Athenic AI operates the www.Athenic.com website, which provides the SERVICE.

This page is used to inform website visitors regarding our policies with the collection, use, and disclosure of Personal Information if anyone decided to use our Service, the Athenic AI website. If you choose to use our Service, then you agree to the collection and use of information in relation with this policy. The Personal Information that we collect is used for providing and improving the Service. We will not use or share your information with anyone except as described in this Privacy Policy. The terms used in this Privacy Policy have the same meanings as in our Terms and Conditions, which is accessible at www.Athenic.com, unless otherwise defined in this Privacy Policy.

‍

1. Data Collection and Usage

We collect various types of personal data to provide and improve our Service. This includes:

Directly Collected Information:

• Personal Information: When you sign up for our Service, we collect your email address. This information is provided directly by you during the registration process or when you update your account information.

• Usage Data: We collect information about how you use our Service, such as the pages you visit, the time and date of your visit, and other diagnostic data. This information is collected directly from your interactions with our Service.

• Communications: Any information you provide when you contact us, such as the content of your messages and any attachments, is collected directly from you to help us respond to your inquiries and provide customer support.

Indirectly Collected Information:

• Technical Information: We collect technical information related to your device and internet connection, such as your IP address, browser type, and version. This information is collected automatically when you use our Service.

• Cookies and Tracking Technologies: We use cookies and similar tracking technologies to track the activity on our Service and store certain information. This helps us analyze and improve the user experience. You can manage your cookie preferences through your browser settings.

Special Category Data and Criminal Conviction Data:

• Special Category Data: We do not collect special category data (such as data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, data concerning health, or data concerning a person's sex life or sexual orientation) through our Service.

• Criminal Conviction Data: We do not collect or process data related to criminal convictions and offenses.

Cached Data:

• Data Caching: We cache previews of your data to enhance your user experience and provide faster access to frequently used information. This cached data is stored temporarily and is used solely to improve the performance of our Service.

By providing detailed information on how we collect data, both directly and indirectly, and clarifying our stance on special category data and criminal conviction data, we aim to offer greater transparency and ensure that you are fully informed about our data collection practices.

‍

2. Purpose and Lawful Basis of Data Usage

Your data is used for the following purposes:

• To Provide and Maintain our Service: We use your data to ensure the functionality and performance of our Service. This includes using your technical information to troubleshoot issues, monitor usage, and improve the overall user experience. The lawful basis for this processing is the performance of a contract with you.

• To Notify You About Changes to Our Service: We use your contact information to inform you about updates, new features, or changes to our terms and policies. The lawful basis for this processing is our legitimate interest in keeping you informed about important updates related to the Service.

• To Improve Our Service: We analyze user behavior and preferences to enhance the user experience and develop new features. This involves using diagnostic data and usage patterns to make informed decisions about improvements. The lawful basis for this processing is our legitimate interest in improving and developing our Service.

• To Provide Customer Support: We use your data to respond to and resolve your inquiries efficiently. This includes using the content of your messages and any attachments to understand and address your concerns. The lawful basis for this processing is the performance of a contract with you and our legitimate interest in providing effective customer support.

• To Comply with Legal Obligations: We may process your data to comply with applicable laws, regulations, and legal processes. This includes using your data to respond to lawful requests from public authorities, such as law enforcement agencies. The lawful basis for this processing is compliance with a legal obligation.

• To Protect Your Vital Interests: In certain situations, we may process your data to protect your vital interests or those of another person. This could include using your data to ensure your safety and security in emergency situations. The lawful basis for this processing is the protection of vital interests.

• To Conduct Marketing Activities: With your consent, we may use your data to send you promotional materials and updates about our Service. This includes using your email address to inform you about special offers, new features, and other marketing communications. The lawful basis for this processing is your consent, which you can withdraw at any time.

• To Enforce Our Terms and Policies: We may use your data to enforce our terms and policies, including investigating potential violations and taking appropriate action. The lawful basis for this processing is our legitimate interest in maintaining the integrity and security of our Service.

By understanding the lawful basis for each type of data processing, we ensure that your personal data is handled in a transparent and compliant manner, respecting your rights and privacy.

‍

3. Data Sharing

We may share your data with third parties under specific circumstances. This includes third-party service providers who assist us in operating our Service, such as hosting providers, analytics services, and customer support platforms. These providers are obligated to protect your data and use it only for the purposes specified by us. More details can be found on our Sub-processors page. We may also disclose your data if required to do so by law or in response to valid requests by public authorities (e.g., a court or a government agency).

‍

4. Data Retention

We retain your personal data only for as long as necessary for the purposes set out in this Privacy Policy. Contact information and communication data are retained for 12 months to respond to your inquiries and provide customer support. Usage data and technical data are retained for 6 months to analyze and improve our Service. Cached data previews are retained temporarily to enhance user experience and will be periodically cleared. We regularly review our data retention periods to ensure that we are not keeping your data longer than necessary. If you have any questions about our data retention policy, please contact us.

‍

5. Data Access

Access to your data is restricted to authorized personnel within Athenic AI. Our team of engineers, who are responsible for maintaining and improving the Service, have access to your data. Access is granted based on the principle of least privilege, ensuring that only those who need access to your data for specific tasks are granted permission. Third-party service providers who assist us in operating our Service may also have access to your data. These providers are obligated to protect your data and use it only for the purposes specified by us. We implement strict access controls and regularly review permissions to ensure that your data is only accessible to those who need it.

‍

6. Data Security

We take the security of your data very seriously and implement a variety of measures to protect it. We use encryption to protect your data both in transit and at rest, ensuring that it cannot be easily accessed by unauthorized parties. Our servers are hosted in secure cloud environments protected by our cloud service provider, which include robust physical and electronic security measures. 

We implement strict access controls to ensure that only authorized personnel can access your data, including the use of strong passwords, multi-factor authentication, and regular access reviews. Additionally, we conduct regular security audits and assessments to identify and address potential vulnerabilities in our systems.

We value your trust in providing us your Personal Information, thus we are striving to use commercially acceptable means of protecting it. But remember that no method of transmission over the internet, or method of electronic storage is 100% secure and reliable, and we cannot guarantee its absolute security.

‍

7. Handling Data Requests

If you contact us regarding your data, we will verify your identity to ensure that we are communicating with the correct individual. We will handle your data request in accordance with our policies and applicable laws, which may include providing you with access to your data, correcting any inaccuracies, or deleting your data upon request. For more detailed information on how we handle data requests, please refer to the 'Subject Access Request' section of this Privacy Policy.

‍

8. Our Role and Obligations as a Data Controller and Processor

Athenic AI may act as both a data controller and a data processor, depending on the context in which we handle your personal data. Below, we outline our obligations in each capacity:

As a Data Controller

When we determine the purposes and means of processing your personal data, we act as a data controller. This includes data such as your email address, usage data, and technical data collected through our website and services. Our obligations as a data controller include:

• ‍Lawful Processing: We ensure that all personal data is processed lawfully, fairly, and transparently. We provide clear information about the purposes of data collection and the lawful basis for processing.

• Data Minimization: We collect only the personal data that is necessary for the specified purposes and ensure that it is adequate, relevant, and limited to what is necessary.

• Accuracy: We take reasonable steps to ensure that the personal data we hold is accurate and, where necessary, kept up to date. We promptly rectify any inaccuracies upon request.

• Data Retention: We retain personal data only for as long as necessary for the purposes for which it was collected, in accordance with our data retention policy.

• Data Security: We implement appropriate technical and organizational measures to protect personal data against unauthorized access, loss, or destruction.

• Data Subject Rights: We respect and facilitate the exercise of data subject rights, including the right of access, rectification, erasure, restriction of processing, objection to processing, and data portability.

As a Data Processor

When we process personal data on behalf of our users, we act as a data processor. This includes connecting to user databases, running queries through OpenAI, executing SQL queries on their databases, and returning results. Our obligations as a data processor include:

• ‍Processing Instructions: We process personal data only on the documented instructions of the data controller (our users).

• Confidentiality: We ensure that all personnel authorized to process personal data are bound by confidentiality obligations.

• Security Measures: We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including measures to protect against unauthorized access, loss, or destruction of personal data.

• Sub-processors: We ensure that any sub-processors we engage are subject to the same data protection obligations. You can subscribe to notifications about change in sub-processors at the bottom of this page.

• Assistance to Data Controller: We assist the data controller in fulfilling their obligations, including responding to data subject requests and ensuring compliance with data security and breach notification requirements.

• Data Breach Notification: We promptly notify the data controller of any personal data breach and provide all necessary information to facilitate compliance with data breach notification requirements.

• Data Deletion or Return: Upon termination of the processing services, we will, at the choice of the data controller, delete or return all personal data and delete existing copies, unless retention is required by law.

If you have any questions about our role and obligations as a data controller or processor, please contact us at privacy@athenic.com.

Cookies

Cookies are files with small amount of data that is commonly used an anonymous unique identifier. These are sent to your browser from the website that you visit and are stored on your computer’s hard drive.

Our website uses these "cookies" to collection information and to improve our Service. You have the option to either accept or refuse these cookies, and know when a cookie is being sent to your computer. If you choose to refuse our cookies, you may not be able to use some portions of our Service.

For more general information on cookies, please read  "What Are Cookies"

Links to Other Sites

Our Service may contain links to other sites. If you click on a third-party link, you will be directed to that site. Note that these external sites are not operated by us. Therefore, we strongly advise you to review the Privacy Policy of these websites. We have no control over, and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

Children's Privacy

Our Services do not address anyone under the age of 13. We do not knowingly collect personal identifiable information from children under 13. In the case we discover that a child under 13 has provided us with personal information, we immediately delete this from our servers. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us so that we will be able to do necessary actions.

Changes to This Privacy Policy

We may update our Privacy Policy from time to time. Thus, we advise you to review this page periodically for any changes. We will notify you of any changes by posting the new Privacy Policy on this page. These changes are effective immediately, after they are posted on this page.

Restrictions on Use

While using the Service, you will comply with all applicable laws, rules and regulations. Your use of the Service is conditioned on your compliance with the restrictions listed below. Any failure to comply may result in termination of your access to the Service, at Athenic AI sole discretion. In using the Service, you agree that you will not, and will not allow or authorize any third party to:

Input, distribute, upload, post, email, transmit or otherwise make available any content through the Service.

Subject Access Request

Under the General Data Protection Regulation (GDPR), you have several rights regarding your personal data. These rights include:

• ‍Right of Access: You have the right to access the personal data we hold about you. This is known as a Subject Access Request (SAR). To initiate a SAR, please email us. In your email, please include the following information to help us process your request efficiently:
  • The email address associated with your account
  • A description of the information you are requesting

We will respond to your request within the time frame required by GDPR, typically within one month.

• ‍Right to Rectification: You have the right to request the correction of any inaccurate or incomplete personal data we hold about you. If you believe that any information we have is incorrect or incomplete, please contact us to make the necessary corrections.

• Right to Erasure: Also known as the "right to be forgotten," you have the right to request the deletion of your personal data under certain circumstances, such as when the data is no longer necessary for the purposes for which it was collected or if you withdraw your consent.

• Right to Restriction of Processing: You have the right to request the restriction of processing your personal data under certain conditions, such as when you contest the accuracy of the data or object to the processing.

• Right to Object to Processing: You have the right to object to the processing of your personal data for certain purposes, such as direct marketing or when processing is based on legitimate interests.

• Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller, where technically feasible.

To exercise any of these rights, please contact us at privacy@athenic.com. We will respond to your request within the time frame required by GDPR, typically within one month. If we are unable to comply with your request, we will provide an explanation.

‍

Contact

Email: privacy@athenic.com 

Address: 

447 Sutter St Ste 405

PMB 95

San Francisco, CA 94108

Our EU Representative:
Under Article 27 of the GDPR, we have appointed an EU Representative to act as our data protection agent. Our nominated EU Representative is : Instant EU GDPR Representative Ltd.Adam Brogden contact@gdprlocal.com Tel +35315549700

‍