Privacy Policy

Effective Date: 1 January 2025

Introduction

Axtraction AI ("we," "us," or "our") is committed to protecting the privacy of your information. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our Document AI SaaS platform (the "Service"). The Service includes a management platform for account and settings management, and customer-specific APIs for accessing our AI processing capabilities. Each customer has their own API endpoint(s) for accessing different AI models. By using the Service, you agree to the terms of this Privacy Policy.

Information We Collect

We collect the following types of information:

Information You Provide Directly (Management Platform)

  • Account Information: When you register for an account, we collect your name, email address, password, and company information. This information is provided through our management platform.
  • Payment Information: If you subscribe to a paid plan, we collect payment information, such as credit card details, through our payment processor. We do not store your full credit card details on our servers.
  • User Input (Platform): We collect any information you input into the management platform, such as settings, preferences, or other configurations.
  • Communication Data: We collect information when you contact us for support or feedback, including your name, email address, and the content of your communication.

Information You Provide Directly (AI API)

  • Uploaded Documents: We collect the documents you upload to the Service for processing via your customer-specific AI API endpoint(s). This may include text, images, and other data contained within the documents.
  • User Input (API): We collect any information you provide through your customer-specific AI API endpoint(s), such as parameters, configurations, or metadata associated with your document processing requests.

Information We Collect Automatically

  • Platform Usage Data: We collect information about how you use the management platform, such as the features you use, the pages you visit, and the frequency of your interactions.
  • API Usage Data: We collect information about how you use the Service through your customer-specific AI API endpoint(s), such as the API endpoints you access, the types of requests you make, and the frequency of your API calls.
  • Device Information: We collect information about the device or server making API requests, such as the IP address, user-agent string, and other relevant identifiers. We also collect device information when you access the management platform, such as your IP address, browser type, operating system, and device identifiers.
  • Cookies and Tracking Technologies: We may use cookies and similar tracking technologies on our management platform to collect information about your browsing activity. This may include session cookies, persistent cookies, and web beacons.

How We Use Your Information

We use your information for the following purposes:

  • Providing the Service: To operate, maintain, and improve the Service, including the management platform and the customer-specific AI APIs. This includes processing your documents via your API endpoint(s), providing analysis, delivering results, and managing your account and settings.
  • Account Management: To create and manage your account, process payments, and provide customer support.
  • Communication: To communicate with you about your account, updates to the Service, and promotional offers (with your consent).
  • Analytics and Research: To analyze platform and API usage patterns, conduct research, and improve the Service's performance and functionality.
  • Legal Compliance: To comply with applicable laws, regulations, and legal processes.
  • Security: To protect the security and integrity of the Service and our users' data, including monitoring platform and API usage for suspicious activity.

Data Security

We take the security of your information very seriously and implement robust measures to protect it from unauthorized access, use, or disclosure. These measures include:

  • Public Cloud Infrastructure: Our Service is hosted on a secure and reputable public cloud infrastructure. This infrastructure provides robust physical and network security, as well as advanced data protection capabilities.
  • API Security: We implement industry-standard security measures to protect our customer-specific AI APIs, including authentication, authorization, and rate limiting. We also use encryption to protect data transmitted via the API.
  • Platform Security: We implement security measures to protect the management platform, including access controls, regular security audits, and vulnerability assessments.
  • Encryption: We use industry-standard encryption protocols to protect your data both in transit (using TLS/SSL) and at rest. This ensures that your data is protected from unauthorized interception and access.
  • Access Controls: We implement strict access controls, limiting access to your information to authorized personnel only. Access is granted on a need-to-know basis and is regularly reviewed.
  • Regular Security Audits: We conduct regular security audits and vulnerability assessments, both internally and through qualified third-party security experts, to identify and address potential vulnerabilities in our systems and processes.
  • Data Backup and Recovery: We maintain regular backups of your data to prevent data loss and ensure business continuity. Our backup and recovery procedures are designed to minimize downtime in the event of a system failure or other incident.
  • Compliance with Industry Standards: We are committed to adhering to globally recognized security standards and best practices. We are actively working towards achieving and maintaining compliance with standards such as ISO 27001, which demonstrates our commitment to establishing, implementing, maintaining, and continually improving our information security management system. We also follow other relevant industry standards and guidelines to ensure the highest level of data protection.
  • Employee Training: We provide regular security awareness training to our employees to ensure they understand their responsibilities in protecting your data.

Data Retention

We retain your information for a period of 12 months from the date of collection, unless you have opted out of data storage as described below. After this period, your data will be securely deleted. We may retain anonymized or aggregated data indefinitely for research and analytical purposes.

Opt-Out of Data Storage

You have the option to opt-out of storing your uploaded documents and associated data. If you choose this option, your document will be processed by our AI via your customer-specific AI API endpoint(s), the results will be returned to you, and all information related to the document will be immediately and permanently deleted from our systems after processing. This option can be selected within your account settings or during the document upload process.

Your Rights

Depending on your location, you may have certain rights regarding your personal information, including:

  • Right to Access: You have the right to request access to the personal information we hold about you.
  • Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal information.
  • Right to Erasure: You have the right to request that we delete your personal information, subject to certain exceptions.
  • Right to Restriction of Processing: You have the right to request that we restrict the processing of your personal information under certain circumstances.
  • Right to Data Portability: You have the right to receive your personal information in a structured, commonly used, and machine-readable format.
  • Right to Object: You have the right to object to the processing of your personal information under certain circumstances.
  • Right to Withdraw Consent: If we rely on your consent to process your personal information, you have the right to withdraw your consent at any time.

To exercise these rights, please contact us using the contact information provided below.

International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws than your country. We will take appropriate measures to ensure that your information is protected in accordance with this Privacy Policy.

For users located in the European Economic Area (EEA), the United Kingdom, and Switzerland, your personal data will be stored and processed within the European Union (EU).

Children's Privacy

Our Service is not intended for use by children under the age of 18. We do not knowingly collect personal information from children. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us immediately.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time. We will post any changes on this page and update the "Effective Date" at the top of the policy. We encourage you to review this Privacy Policy periodically. Your continued use of the Service after any changes to this Privacy Policy constitutes your acceptance of the changes.

Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices,
please contact us at: legal@axtraction.ai