Privacy and Data Security Policy for Path Integral Technology Inc.

Last Updated:  11/20/2023

Path Integral Technology Inc. (“txyz.ai,” “we,” “our,” or “us”) respects your privacy and is committed to protecting it through compliance with this Privacy and Data Security Policy (“Policy”). This Policy describes the types of information we may collect from you or that you may provide when you use txyz.ai products and services (“Products and Services”) (including but not limited to the txyz.ai website, mobile applications, APIs, and other offerings) and our practices for collecting, using, maintaining, protecting, and disclosing that information.

Please read this Policy carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, your choice is not to use our Products and Services. By accessing or using our Products and Services, you agree to this Policy. We reserve the right to update, modify, or replace this Policy at any time. We will notify you of any significant changes by posting a notice on the txyz.ai website or by sending an email to the address associated with your account. Your continued use of our Products and Services after we make changes is deemed to be acceptance of those changes, so please check the Policy periodically for updates.

1. Privacy Policy

1.1. Data Collection

We collect several types of information from and about users of our Products and Services, including information:

(i) by which you may be personally identified, such as name, postal address, e-mail address, telephone number or any other identifier by which you may be contacted online or offline (“personal information”); and/or

(ii) about your internet connection, the equipment you use to access our Products and Services and usage details.

Information You Provide to Us

The information we collect on or through our Products and Services may include:

(i) Information that you provide by filling in forms on our Products and Services. This includes information provided at the time of registering to use txyz.ai website, subscribing to our Products and Services, posting material, or requesting further services. We may also ask you for information when you report a problem with our Products and Services.

(ii) Records and copies of your correspondence (including email addresses), if you contact us.

(iii) Your responses to surveys that we might ask you to complete for research purposes.

(iv) Your search queries on our Products and Services.

(v) Your inputs submitted when using our Products and Services.

Information We Collect Through Automatic Data Collection Technologies

As you navigate through and interact with our Products and Services, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including:

(i) Details of your visits to our Products and Services, such as txyz.ai website, including traffic data, location data, logs, and other communication data and the resources that you access and use on txyz.ai website.

(ii) Information about your computer and internet connection, including your IP address, operating system, and browser type.

We also may use these technologies to collect information about your online activities over time and across third-party websites or other online services (behavioral tracking). Some browsers have incorporated “Do Not Track” features. Most of these features, when turned on, send a signal or preference to the website or online services that a user visits, indicating that the user does not wish to be tracked. As there is not yet a common understanding of how to interpret and implement such “Do Not Track” signals, we do not currently honor or respond to “Do Not Track” signal when we collect information about your activities when using our Products and Services.

When you use our Products and Services, we automatically collect information about how you are using our Products and Services (the “Usage Data”). While most Usage Data is not personal information, it may include information about your account and information about your computer or device. It may also include information about your activities when using our Products and Services, such as the features you access or use, search terms entered, commands executed, and other statistical information relating to your use of our Products and Services. Further, we may maintain the Usage Data or associate the Usage Data with personal information we collect in other ways or receive from third parties.

It helps us to improve our Products and Services and to deliver a better and more personalized service, including by enabling us to:

(i) Estimate our audience size and usage patterns.

(ii) Store information about your preferences, allowing us to customize our Products and Services according to your individual interests.

(iii) Speed up your searches.

(iv) Recognize you when you return to our Products and Services.

(v) Improve our products and services.

The technologies we use for this automatic data collection may include:

• Cookies (or browser cookies). A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting you may be unable to access certain parts of our Products and Services. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Products and Services.

• Flash Cookies. Certain features of our Products and Services may use local stored objects (or Flash cookies) to collect and store information about your preferences and navigation to, from, and on our Products and Services. Flash cookies are not managed by the same browser settings as are used for browser cookies. For information about managing your privacy and security settings for Flash cookies, see Section 1.7 below.

• Web Beacons. Pages of certain of our Products and Services, such as txyz.ai website, and our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit us, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).

Information We Receive From Other Sources

We may obtain information about you from third party sources, including resellers, distributors, business partners, event sponsors, security and fraud detection services, social media platforms, and publicly available sources. We may combine such information with the information we receive and collect from you.

1.2. Use of Data Collected

We use your data that we collect about you or that you provide to us, including any personal information (“your Data”), for the following purposes:

(a) To provide, maintain, and improve our Products and Services and their features.

(b) To communicate with you and respond to your inquiries, and to send you notifications about our Products and Services, including technical notices, updates, and security alerts

(c) To analyze and understand how our Products and Services are used, and to enhance their functionality and user experience.

(d) To create and maintain your account when using our Products and Services.

(e) To carry out marketing data surveys, statistics and/or analysis, and to conduct data and system analytics, including, without limitations, to generate and analyze statistical information about how our Products and Services are used in the aggregate.

(f) To allow you to participate in interactive features on our Products and Services.

(g) To develop new tools, products or services based on your feedback, and to create, send and utilize mailing lists.

(h) To carry out identify verification and authentication services.

(i) To provide other services performed by us.

(j) To fulfill any other purpose for which you provide it.

(k) To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection.

(l) To comply with our obligations under the applicable laws, legal process or government regulation.

(m) For any other legitimate interests or lawful business purposes.

Additionally, we may use your chat history with the AI for development purposes, such as training AI models. However, we will not share your chat history or user-uploaded PDF files with third parties.

We may also use your information to contact you about our own and third-parties’ goods and services that may be of interest to you. If you do not want us to use your information in this way, please opt-out by using the “Unsubscribe” feature contained in the electronic communications. For more information, see Section 1.7 below.

1.3. Data Retention and Deletion

We retain your Data as long as necessary to fulfill the purposes for which it was collected or provided, or as required by applicable laws or regulations. You may request the deletion of your Data or your chat history with the AI at any time, and we will take reasonable steps to delete the requested data, subject to applicable legal and technical constraints. Notwithstanding the foregoing, we cannot delete your personal information except by also deleting your user account to the extent such personal information is required to register your user account.

1.4. Data Security

We implement technical and organizational measures to protect your personal data from unauthorized access, use, alteration, or disclosure. These measures may include encryption, secure storage, and access controls. However, no method of transmission over the Internet or electronic storage is completely secure, and while we strive to protect your personal data, we cannot guarantee its absolute security.

1.5 Disclosure of Your Data

We may disclose aggregated information about our users, and information that does not identify any individual, without restriction. We may disclose personal information that we collect or you provide as described in this Privacy Policy:

(i) To our subsidiaries and affiliates.

(ii) To third-party service provides that are in the U.S. or in other countries where such service providers assist in providing our Products and Services.

(iii) To third-party service providers who assist us with detecting and preventing fraud, security threats or other illegal or malicious behavior.

(iv) To third parties we use to support our business and who are bound by contractual obligations to keep personal information confidential and use it only for the purposes for which we disclose it to them.

(v) To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us about our Products and Services’ users is among the assets transferred.

(vi) To our business partners for our marketing and analytics purposes.

(vii) To financial institutions, credit card companies, payment collection companies that are authorized to collect payments owed to us from you.

(viii) To fulfill the purpose for which you provide it.

(ix) For any other purpose disclosed by us when you provide the information.

(x) With your consent.

We may also disclose your Data:

(a) To comply with any court order, law, or legal process, including to respond to any government or regulatory request.

(b) To enforce or apply our terms of use at https://txyz.ai/terms and other agreements, including for billing and collection purposes.

(c) If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of us, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.

1.6. Third-Party Services

Our Products and Services may contain links to third-party website or services that are not owned or controlled by txyz.ai. We are not responsible for the privacy practices or content of these third-party websites or services. We encourage you to review the privacy policies of any third-party websites or services you access through links on our Products and Services.

1.7. User Rights and Controls

You have the right to access, update, correct, or delete your Data held by us. You can do this by accessing your account settings on our Products and Services or by contacting us using the contact information provided in the "Contact Us" section. Additionally, you may have the right to object to or restrict the processing of your Data under certain circumstances, and to receive a copy of your Data in a structured, commonly used, and machine-readable format. In particular and to the extent applicable:

(i) You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. To learn how you can manage your Flash cookie settings, visit the Flash player settings page on Adobe’s website. If you disable or refuse cookies, please note that some parts of this site may then be inaccessible or not function properly.

(ii) If you do not wish to have your email address used by us to promote our own or third parties’ products or services, you can opt-out by using the “Unsubscribe” feature contained in the emails we send to you.

2. Data Security Policy

2.1. Security Measures

We are committed to protecting the security and integrity of user data from accidental loss and from unauthorized access, use, alteration, and disclosure, in each case in compliance with applicable laws and regulations. All information you provide to us is stored on our secure servers behind firewalls. Any payment transactions will be encrypted using SSL technology. While we make reasonable efforts to maintain the security of user data, we cannot guarantee absolute security due to the inherent risks associated with online services. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on our Products and Services.

The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Products and Services, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. We urge you to be careful about giving out information in public areas of our Products and Services (such as the message board). The information you share in public areas may be viewed by any user of our Products and Services.

2.2. Incident Response

In the event of a security breach or unauthorized access to user data, we will promptly investigate the incident, take appropriate steps to mitigate the potential impact, and notify affected users as required by applicable laws or regulations. We will also implement necessary measures to prevent the recurrence of such incidents in the future.

2.3. Data Backup

We maintain regular backups of user data to ensure its availability and to protect against data loss due to system failures, natural disasters, or other unforeseen events. These backups are stored in secure locations and are subject to reasonable security measures.

2.4. Data Processing Agreements

The information that we collect from you may be transmitted to, processed and/or stored at a destination outside the U.S. or your country or region of residence. By signing up, accessing and/or using our Products and Services, you expressly consent to our transmission, processing and storage of your information in locations outside the U.S. or your country or region of residence. Without limiting the generality of the foregoing, we will use commercially reasonably efforts to comply with all applicable laws in connection with transmitting, processing and/or storing your information. We may engage third-party service providers to process user data on our behalf. In such cases, we will enter into data processing agreements with these service providers to ensure that they are contractually obligated to comply with our data security standards and applicable laws or regulations.

2.5. Compliance with Laws and Regulations

We strive to comply with all applicable data protection laws and regulations, including those governing the collection, storage, and use of personal data. We will regularly review and update our security measures as required by law or as deemed necessary by us.

3. Children Under the Age of 16

Our Products and Services is not intended for children under 16 years of age. No one under age 16 may provide any information to or on our Products and Services. We do not knowingly collect personal information from children under 16. If you are under 16, do not use or provide any information on our Products and Services or through any of its features, register on our Products and Services, make any purchases of our Products and Services, use any of the interactive, chat, or public comment features of our Products and Services, or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or user name you may use. If we learn we have collected or received personal information from a child under 16 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 16, please contact us.

4. Your California Privacy Rights

California Civil Code Section § 1798.83 permits users of our Products and Services that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to the contact information provided in the "Contact Us" section.

5. The EU General Data Protection Regulation

As of May 25, 2018, a new data privacy law known as the EU General Data Protection Regulation (the “GDPR”) becomes effective through the European Economic Area (“EEA”), Switzerland, and the United Kingdom. The GDPR requires us and those using our Products and Services to provide users with certain information about the processing of their “Personal Data.” “Personal Data” is a term used under the GDPR that means, generally, data that identifies or can identify a particular unique user or device – for instance, names, addresses, cookie identifiers, mobile IDs, precise location data, and biometric data.

To comply with the GDPR, we provide the below representations and information, which are specific to persons located in the EEA, Switzerland, or the United Kingdom.

5.1. Legal Grounds for Processing Personal Data

The GDPR requires us to tell you about the legal ground we are relying on to process any Personal Data about you. The legal grounds for us to process your Personal Data for the purposes set out in Section 1 above will typically be because:

(i) You Provided Your Consent: To store and/or gain access to information, we rely on your consent, including the “cookie consent.”

(ii) The Processing is in Our Legitimate Interest: In some cases, we rely on legitimate interest as a legal basis for processing Personal Data to provide our and/or other data controllers’ services. For instance, legitimate interests may include the tailoring of promotional communications, providing analysis of and reporting about ad campaigns, maintaining the security of our Products and Services, etc.

(iii) Contractual Relationships: Sometimes we process certain data as necessary under a contractual relationship we have.

(iv) Legal Obligations: Some processing of data may be necessary for us to comply with our legal or regulatory obligations.

5.2. Transfer of Personal Data

To the extent we work with global companies and technologies, we may need to transfer your Personal Data outside of the country from which it was originally provided. For instance, we may transfer your data to third parties that we work with who may be located in jurisdictions outside of the EEA, Switzerland, or the United Kingdom, and which have no data protection laws or laws that are less strict in comparison to those in Europe.

When we transfer Personal Data outside of the EEA, Switzerland, or the United Kingdom, we take steps to ensure appropriate safeguards are in place to protect your Personal Data. Please contact us at the contact information provided in “Contact Us” section below for more information about the safeguards we have put in place to protect your Personal Data and privacy rights in these circumstances.

5.3. Personal Data Retention

As a general matter, we retain your Personal Data for as long as necessary to provide our Products and Services, or for other important purposes such as complying with legal obligations, resolving disputes, and enforcing our agreements. If you are a client of ours and thus have an account with us, we will typically retain your Personal Data for a period of no more than 6 months after you have requested that your account be closed, or such account has been inactive.

5.4. Your Rights as a Data Subject

The GDPR provides you with certain rights in respect to Personal Data that data controllers (as explained further below) hold about you, including certain rights to access Personal Data, to request correction of the Personal Data, to request to restrict or delete Personal Data, and to object to our processing of your Personal Data (including profiling for online ad targeting).

(i) Right to Access: If you wish to exercise your right to access Personal Data we process as a data controller, you may do so by requesting access through the email address provided in the “Contact Us” section below. Upon receiving your request, we will assess requests on a case-by-case basis, verify your identity and whether the data truly and solely belongs to you, and may limit the Personal Data we make available. Please note that we will only grant requests submitted for Personal Data for which we are a data controller. Where we act as a data processor for one of our clients, we will refer your request to that client. Please identify the client your request refers to (if possible) to simplify this process.

(ii) Right to Correct: If you wish to exercise your right to correct or update your Personal Data, you may do so by contacting us at the contact information below.

(iii) Right to Object to Processing or to Withdraw Consent: By using the “opt-out” feature described in Section 1 above, you may withdraw consent for processing your Personal Data.

(iv) Right to Erasure: You also have the right to request that we erase the Personal Data concerning you that we hold as a data controller. Please note, however, that we may retain copies of certain Personal Data on inactive or back-up files, for our own internal and necessary purposes, including but not limited to auditing, accounting and billing, legal, or bug detection. We will retain your Personal Data for the period necessary to fulfill any important purposes that we have in retaining it, principally regarding legal, auditing, accounting, and billing obligations.

(v) Right to Lodge Complaints: You have the right to lodge a complaint with a supervisory authority. However, we hope that you will first consult with us, so that we may work with you to resolve any complaint or concern you might have.

5.5. Questions or Concerns

If you are a resident of the EEA, Switzerland, or the UK and have concerns regarding this Section 5, you may contact us in accordance with “Contact Us” section below or at the address of 10430 Stern Ave., Cupertino, CA 95014.

6. Additional Information for U.S. States

Depending on applicable laws in your state of residence, you may request to: (a) confirm whether or not we process your personal information; (b) access, correct, or delete personal information we maintain about you; (c) receive a portable copy of such personal information; and/or (d) restrict or opt out of certain processing of your personal information, such as targeted advertising, or profiling in furtherance of decisions that produce legal or similarly significant effects. We will respond to requests consistent with applicable laws.

7. Other Important Information

Where our Products and Services are made available to you through an organization (e.g., your employer), that organization is the administrator of our Products and Services and responsible for the accounts and/or services over which it has control. For example, administrators can access and change information in your account or restrict and terminate your access to our Products and Services. We are not responsible for the privacy or security practices of an administrator’s organization, which may be different from this Privacy Policy. Please contact your organization or refer to your organization’s policies for more information.

8. Change to Our Privacy Policy

It is our policy to post any changes we make to our Privacy Policy on this page. If we make material changes to how we treat our users’ personal information, we will add a statement on the txyz.ai website home page. The date the Privacy Policy was last revised is identified at the top of the page. You are responsible for ensuring we have an up-to-date active and deliverable email address for you, and we encourage you to periodically visit our Products and Services (including txyz.ai website) and this Privacy Policy to stay informed about our practice in protecting your privacy.

9. Contact Information

If you have any questions, concerns, or requests related to this Policy, please contact us using the following information:

Path Integral Technology, Inc.

Attn: Legal Department

Email: support@txyz.ai

We will make every effort to respond promptly and address your concerns.