Privacy Policy
1. Introduction and Overview
This Privacy Policy explains how ApexyAI ("we," "our," "us," or "the Owner") collects, uses, shares, and protects your personal information. This policy applies to all users of our website, applications, services, and products (collectively, the "Services").
By accessing or using our Services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, please do not use our Services.
For any questions about this Privacy Policy or our privacy practices, please contact our Data Protection Officer at privacy@apexyai.com
2. Information Collection
2.1 Categories of Personal Information
We collect and process the following categories of personal information:
- Identity Information (name, username, title)
- Contact Information (email address, phone number, postal address)
- Account Information (login credentials, preferences)
- Technical Information (IP address, browser type, device information)
- Usage Information (interaction with Services, access times)
- Communication Information (correspondence, feedback)
- Payment Information (transaction details, billing address)
- Marketing Information (preferences, survey responses)
2.2 Collection Methods
We collect personal information through:
- Direct interactions (when you create an account or contact us)
- Automated technologies (cookies, server logs)
- Third-party sources (business partners, analytics providers)
- Public sources (publicly available databases)
2.3 Legal Basis for Collection
We collect and process your personal information only when we have a legal basis to do so, including:
- Your explicit consent
- Performance of a contract
- Compliance with legal obligations
- Protection of vital interests
- Legitimate business interests
3. Use of Information
3.1 Primary Purposes
We use your personal information for the following purposes:
- Providing and maintaining our Services
- Processing your transactions
- Managing your account and preferences
- Communicating with you about our Services
- Improving our Services and user experience
- Protecting our legal rights and preventing misuse
- Complying with legal obligations
3.2 Secondary Purposes
With your consent, we may also use your information for:
- Marketing communications
- Market research and analytics
- Personalization of Services
- Development of new products and features
4. Data Security and Protection
4.1 Security Measures
We implement appropriate technical and organizational security measures to protect your personal information, including:
- Encryption of data in transit and at rest
- Firewalls and intrusion detection systems
- Access control and authentication mechanisms
- Regular security assessments and audits
- Employee training on data protection
- Physical security measures for our facilities
4.2 Data Breach Procedures
In the event of a data breach that affects your personal information, we will:
- Notify affected users without undue delay
- Provide details about the breach and its potential impact
- Inform relevant supervisory authorities as required by law
- Take measures to mitigate potential adverse effects
5. Data Sharing and Transfers
5.1 Categories of Recipients
We may share your personal information with:
- Service providers and business partners
- Payment processors and financial institutions
- Analytics and advertising providers
- Legal and professional advisers
- Law enforcement or regulatory authorities
- Potential buyers or investors (in case of corporate transaction)
5.2 International Transfers
When we transfer personal information outside your jurisdiction, we ensure appropriate safeguards are in place, including:
- Standard contractual clauses approved by relevant authorities
- Adequacy decisions issued by data protection authorities
- Binding corporate rules for intra-group transfers
- Data transfer impact assessments
6. Data Retention and Deletion
6.1 Retention Periods
We retain personal information for as long as necessary to:
- Provide our Services and fulfill contractual obligations
- Comply with legal and regulatory requirements
- Resolve disputes and enforce agreements
- Protect our legitimate business interests
6.2 Deletion Procedures
When personal information is no longer needed:
- It will be securely deleted or anonymized
- Backup copies will be overwritten according to our retention schedule
- Third-party service providers will be instructed to delete relevant data
- Physical documents will be securely shredded
7. Your Privacy Rights
7.1 Core Rights
You have the following rights regarding your personal information:
- Right to access your personal information
- Right to rectify inaccurate information
- Right to erasure ('right to be forgotten')
- Right to restrict processing
- Right to data portability
- Right to object to processing
- Rights related to automated decision-making
7.2 Exercise of Rights
To exercise your rights:
- Contact our Data Protection Officer
- Use our privacy dashboard (where available)
- Submit a request through our website
- Write to us at our postal address
We will respond to your request within one month, with possible extension of two additional months for complex requests.
8. International Data Transfers
We may transfer your personal information to countries other than your country of residence. When we do so, we implement appropriate safeguards in accordance with applicable data protection laws, including:
- Standard contractual clauses
- Data processing agreements
- Adequacy decisions
- Other legal mechanisms
9. Cookies and Tracking Technologies
9.1 Types of Cookies We Use
- Essential cookies (necessary for website functionality)
- Performance cookies (analytics and statistics)
- Functionality cookies (remember your preferences)
- Targeting/advertising cookies (personalized content)
9.2 Cookie Management
You can control cookies through:
- Browser settings
- Our cookie consent tool
- Third-party opt-out mechanisms
Note that blocking certain cookies may impact website functionality.
10. Children's Privacy
Our Services are not directed to children under 13 (or higher in some jurisdictions). We do not knowingly collect personal information from children.
10.1 Parental Rights
If you believe we have collected information from a child:
- Contact us immediately
- We will promptly delete the information
- We will investigate how the information was collected
11. Jurisdiction-Specific Privacy Rights
11.1 European Union (GDPR)
Additional rights for EU residents include:
- Right to withdraw consent
- Right to lodge a complaint with supervisory authorities
- Right to object to automated decision-making
- Right to data portability in machine-readable format
11.2 California Privacy Rights (CCPA/CPRA)
California residents have additional rights:
- Right to know what personal information is collected
- Right to delete personal information
- Right to opt-out of personal information sales
- Right to non-discrimination for exercising rights
- Right to limit use of sensitive personal information
11.3 Other Jurisdictions
We comply with privacy laws in all jurisdictions where we operate. Contact us for specific information about your jurisdiction.
12. Changes to Privacy Policy
We may update this Privacy Policy to reflect:
- Changes in our practices
- New regulatory requirements
- Improved privacy protections
- New features or services
We will notify you of material changes through:
- Email notifications
- Website announcements
- In-app notifications
13. Third-Party Services and Links
Our Services may contain links to third-party websites or services that are not owned or controlled by us. We are not responsible for the privacy practices of these third parties.
13.1 Third-Party Service Providers
We may use third-party service providers for:
- Analytics services
- Payment processing
- Email and communication services
- Hosting and infrastructure
- Customer support
- Marketing and advertising
14. Data Protection Impact Assessments
We conduct data protection impact assessments (DPIAs) when:
- Implementing new technologies
- Processing sensitive personal information
- Conducting large-scale data processing
- Engaging in automated decision-making
15. Employee Training and Compliance
We maintain a comprehensive data protection training program for our employees, including:
- Regular privacy and security training
- Data handling procedures
- Incident response protocols
- Compliance requirements
16. Definitions
Personal Data/Information
Any information relating to an identified or identifiable natural person.
Processing
Any operation performed on personal data, whether automated or not.
Data Controller
The entity that determines the purposes and means of processing personal data.
Data Processor
The entity that processes personal data on behalf of the data controller.
17. Legal References
This privacy policy has been prepared based on provisions of multiple legislations, including:
- The General Data Protection Regulation (GDPR)
- The California Consumer Privacy Act (CCPA)
- The California Privacy Rights Act (CPRA)
- The Brazilian General Data Protection Law (LGPD)
- Other applicable state and international privacy laws
Last updated: 11/20/2024
For questions about this Privacy Policy, please contact us at privacy@apexyai.com
18. System Logs and Maintenance
For operation and maintenance purposes, this Application and any third-party services may collect files that record interaction with this Application (System logs) or use other Personal Data (such as the IP Address) for this purpose.
19. Legal Action
The User's Personal Data may be used for legal purposes by the Owner in Court or in the stages leading to possible legal action arising from improper use of this Application or the related Services. The User declares to be aware that the Owner may be required to reveal personal data upon request of public authorities.
Owner and Data Controller
In order to receive information about your Personal Data, the purposes and the parties the Data is shared with, contact the Owner.
Types of Data Collected
The owner does not provide a list of Personal Data types collected. Complete details on each type of Personal Data collected are provided in the dedicated sections of this privacy policy or by specific explanation texts displayed prior to the Data collection.
Personal Data may be freely provided by the User, or, in case of Usage Data, collected automatically when using this Application.
Unless specified otherwise, all Data requested by this Application is mandatory and failure to provide this Data may make it impossible for this Application to provide its services.
Mode and Place of Processing the Data
Methods of Processing
The Owner takes appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the Data.
Place
The Data is processed at the Owner's operating offices and in any other places where the parties involved in the processing are located.
Retention Time
Unless specified otherwise in this document, Personal Data shall be processed and stored for as long as required by the purpose they have been collected for and may be retained for longer due to applicable legal obligation or based on the Users’ consent.
Cookie Policy
This Application uses Trackers. To learn more, Users may consult the Cookie Policy.
Further Information for Users
Legal Basis of Processing
The Owner may process Personal Data relating to Users if one of the following applies:
- Users have given their consent for one or more specific purposes.
- Provision of Data is necessary for the performance of an agreement with the User and/or for any pre-contractual obligations thereof;
- Processing is necessary for compliance with a legal obligation to which the Owner is subject;
- Processing is related to a task that is carried out in the public interest or in the exercise of official authority vested in the Owner;
- Processing is necessary for the purposes of the legitimate interests pursued by the Owner or by a third party.
The Rights of Users
Users may exercise certain rights regarding their Data processed by the Owner.
- Withdraw their consent at any time.
- Object to processing of their Data.
- Access their Data.
- Verify and seek rectification.
- Restrict the processing of their Data.
- Have their Personal Data deleted or otherwise removed.
- Receive their Data and have it transferred to another controller.
- Lodge a complaint.
Further Information for Users in Switzerland
This section applies to Users in Switzerland, and, for such Users, supersedes any other possibly divergent or conflicting information contained in the privacy policy.
Further Information for Users in Brazil
This section of the document integrates with and supplements the information contained in the rest of the privacy policy and is provided by the entity running this Application and, if the case may be, its parent, subsidiaries and affiliates.
Further Information for Users in the United States
This part of the document integrates with and supplements the information contained in the rest of the privacy policy and is provided by the business running this Application and, if the case may be, its parent, subsidiaries and affiliates.
Additional Information about Data Collection and Processing
The User's Personal Data may be used for legal purposes by the Owner in Court or in the stages leading to possible legal action arising from improper use of this Application or the related Services.
Changes to this Privacy Policy
The Owner reserves the right to make changes to this privacy policy at any time by notifying its Users on this page and possibly within this Application and/or - as far as technically and legally feasible - sending a notice to Users via any contact information available to the Owner.
Definitions and Legal References
This privacy statement has been prepared based on provisions of multiple legislations.