Privacy Policy

1. Introduction

Gideonn AI ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered commercial real estate document analysis platform.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

• Email address and name
• Password (securely hashed and encrypted)
• Organization and company information
• User preferences and settings

2.2 Document and Usage Data

When you use our platform, we collect and process:

• Uploaded Documents: Commercial real estate documents you upload for analysis, including offering memorandums, rent rolls, and related files
• Workspace Information: Property details, transaction information, and organizational data you create within the platform
• Interactions: Your questions, requests, and interactions with our AI features
• Generated Content: Analysis outputs, reports, and models created by our platform
• File Metadata: Filenames, timestamps, and document properties

2.3 Technical and Analytics Data

We automatically collect:

• Device information and IP addresses
• Browser type and operating system
• Usage patterns and feature interactions
• Performance metrics and error logs
• Session data and access times

3. How We Use Your Information

We use your information to:

• Provide Our Services: Process and analyze your documents using AI, generate insights and reports, and enable collaboration features
• AI Processing: Power our AI models to extract information, answer questions, and create analytical outputs from your documents
• Service Delivery: Generate exportable reports and models based on your uploaded content
• Account Management: Authenticate users, manage access permissions, and facilitate team collaboration
• Communications: Send service updates, respond to inquiries, and provide customer support
• Improvements: Analyze usage to improve our platform, develop new features, and optimize performance
• Security: Detect and prevent fraud, abuse, and unauthorized access
• Compliance: Meet legal obligations and enforce our terms

4. How We Share Your Information

We do not sell your personal information. We share data only in the following circumstances:

4.1 Service Providers

We work with trusted third-party service providers who perform services on our behalf, including:

• AI and Machine Learning Services: To power our document analysis and insight generation capabilities
• Cloud Infrastructure Providers: For secure data storage, database management, and platform hosting
• Authentication Services: To manage user sign-in and account security
• Document Generation Services: To create exportable reports and analytical models

These service providers are contractually obligated to protect your data and use it only for the purposes we specify.

4.2 AI Processing

Your uploaded documents and queries are processed by third-party AI services to provide analysis, insights, and automated data extraction. These services may retain data according to their own data retention policies. We carefully select AI providers with strong privacy and security practices.

4.3 Legal Requirements

We may disclose information when required by law, court order, or legal process, or to:

• Comply with legal obligations
• Protect our rights, property, or safety
• Prevent fraud or abuse
• Respond to government requests

4.4 Business Transfers

In connection with a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

4.5 With Your Consent

We may share information for other purposes with your explicit consent or at your direction.

5. Data Security

We implement industry-standard security measures to protect your information, including:

• Encryption: Data is encrypted in transit using TLS/SSL and at rest using strong encryption standards
• Access Controls: Multi-tenant architecture with organization-level data isolation and role-based permissions
• Authentication: Secure authentication systems with password hashing and optional multi-factor authentication
• Monitoring: Continuous security monitoring and regular security assessments
• Secure Infrastructure: Data stored in secure, certified data centers with physical and digital safeguards

However, no method of electronic transmission or storage is 100% secure. While we strive to protect your information using commercially acceptable means, we cannot guarantee absolute security.

6. Data Storage and Retention

6.1 Storage Location

Your data is stored on secure servers located primarily in the United States. Data may be processed and stored in other countries where our service providers operate. We ensure appropriate safeguards are in place for international data transfers.

6.2 Retention Period

We retain your data for as long as your account is active or as needed to provide our services. This includes:

• Account information and user profiles
• Uploaded documents and generated content
• Workspace configurations and collaboration history
• Usage data and interaction logs

You may request deletion of your data at any time by contacting us at info@gideonn.ai. We will process deletion requests within 30 days, though some information may be retained as required by law or for legitimate business purposes.

7. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

• Access: Request a copy of the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information (subject to certain exceptions)
• Portability: Request your data in a portable, machine-readable format
• Restriction: Request that we limit how we use your information
• Objection: Object to our processing of your information for certain purposes
• Opt-out: Unsubscribe from marketing communications at any time

To exercise these rights, please contact us at info@gideonn.ai. We will respond to your request within 30 days.

8. Organization Accounts and Collaboration

Our platform supports multi-user organization accounts:

• Users are associated with organizations based on email domain or registration details
• Organization administrators may have access to manage users and view activity within the organization
• Data is isolated at the organization level to prevent unauthorized cross-organization access
• Workspace sharing allows controlled collaboration between team members
• You control who can access your individual workspaces through permission settings

If you are using Gideonn through your employer or organization, your organization's administrators may have access to your account data and usage information.

9. Cookies and Tracking Technologies

We use cookies and similar technologies to:

• Maintain your session and keep you logged in
• Remember your preferences and settings
• Analyze usage patterns and improve our services
• Provide security features and prevent fraud

You can control cookies through your browser settings. Note that disabling cookies may limit your ability to use certain features of our platform.

10. Third-Party AI Services

Our platform uses third-party artificial intelligence services to analyze your documents and generate insights. When you upload documents or interact with our AI features:

• Your content is sent to third-party AI providers for processing
• These providers may store and process your data according to their own privacy policies
• AI models may create embeddings or representations of your content for improved analysis
• We select AI providers with strong privacy commitments and data protection practices

If you have concerns about third-party AI processing, please contact us before uploading sensitive documents.

11. Children's Privacy

Our services are intended for business and professional use. We do not knowingly collect information from individuals under 18 years of age. If we become aware that we have collected personal information from a child, we will take steps to delete such information.

12. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States and other jurisdictions where our service providers operate. These countries may have different data protection laws than your country.

We ensure appropriate safeguards are in place for international transfers through:

• Standard contractual clauses
• Service provider certifications and compliance programs
• Adequate data protection measures and security controls

13. California Privacy Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information we collect and how we use it
• Right to delete your personal information (subject to exceptions)
• Right to opt-out of the "sale" of personal information (we do not sell personal information)
• Right to non-discrimination for exercising your privacy rights

To exercise your CCPA rights, contact us at info@gideonn.ai.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by:

• Posting the updated policy on this page with a new "Last updated" date
• Sending an email notification to your registered email address
• Providing a notice through our platform

Your continued use of our services after changes become effective constitutes acceptance of the updated Privacy Policy.

15. Contact Us

If you have questions about this Privacy Policy, wish to exercise your privacy rights, or have concerns about how we handle your information, please contact us:

Email: info@gideonn.ai
Address: New York, NY