Privacy Policy

Effective date:

April 25, 2024

Last updated:

April 25, 2024

This privacy policy (“Policy”) explains how Slashbit Inc. d/b/a Factors.ai or any of its affiliates or subsidiaries (“We”, “Us”, “Our”) Processes Personal Data collected from natural persons as specified in clause 2 below (“You”), as a Controller.

1. DEFINITIONS

Capitalised terms not specifically defined herein shall have the meaning ascribed thereto in the Agreement.

1.1 “Controller” means the natural or legal person, public authority, agency, or other body which alone or jointly with others, determines the purposes and means of the processing of Personal Data.

1.2 “Customer” means the natural or legal person that has subscribed to Services by agreeing to the Agreement.

1.3 “Personal Data” means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

1.4 “Process/Processing” means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

1.5 “Agreement” shall mean the Customer Agreement available here

2. HOW WE COLLECT, USE, AND SHARE YOUR PERSONAL DATA

2.1 PERSONAL DATA THAT YOU PROVIDE US

<table>
<thead>
<tr>
<th>When you are a(n)</th>
<th>What personal Data We collect</th>
<th>How We Use Your Personal Data</th>
<th>Whom We share Your Personal Data with</th>
</tr>
</thead>
<tbody>
<tr>
<td>Individual who subscribes to the Services and/or is provided with login credentials to sign in to Services on behalf of the Customer.</td>
<td>Your contact information, such as Your full name, email address, phone number, and employment information such as job title, department, and seniority in employment.</td>
<td>
<ul>
<li>Creation of an Authorized User account, verification of an Authorized User’s identity and help an Authorized User log into Services.</li>
<li>To communicate with an Authorized User regarding existing products and services availed by the Customer including notifications of any alerts or updates.</li>
<li>To send an Authorized User information about Our other products or services, events, webinars, or programs that may be of interest to such Authorized User.</li>
</ul>
</td>
<td>Third-party applications that assist us in creating Your Account, sending You notifications, and information about our products, services, webinars, etc.</td>
</tr>
<tr>
<td>Authorized User who provides certain information through the Services, while a) filling out a survey about their user experience or feedback, b) contacting Us or speaking to Our representatives.</td>
<td>Information You have provided as part of it.</td>
<td>
<ul>
<li>To improve Services.</li>
<li>To send information about Our products, services, and any other marketing messages which may be of Your interest.</li>
<li>To respond to Your comments, queries, or questions, if any.</li>
</ul>
</td>
<td>Third parties who assist Us in providing these services.</td>
</tr>
<tr>
<td>Individual who requests a demo.</td>
<td>Your contact information includes Your first and last name, email, and phone number.</td>
<td>
<ul>
<li>To give You the demo.</li>
<li>To inform, promote, and market Services to You.</li>
</ul>
</td>
<td>Third parties who assist Us in providing these services.</td>
</tr>
<tr>
<td>Individual who a) provides information by filling out forms on Our Website, or b) contacts Us or speaks to our sales representatives.</td>
<td>Information You have filled in or have submitted via the web forms or information You have provided in Your interaction with Us.</td>
<td>
<ul>
<li>To respond to Your queries, questions or requests.</li>
<li>To send information about Our products, services, and any other marketing messages which may be of Your interest.</li>
</ul>
</td>
<td>Third parties who assist Us in providing these services.</td>
</tr>
<tr>
<td>Authorized User who requests customer support services.</td>
<td>Your contact information such as Your name, email, and phone number.</td>
<td>
<ul>
<li>To respond to Your comments and questions and provide customer service.</li>
</ul>
</td>
<td>Third parties who assist Us in providing these services.</td>
</tr>
<tr>
<td>Individual who applies for an employment opportunity with Us.</td>
<td>Your contact information, such as full name, email address, mobile number, details of Your education and previous employment, and any other information You volunteer, including during any interview or Your interactions with Us and contained in the resume that You submit to Us.</td>
<td>
<ul>
<li>To evaluate You for any position that You have applied for or that We may consider You at the time that You submitted Your resume or at a later date.</li>
</ul>
</td>
<td>
<ul>
<li>Third parties whose products we use in maintaining a record of and evaluating You for the position applied.</li>
<li>With external recruiters and organizations like those that do reference or background checks on Our behalf.</li>
</ul>
</td>
</tr>
</tbody>
</table>

2.2 PERSONAL DATA THAT WE COLLECT NOT PROVIDED DIRECTLY BY YOU

<table>
<thead>
<tr>
<th>When you are a (n)</th>
<th>What personal Data We collect</th>
<th>How We Use Your Personal Data</th>
<th>Whom We share Your Personal Data with</th>
</tr>
</thead>
<tbody>
<tr>
<td>Website visitor</td>
<td>Internet Protocol (IP) addresses, geo-location based on IP address, operating system and browser information, and Your session activity including page views, time spent on each page, scrolling activity, and event data through first-party cookies.</td>
<td>
<ul>
<li>For market analysis and market research.</li>
<li>To protect Our data from threats, violations, and breaches if any.</li>
<li>To inform, promote and offer Services to You.</li>
</ul>
</td>
<td>Third parties who provide Us with services in connection with such processing.</td>
</tr>
<tr>
<td>Individual who subscribes to the Services using the third-party sign-on service or an Authorized User added by Our Customer</td>
<td>In case you register using any third-party sign-on services, such information is available on those third-party platforms that you have made public.</td>
<td>
<ul>
<li>Creation of an Authorized User account, verification of an Authorized User’s identity and help an Authorized User log into the Services.</li>
<li>To communicate with an Authorized User regarding existing products and services availed by the Customer including notifications of any alerts or updates.</li>
<li>To send an Authorized User information about Our other products or services, events, webinars, or programs that may be of interest to such Authorized User.</li>
</ul>
</td>
<td>Third-party applications that assist Us in creating Your Account, sending You notifications and information about our products, services, webinars, etc.</td>
</tr>
<tr>
<td>Authorized User using the Services</td>
<td>Information relating to Your use of or interaction with the Services, or query logs.</td>
<td>To develop, improve, support, and operate the Services.</td>
<td>Third parties who provide Us with services in connection with such processing.</td>
</tr>
<tr>
<td>Individual whose information (a) third-party sources share with Us through a valid agreement without breach of any confidentiality clause and with all necessary approvals and authorizations, in accordance with applicable law; or (b) is available on public platforms.</td>
<td>Your contact information, such as Your full name, email address, phone number, designation and business name, IP address, company-level information, and other unique identifiers which may be considered as Personal Data. We may combine this information with any Personal Data provided by You.</td>
<td>To update, expand, and analyze our records and create more tailored advertising to provide services that may be of interest to You.</td>
<td>Third-party partners who assist Us in such processing.</td>
</tr>
</tbody>
</table>

If You provide Us with any Personal Data relating to other individuals, You represent that You have the authority to do so, and where required, have obtained the necessary consent, and acknowledge that it may be used in accordance with this Policy. If You believe that Your Personal Data has been provided to Us improperly, please contact Us by using the information in clause 12 below.

2.3 In addition to the details provided in the table above, We may also share Your Personal Data with

an entity to which we divest all or a portion of Our business, or otherwise in connection with a merger, consolidation, change in control, reorganisation or liquidation of all or a portion of Our business.
Law enforcement authorities, government authorities, courts, dispute resolution bodies, regulators, auditors, and any party appointed or requested by applicable regulators to carry out investigations or audits of Our activities.
Professional advisors who advise and assist Us in enforcing Our contracts and policies, handling Our claims, effective management of Our company and in relation to any disputes We may become involved in.

3. LEGAL BASIS FOR PROCESSING (EEA REGION)

3.1 If You are a data subject from the European Economic Area, Our legal basis for collecting and using the Personal Data described above will depend on the Personal Data concerned and the specific context in which We collect it.

3.2 We will normally collect Personal Data from You only where it is needed to perform a contract with You, where the Processing is in Our legitimate interests and not overridden by Your data protection interests or fundamental rights and freedoms, or where We have Your consent. In some cases, We may also have a legal obligation to collect Personal Data from You. If We Process Personal Data with reliance on Your consent, You may withdraw Your consent at any time.

3.3 If You have questions or need further information concerning the legal basis on which We collect and use Your Personal Data, please contact Us using the contact details provided under clause 12.

4. INTERNATIONAL TRANSFER

4.1 We mainly Process Personal Data in the United States. However, We may transfer Personal Data outside the United States only for the purposes referred to in clause 2. We will ensure that the recipient of Your Personal Data offers an adequate level of protection that is at least comparable to that which is provided under applicable data protection laws.

4.2 If You are a resident of the European Economic Area and when Your Personal Data is Processed outside EEA, We will ensure that the recipient of Your Personal Data offers an adequate level of protection, for instance by entering into standard contractual clauses for the transfer of Personal Data as approved by the European Commission (Article 46 General Data Privacy Regulation, 2016), or We will ask You for Your prior consent to such international data transfers.

5. SECURITY OF PERSONAL DATA

We use appropriate technical and organizational measures to protect the Personal Data that We collect and Process. The measures We use are designed to provide a level of security appropriate to the risk of Processing Your Personal Data. If You have questions about the security of Your Personal Data, please contact Us using the contact details provided under clause 12.

6. RETENTION OF PERSONAL DATA

6.1 We will retain Your Personal Data for as long as reasonably necessary to provide You with Our Services that You request, for marketing purposes unless You opt out as described in this Policy, or otherwise where permitted or required in accordance with applicable law. We will retain and use Your Personal Data as necessary to comply with Our legal obligations, resolve disputes, and enforce Our agreements. What this means in practice will vary between different types of Personal Data, and when We consider Our approach, We take into account ongoing business or legal needs for the Personal Data, for example in relation to tax, health and safety, and potential or actual disputes or investigations.

6.2 In the absence of a need to retain Personal Data under clause 6.1 above, We will either delete it or aggregate it or, if this is not possible then We will securely store Your Personal Data and isolate it from any further processing until deletion is possible.

7. YOUR PRIVACY RIGHTS

7.1 You have the right to opt out of marketing communications We send You at any time. You can exercise this right by clicking on the “unsubscribe” or “opt-out” link in the marketing e-mails We send You. To opt out of other forms of marketing (such as postal marketing or telemarketing), please contact Us.

7.2 You are entitled to the following rights:

7.2.1 You can request access to your Personal Data.

7.2.2 You can request that We correct inaccurate Personal Data about You, subject to appropriate verification.

7.2.3 You may have the right to request that We delete Personal Data that We have collected from You, subject to certain exceptions.

7.2.4 If You are a resident of the EEA, UK, or Switzerland, You are also entitled to the following rights: You can object to the Processing of Your Personal Data, ask Us to restrict the Processing of Your Personal Data, or request portability of Your Personal Data.

7.2.5 If We have collected and processed Your Personal Data with Your consent, then You can withdraw Your consent at any time. Withdrawing Your consent will not affect the lawfulness of any processing We have conducted prior to Your withdrawal, nor will it affect Processing of Your Personal Data conducted in reliance on lawful processing grounds other than consent.

7.3 You have the right to appeal a decision We have made in connection with Your privacy rights request by contacting Us using the contact information provided in Clause 12. You also have the right to complain to a data protection authority about Our collection and use of Your Personal Data. For more information, please contact Your local data protection authority as specified by the applicable data protection laws.

7.4 If you are a resident of the U.S., You may have the right to opt-out of the sale or sharing of your Personal Data or the Processing of Your Personal Data for targeted advertising, where We work with third parties that provide advertising, analytics, or similar services that are considered a “sale,” “share,” or “targeted advertising” under the applicable data protection laws. To exercise Your right to opt-out, please use the link in our cookie banner or enable an opt-out preference mechanism in Your browser. Your request is specific to the device and browser that You use to submit Your opt-out preference.

7.5 If You seek to exercise Your rights under this clause, please contact Us at the details provided in clause 12. We will verify any requests before acting on the request and respond to all requests We receive from individuals wishing to exercise their data protection rights within a reasonable timeframe in accordance with applicable data protection laws.

7.5.1 We will not discriminate against You if you decide to exercise Your privacy rights.

7.5.2 Please note that, when appropriate, We may decline a request if We are unable to verify Your identity (or an agent’s authority to make the request) and confirm the Personal Data We maintain relates to You.

7.5.3 Only You, or someone legally authorized to act on Your behalf, may submit a request related to Your Personal Data. You may also submit a request on behalf of Your minor child. Where appropriate, You may authorize someone to make a request on Your behalf (an authorized agent). Authorized agents will need to demonstrate proof of authorization to act on Your behalf. We retain the right to request confirmation directly from You confirming that the agent is authorized to make such a request, or to request additional information to confirm the agent’s identity.

8. NOTICE FOR US RESIDENTS

8.1. Clause 8 applies to US residents and the Personal Data We collect as a business.

8.2. The categories of Personal Data We have collected in the twelve (12) months prior to the Effective Date and that We may collect include:

a. Identifiers such as a real name, alias, postal address, unique personal identifier, online identifier, internet protocol address, email address, account name, or other similar identifiers;

b. Personal Information such as education, employment, employment history;

c. Commercial Information such as transaction information, purchase information, financial details, and payment information;

d. Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an internet website, application, or advertisement; and

e. Inferences drawn from the above categories of Personal Data.

8.3. Disclosure of Personal Data. We have disclosed the categories of Personal Data listed in clause 8.2 above for a business purpose in the twelve (12) months prior to the Effective Date and may disclose such Personal Data to service providers or contractors or to any other third parties who support our business provided (a) they do not sell or share such Personal Data as such terms are defined in the applicable data protection laws or (b) retain, use or disclose such information for any purpose other than for the specific purpose of performing the services specified in our contract with them or (c) combine or update such information with any other information received directly by them. We do not sell or share (as the terms are defined in the applicable data protection laws) the Personal Data We collect without providing You a right to opt-out. We do not knowingly sell or share the Personal Data (as such terms are defined in the applicable data protection laws) of minors under the age of sixteen (16). We may sell or share the categories of Personal Data described in clause 8.2 for marketing purposes to business partners and third parties, such as data analytics providers, advertising technology vendors, and social media platforms.

9. COOKIE POLICY

9.1. Cookies are text files that are placed on Your computer to collect standard internet log information and visitor behaviour information by Us. When You visit the Website(s), We may collect Personal Data automatically from You through cookies or similar technology. We also set cookies to collect information that is used either in aggregate form to help Us understand how Our Website(s) is being used or how effective Our marketing campaigns are, to help customise the Website(s) for You or to make advertising messages more relevant to You.

9.2. Necessary Cookies: We set essential cookies that enable core functionality such as security, network management, and accessibility. You may not opt out of these cookies. However, You may disable these by changing Your browser settings, but this may affect how the Website(s) functions.

9.3. Statistics, Preference, and Marketing Cookies: We set these cookies to help Us improve Our Website(s) by collecting and reporting information on how You use it. The cookies collect information in a way that does not directly identify anyone.

9.4. When You visit the Website(s), a cookie banner will be displayed providing additional information about cookies and options to opt out of non-essential cookies as required by applicable laws.

10. PRIVACY OF CHILDREN

We recognize the importance of children's safety and privacy. We do not request, or knowingly collect, any Personal Data from children under the age of 18. If a parent or guardian becomes aware that his or her child has provided Us with Personal Data, they should write to Us at the email address provided in clause 12.

11. NOTICE TO END-USER AND OTHER EXCLUSIONS

11.1. Our Services are intended for use by businesses. Except for the Personal Data collected from You for the purposes mentioned under clause 2, this Policy is not applicable to Our Processing of any Personal Data transmitted by the Customer. We may receive End-Users’ Personal Data as a part of the Customer Data for which We will only act as a Processor and such Processing will be governed by the Agreement. In such a case, the End User’s data privacy questions and requests should be submitted to the Customer in its capacity as a Controller. We are not responsible for Customers’ privacy or security practices which may be different from this notice. Customers of the Services are solely responsible for establishing policies for and ensuring compliance with all applicable laws and regulations, as well as any and all privacy policies, agreements, or other obligations, relating to the collection of Personal Data in connection with the use of Services by the Customer or the Users.

11.2. When You log on to Services using the online sign-on services, the social network platform may provide Us with access to certain information that You have provided them, the collection, use, and disclosure of Your Personal Data by these social networks shall be governed by the policies of such social networks and We shall have no liability or responsibility over their actions. ‍

11.3. Our Website(s) contain links to other Websites. Our Policy applies only to Our Website(s), so if You click on a link to another Website, You should read their privacy policy. We encourage You to review the privacy statements of any such other Websites to understand their Personal Data practices.

12. CONTACT INFORMATION

You may contact Us if You have any inquiries, concerns, or feedback on Our data protection policies and procedures, or if You wish to make any request, in the following manner:

Kind Attention: Aravind Murthy (CTO and DPO)

Email Address: privacy@factors.ai

Address: 3524 Silverside Road Suite 35B Wilmington, DE 19810

13. CHANGES TO THE POLICY

We keep this Policy under regular review and may update this webpage at any time. This Policy may be amended at any time and You shall be notified only if there are material changes to this Policy.

14. DATA PRIVACY FRAMEWORK NOTICE

This Data Privacy Framework Notice (“DPF Notice") sets out Our principles concerning the collection, use, and retention of Personal Data that is transferred from the EEA region, the United Kingdom (“UK”), and Switzerland to the United States of America (“US”). This notice supplements and should be read in conjunction with the other sections of this Privacy Policy.

We, Slashbit Inc. a US-based company, comply with the principles of (i) the EU-US Data Privacy Framework (“EU-US DPF”), (ii) the UK Extension to the EU-US DPF, and (iii) the Swiss-U.S. Data Privacy Framework (“Swiss-U.S. DPF”) as set forth by the U.S. Department of Commerce. The EU-US DPF, UK Extension to the EU-US DPF, and the Swiss-US DPF shall be collectively called the DPF. Hereby, We volunteer to comply with the DPF principles regarding the processing of Personal Data originating from the EEA region, UK, and Switzerland. If there is any conflict between the terms in this Privacy Policy and the DPF Principles, the DPF Principles shall govern the collection, use, and retention of Personal Data that is transferred from the EEA region, the UK, and Switzerland.

To know more details about the DPF, please visit https://www.dataprivacyframework.gov/.

You can find the following details under section 2 of this Privacy Policy:

i. Categories of Personal Data collected.
ii. The methods of such collection.
iii. The purposes for which we use Your Personal Data.
iv. Information about the third parties to whom Your Personal Data will be transferred by us.

You can also find information about Your rights in connection with the Personal Data transferred under section 7 of this Privacy Policy.

As required under the DPF principles We hereby confirm that in the event of transferring Your Personal Data to a third party, such third party will be acting on Our behalf. We acknowledge and agree that We are responsible and liable in case any third-party, processes Your Personal Data in any manner inconsistent with the DPF principles.

Under certain circumstances, We may be required to disclose Your Personal Data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

In case You have any DPF-related queries or complaints, we strongly recommend You contact us using the details provided under section 12 of this Privacy Policy. We will respond to Your complaint within 45 days from the receipt of such complaint.

In compliance with DPF Principles, we hereby choose JAMS as Our alternate dispute resolution mechanism for dealing with unresolved complaints concerning our handling of Personal Data received in reliance on the DPF Principles. You may be entitled to contact JAMS to begin the process of opening a DPF dispute resolution case.

When an issue is not resolved by any of the above-mentioned resolution mechanisms, You may invoke a binding arbitration between us in a manner prescribed under the DPF.

The U.S. Federal Trade Commission (FTC) has jurisdiction over our compliance with the DPF principles.