PRIVACY POLICY

2.1 Information You Provide to Us

• Account Information: When you register for an account, we collect your name, email address, password, job title, company name, and other information you provide during the registration process.
• Profile Information: Information you provide in your user profile, such as profile picture, department, role, and work-related preferences.
• Content and Communications: Any content you create, share, or upload through the Service, including messages, documents, comments, feedback, and other communications.
• Workspace Integration Data: Information from your integration with third-party services such as Slack, including team structure, channels, and user relationships.
• Payment Information: When you subscribe to our paid service, we collect billing details and payment information, though we use payment processors who handle the actual payment transactions.
• Customer Support: Information you provide when you contact us for support or other inquiries.

2.2 Information We Collect Automatically

When you use our Service, we automatically collect certain information about your device and usage, including:

• Device Information: Information about the devices you use to access our Service, including IP address, browser type and version, operating system, and device identifiers.
• Usage Data: Information about how you interact with our Service, including pages visited, features used, time spent, actions taken, and access timestamps.
• Log Data: Server logs, error reports, and system activity information.
• Cookies and Similar Technologies: We and our service providers use cookies, web beacons, and similar tracking technologies to collect information about your browsing activities. For more information, see Section 8 below.

2.3 Information from Third Parties

We may receive information about you from third parties, including:

• Business partners, such as integration platforms and resellers.
• Identity verification services.
• Service providers, such as payment processors and analytics providers.
• Third-party services that you connect to our Service (e.g., Slack, Microsoft Teams).

4.1 Providing, Maintaining, and Improving the Service

• Creating and managing your account
• Delivering the features and functionality you request
• Processing transactions and sending related information
• Providing customer support and responding to your inquiries
• Monitoring and analyzing usage patterns and trends
• Fixing bugs and resolving technical issues
• Developing new features and improvements

4.2 Personalization

• Tailoring the Service to your preferences and needs
• Remembering your settings and choices
• Providing personalized content and recommendations
• Customizing your experience based on your role, company size, and industry

4.3 Communication

• Sending administrative notifications, updates, and security alerts
• Providing information about features, releases, and system changes
• Sending marketing and promotional communications (with your consent where required)
• Conducting surveys and collecting feedback

4.4 Security and Protection

• Verifying your identity and authenticating access
• Detecting, preventing, and addressing fraud and security incidents
• Enforcing our Terms of Service and other legal rights
• Protecting against unauthorized access and misuse of the Service

4.5 AI and Machine Learning

• Powering AI features that provide insights, recommendations, and assistive functionality
• Developing and improving our machine learning models and algorithms
• Creating aggregated analytics and insights
• Enhancing natural language understanding and processing capabilities

For more details about how we use data for AI and machine learning, including opt-out options for AI-model training, see Section 7 below.

5.1 With Your Consent

We may share your information when you direct us to do so or explicitly consent to the sharing.

5.2 Within Your Organization

For organization accounts, information may be shared among authorized users within your organization according to your account settings and permissions.

5.3 With Service Providers

We share information with third-party vendors, consultants, and service providers who need access to your information to perform services on our behalf, such as:

• Cloud infrastructure providers that host our Service
• Payment processors that handle transactions
• Customer support and help desk systems
• Analytics providers to help us understand Service usage
• Security vendors that help protect our systems

These service providers are contractually obligated to use your information only as necessary to provide services to us and in accordance with this Privacy Policy.

5.4 For Business Transfers

If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of our assets, your information may be transferred as part of that transaction. We will notify you of any change in ownership or use of your personal information.

5.5 For Legal Reasons

We may disclose your information if we reasonably believe that disclosure is necessary to:

• Comply with applicable laws, regulations, legal processes, or governmental requests
• Enforce our Terms of Service and other agreements
• Protect the rights, property, or safety of Avery, our users, or others
• Detect, prevent, or address fraud, security, or technical issues

5.6 In Aggregated or De-identified Form

We may share aggregated or de-identified information that cannot reasonably be used to identify you with third parties for industry analysis, research, demographic profiling, and other similar purposes.

7.1 How We Use Data for AI

We use data in our Service for several AI-related purposes:

• Service Functionality: Processing your data to deliver the core AI capabilities of our Service, including generating insights, analyzing dependencies, and providing recommendations.
• Model Optimization: Improving our algorithms based on interactions with the Service to enhance accuracy, relevance, and performance.
• Model Training: Training and fine-tuning our AI models using aggregated and anonymized data derived from Service usage.

7.2 Protections for AI Training Data

When we use your data for AI model training, we apply the following safeguards:

• Data is aggregated and anonymized to remove identifying information
• We implement differential privacy techniques to prevent re-identification
• We exclude sensitive content and private information from training datasets
• We maintain strict access controls for training data and model development environments
• We regularly audit our training datasets and models for potential bias or inappropriate content

7.3 Enterprise AI Data Controls

For our enterprise customers, we offer additional AI data controls:

• AI Training Opt-out: Enterprise customers can opt out of having their data used for general AI model training while still receiving full Service functionality.
• Custom AI Models: Enterprise customers on eligible plans can request dedicated AI models trained specifically on their organization's data.
• Data Isolation: Enhanced data isolation to ensure that information from one customer is not used to inform AI responses for other customers.

Enterprise customers can set these preferences through their account settings dashboard or by contacting their account representative.

8.1 Types of Cookies We Use

We use cookies and similar tracking technologies (collectively, "Cookies") to enhance your experience with our Service. The types of Cookies we use include:

• Essential Cookies: Necessary for the Service to function properly, such as authentication, security, and basic functionality.
• Preference Cookies: Remember your settings and preferences to enhance your experience.
• Analytics Cookies: Help us understand how users interact with our Service to improve performance and usability.
• Marketing Cookies: Used to deliver relevant advertisements and track campaign effectiveness (with your consent where required).

8.2 Cookie Controls

Most web browsers allow you to control Cookies through their settings. You can:

• Block or delete Cookies through your browser settings
• Set your browser to notify you when you receive a Cookie
• Use private browsing modes to disable certain tracking

Note that blocking certain Cookies may impact your ability to use some features of our Service. For more information about Cookies and how to manage them, visit www.allaboutcookies.org.

8.3 Do Not Track

Some browsers transmit "Do Not Track" signals. We currently do not respond to these signals, as there is no consistent industry standard for compliance.

10.1 General Retention Principles

• Account information is retained for as long as your account remains active
• After account deactivation, we retain certain information for a limited period to comply with legal obligations, resolve disputes, and enforce agreements
• Usage data and logs are typically retained for shorter periods necessary for security, troubleshooting, and analytics

10.2 Enterprise Data Retention

For our enterprise customers, we offer customizable retention settings for different data types, allowing organizations to implement retention policies that align with their compliance and governance requirements.

10.3 Data Deletion

When information is no longer needed, we securely delete or anonymize it. Upon account termination, you can request deletion of your personal information, subject to our legal obligations and legitimate business needs to retain certain information.

11.1 Access and Control Rights

• Access: Request access to your personal information
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information (subject to exceptions)
• Restriction: Request restriction of processing of your information
• Portability: Request transfer of your information to you or a third party
• Objection: Object to processing based on legitimate interests or for direct marketing
• Consent Withdrawal: Withdraw consent at any time (where processing is based on consent)

11.2 How to Exercise Your Rights

You can exercise many of these rights directly through your account settings. For requests that cannot be handled through settings, please contact our Privacy Team at privacy@averyintel.com.

We will respond to your request within the timeframe required by applicable law (generally within 30 days). We may need to verify your identity before processing your request.

11.3 Additional Privacy Rights by Region

European Economic Area, United Kingdom, and Switzerland:

If you are located in the EEA, UK, or Switzerland, you have all the rights listed above under the General Data Protection Regulation (GDPR) or equivalent laws. You also have the right to lodge a complaint with your local data protection authority.

California, USA:

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), including:

• The right to know what personal information we collect, use, disclose, and sell
• The right to delete certain personal information
• The right to correct inaccurate personal information
• The right to opt-out of the sale or sharing of personal information
• The right to limit the use and disclosure of sensitive personal information
• The right to non-discrimination for exercising your rights

To exercise your California privacy rights, contact us at privacy@averyintel.com or visit our Do Not Sell or Share My Personal Information page.

Other Jurisdictions:

Additional rights may be available in other jurisdictions. Please contact us for more information about specific regional rights.

15.1 Data Processing Addendum

Where we process personal data on behalf of our enterprise customers, we do so under a Data Processing Addendum (DPA) that addresses the requirements of applicable data protection laws and establishes the respective rights and obligations of the parties.

15.2 Subprocessors

We maintain a current list of subprocessors that process customer data. Enterprise customers can request this list and subscribe to notifications of changes. In some cases, enterprise customers may have contractual rights to object to new subprocessors.

15.3 Enhanced Security & Compliance

Enterprise customers have access to enhanced security capabilities and compliance features, including:

• Advanced authentication options (SSO, SAML, SCIM)
• Detailed access controls and user permissions
• Audit logs and activity monitoring
• Custom data retention policies
• Security and privacy assessment documentation

15.4 Compliance Support

We provide additional documentation and support to help enterprise customers meet their compliance obligations under GDPR, CCPA, HIPAA (with BAA), and other applicable regulations.