms, or comply with legal obligations.

Cookie Preferences

Your web browser likely accepts cookies by default, but you can modify your browser settings to reject or delete cookies. Be aware that this might impact the functionality of certain aspects of our Services.

Should you have any queries or comments about your privacy rights, feel free to contact us at support@concision.ai

Do-Not-Track (DNT) Settings

Many web browsers and some mobile operating systems offer a Do-Not-Track feature, allowing you to express a preference against your online browsing activities being tracked. Currently, no universal standard for DNT signals exists, and as such, we do not yet accommodate DNT signals or similar mechanisms. If future standards are established and applicable to us, we will update you on our practices in a revised privacy notice.

Accessing, Updating, or Deleting Your Data

Depending on the laws in your country, you may have the right to access, modify, or erase the personal information we have collected from you. To exercise these rights, please contact us at support@concision.ai

1. Policy Updates and Contact Information
   

Modifications to This Privacy Notice

We actively revise this privacy notice to align with evolving legal standards and best practices. The "Last Modified" date at the top of this document will reflect the most recent changes. Significant changes to our privacy practices will be communicated through prominent notifications on our website or direct messages to you. Regularly reviewing this notice will help you stay informed about how we safeguard your data.

Getting in Touch Regarding This Notice

For any inquiries or feedback about this privacy policy, you're welcome to reach out to us via email at Support@concision.ai. We value your thoughts and are committed to addressing your concerns about our privacy practices.

Policy Concerning Minors

Our stance is clear: we do not intentionally gather information from individuals under the age of 18. The Services are not designed for, nor do we direct them towards, minors. You affirm that you are over 18 years of age, or are a parent or guardian consenting on behalf of a minor dependent, when using our Services. Upon discovering that a user under 18 has provided us with personal data, we will take steps to deactivate their account and remove such information from our databases. Should you become aware of any such data collection from a minor, please inform us immediately at support@concision.ai

Parental Oversight for Minors

We strongly advocate for parental supervision and involvement in minors' online activities. If a minor (under the age of 18) has provided us with personal information without parental consent, we urge parents or guardians to contact us, so we can take necessary actions to remove such data from our systems.