Privacy

PRIVACY POLICY

U2xAI LLC

Last Updated: December 22, 2024
Effective Date: December 22, 2024

1. INTRODUCTION

U2xAI LLC ("U2xAI," "we," "us," or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered supply chain optimization platform and related services (collectively, the "Services").

This Privacy Policy applies to:

Our website: u2xai.com
Our cloud-based platform and software
Our mobile applications (if applicable)
Any related services, features, or content

By using our Services, you agree to the collection and use of information in accordance with this Privacy Policy.

Contact Information

U2xAI LLC
991 US 22, Suite 200
Bridgewater, NJ 08807
United States

General Privacy Inquiries: privacy@u2xai.com
Data Subject Requests: privacy@u2xai.com
General Contact: hello@u2xai.com
Phone: [To be added]

2. INFORMATION WE COLLECT

2.1 Information You Provide to Us

Account Information:

Full name
Email address
Phone number
Company name and address
Job title and role
Payment information (processed by third-party payment processors)
Account credentials (username, encrypted password)

Business Information:

Inventory data (product codes, quantities, locations)
Sales data (transaction history, revenue, customer demographics)
Supplier information (names, contact details, terms, pricing)
Purchase orders and procurement data
Financial data (costs, margins, budgets)
Employee/user information for team access
ERP system data (if integrated)

Communications:

Support requests and correspondence
Feedback and survey responses
Email communications with us
Chat messages or phone call records

Optional Information:

Profile pictures
Company logo
Industry and business details
Preferences and settings

2.2 Information Collected Automatically

Usage Data:

Pages visited and features used
Time spent on platform
Click patterns and navigation paths
Search queries within the platform
Feature adoption and usage frequency
Platform performance metrics

Device Information:

IP address
Browser type and version
Operating system
Device type (desktop, mobile, tablet)
Screen resolution
Referring website
Internet service provider

Cookies and Tracking Technologies:

Session cookies (essential for platform functionality)
Persistent cookies (for preferences and analytics)
Analytics cookies (Google Analytics, Mixpanel, etc.)
Performance monitoring tools
Web beacons and pixels

2.3 Information from Third Parties

Integration Partners:

Data from connected ERP systems (Oracle, SAP, NetSuite, etc.)
E-commerce platform data (Shopify, WooCommerce, etc.)
Accounting system data (QuickBooks, Xero, etc.)
Data warehouse connections (BigQuery, Snowflake, etc.)

Third-Party Services:

Payment processors (billing information)
Identity verification services
Business intelligence providers
Marketing and analytics platforms

Publicly Available Information:

Company information from business directories
Industry benchmarks and market data
Public supplier information

3. HOW WE USE YOUR INFORMATION

3.1 To Provide and Improve Our Services

Service Delivery: Process your data to provide demand forecasting, inventory optimization, and procurement analytics
AI/ML Processing: Train and improve machine learning models using your data and aggregated data from multiple customers
Platform Functionality: Enable features like dashboards, reports, alerts, and recommendations
Integrations: Connect with your existing business systems
Technical Support: Troubleshoot issues and provide customer support
Service Improvement: Analyze usage patterns to enhance features and user experience

3.2 To Communicate with You

Account Management: Send account notifications, password resets, security alerts
Service Updates: Notify you of new features, updates, or changes
Support: Respond to your inquiries and support requests
Billing: Send invoices, payment confirmations, and billing notices
Marketing (with consent): Send newsletters, product updates, and promotional content

3.3 For Business Operations

Authentication: Verify your identity and account access
Payment Processing: Process subscription fees and payments
Fraud Prevention: Detect and prevent fraudulent activities
Legal Compliance: Comply with legal obligations and regulatory requirements
Contract Enforcement: Enforce our Terms of Service and other agreements

3.4 For Analytics and Research

Aggregated Analytics: Create anonymized, aggregated insights about platform usage and industry trends
Business Intelligence: Develop benchmarks and market insights (anonymized)
AI Model Training: Improve forecasting accuracy using anonymized data patterns
Product Development: Identify opportunities for new features and services

3.5 Legal Bases for Processing (GDPR)

For users in the European Economic Area (EEA), we process your data based on:

Contract Performance: Processing necessary to provide the Services you've requested
Legitimate Interests: Improving our Services, fraud prevention, business analytics
Legal Obligation: Compliance with laws and regulations
Consent: Where required, we obtain your explicit consent (e.g., marketing emails)

4. HOW WE SHARE YOUR INFORMATION

4.1 We Do NOT Sell Your Data

U2xAI does not and will never sell, rent, or trade your personal data or business data to third parties for their marketing purposes.

4.2 Service Providers and Subprocessors

We share data with trusted third-party service providers who assist us in operating our Services:

Infrastructure Providers:

Cloud hosting (Google Cloud Platform, AWS, or Azure)
Database services
Content delivery networks (CDN)
Backup and disaster recovery services

Business Operations:

Payment processors (Stripe, PayPal)
Email service providers (SendGrid, Mailchimp)
Customer support tools (Zendesk, Intercom)
Analytics platforms (Google Analytics, Mixpanel)

Development and Monitoring:

Error tracking and performance monitoring (Sentry, Datadog)
Code repositories and development tools
Security scanning services

All service providers are contractually obligated to:

Use data only for specified purposes
Maintain appropriate security measures
Comply with applicable privacy laws
Delete or return data upon request

Current Subprocessors List: Available at u2xai.com/subprocessors

4.3 Business Transfers

If U2xAI is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you before your information is transferred and becomes subject to a different privacy policy.

4.4 Legal Requirements

We may disclose your information if required to:

Comply with legal obligations (subpoenas, court orders)
Protect rights, property, or safety of U2xAI, users, or the public
Prevent fraud or security threats
Enforce our Terms of Service
Respond to government requests

4.5 Aggregated and Anonymized Data

We may share aggregated, anonymized data that cannot identify you or your business:

Industry benchmarks and trends
Market research and insights
Product development research
Academic or research purposes

This data is processed to remove all identifying information before sharing.

4.6 With Your Consent

We may share your information for other purposes with your explicit consent.

5. DATA SECURITY

5.1 Security Measures

We implement industry-standard security measures to protect your data:

Technical Safeguards:

Encryption in transit (TLS 1.2 or higher)
Encryption at rest for sensitive data
Secure authentication (password hashing, MFA support)
Network firewalls and intrusion detection
Regular security patches and updates
Automated vulnerability scanning

Organizational Safeguards:

Access controls (role-based, least privilege)
Employee security training
Background checks for personnel with data access
Confidentiality agreements
Incident response procedures
Regular security audits and assessments

Infrastructure Security:

Secure data centers (SOC 2 compliant)
Redundant systems and backups
Disaster recovery procedures
24/7 monitoring and alerts

5.2 Data Backup

Daily automated backups of all customer data
Backup retention for 30 days
Encrypted backup storage
Regular backup restoration testing

5.3 Your Responsibilities

You are responsible for:

Maintaining confidentiality of account credentials
Using strong, unique passwords
Enabling two-factor authentication (if available)
Notifying us immediately of suspected security breaches
Keeping contact information current

5.4 Limitations

No system is 100% secure. While we implement robust security measures, we cannot guarantee absolute security. You acknowledge and accept this risk when using our Services.

6. DATA RETENTION

6.1 Active Accounts

We retain your data as long as your account is active or as needed to provide Services.

6.2 After Account Termination

Upon account termination or cancellation:

30 Days: Data remains accessible for export or recovery 60 Days: Data deleted from production systems 90 Days: Data deleted from backup systems Indefinitely: Aggregated, anonymized data (cannot identify you or your business)

6.3 Legal Retention

We may retain certain data longer if required by:

Legal or regulatory obligations
Ongoing disputes or investigations
Legitimate business needs (e.g., fraud prevention)

6.4 Early Deletion Requests

You may request early deletion of your data. We will honor such requests unless we have a legal obligation to retain the data.

7. YOUR PRIVACY RIGHTS

7.1 General Rights (All Users)

Access: Request a copy of your personal data Correction: Update or correct inaccurate information Deletion: Request deletion of your data (subject to legal obligations) Export: Download your data in portable formats (CSV, JSON) Object: Object to certain types of processing Opt-Out: Unsubscribe from marketing communications

How to Exercise Rights:

Email: privacy@u2xai.com
Account Settings: Some rights can be exercised in your account dashboard
Contact Form: Available on our website

Response Time: We respond to requests within 30 days

7.2 Rights for EU Users (GDPR)

If you are in the European Economic Area (EEA), you have additional rights:

Right to Access: Obtain confirmation of data processing and a copy of your data Right to Rectification: Correct inaccurate or incomplete data Right to Erasure ("Right to be Forgotten"): Request deletion in certain circumstances Right to Restrict Processing: Limit how we process your data Right to Data Portability: Receive your data in a structured, machine-readable format Right to Object: Object to processing based on legitimate interests Right to Withdraw Consent: Withdraw consent at any time (without affecting prior processing) Right to Lodge a Complaint: File a complaint with your data protection authority

EU Representative: [To be appointed if required]

7.3 Rights for California Users (CCPA/CPRA)

If you are a California resident, you have:

Right to Know: What personal information we collect, use, and share Right to Delete: Request deletion of your personal information Right to Opt-Out: Opt out of sale/sharing of personal information (Note: We do not sell personal information) Right to Correct: Request correction of inaccurate information Right to Non-Discrimination: Not receive discriminatory treatment for exercising your rights Right to Limit: Limit use of sensitive personal information

Verification: We may verify your identity before fulfilling requests

Authorized Agents: You may designate an authorized agent to make requests on your behalf

7.4 Rights for Other US States

Users in Virginia, Colorado, Connecticut, Utah, and other states with privacy laws have similar rights. Contact us at privacy@u2xai.com for more information.

8. INTERNATIONAL DATA TRANSFERS

8.1 Data Storage Location

Your data is primarily stored in data centers located in the United States.

8.2 Transfers from EEA/UK

If you are in the EEA or UK, your data may be transferred to and processed in the United States, which may not have equivalent data protection laws.

Safeguards for International Transfers:

Standard Contractual Clauses (SCCs) approved by the European Commission
Adequacy decisions (if applicable)
Data Processing Agreement (DPA) available upon request

Request DPA: Available at u2xai.com/dpa or by emailing privacy@u2xai.com

8.3 Data Localization Options

For enterprise customers requiring data localization in specific regions, contact us about custom deployment options.

9. COOKIES AND TRACKING

9.1 Types of Cookies We Use

Essential Cookies (Cannot be disabled):

Session management
Authentication
Security features
Load balancing

Functional Cookies (Optional):

User preferences
Language selection
Settings memory
Recently viewed items

Analytics Cookies (Optional):

Google Analytics
Mixpanel
Usage statistics
Performance monitoring

Marketing Cookies (Optional, with consent):

Conversion tracking
Retargeting
A/B testing

9.2 Cookie Control

Browser Settings: Configure your browser to reject cookies or alert you when cookies are sent

Opt-Out Tools:

Google Analytics Opt-Out: tools.google.com/dlpage/gaoptout
Network Advertising Initiative: networkadvertising.org/choices
Digital Advertising Alliance: aboutads.info/choices

Cookie Consent Manager: Available on our website (for EU users)

9.3 Do Not Track

Our Services do not currently respond to "Do Not Track" (DNT) signals. However, you can control cookies through browser settings.

9.4 Third-Party Tracking

We do not control cookies placed by third-party services. Review their privacy policies for more information.

10. CHILDREN'S PRIVACY

10.1 Age Restriction

Our Services are not intended for children under 18 years of age. We do not knowingly collect personal information from children under 18.

10.2 Parental Notice

If you believe we have collected information from a child under 18, please contact us immediately at privacy@u2xai.com, and we will delete the information.

10.3 Compliance

We comply with the Children's Online Privacy Protection Act (COPPA) and similar laws.

11. YOUR CHOICES AND CONTROLS

11.1 Account Settings

Manage your information through your account dashboard:

Update contact information
Change password
Configure notifications
Manage user permissions
Export data

11.2 Communication Preferences

Marketing Emails:

Unsubscribe link in every marketing email
Opt-out via account settings
Email privacy@u2xai.com

Service Emails:

Account notifications, security alerts, and billing notices cannot be disabled (essential communications)

11.3 Data Deletion

Request account and data deletion:

Via account settings
Email privacy@u2xai.com
Written request to our address

Processing Time: 30 days for data export, 60 days for deletion

12. AI AND MACHINE LEARNING

12.1 How We Use Your Data for AI

Model Training:

Your data is used to train AI models for demand forecasting and inventory optimization
We combine your data with anonymized data from other customers to improve model accuracy
Your specific data is never shared with other customers

Anonymization:

Data used for cross-customer model improvements is anonymized
Anonymization removes identifying information (company names, specific product names, etc.)
Aggregated patterns improve forecasting for all customers

12.2 AI Data Retention

Model Training Data:

Anonymized data may be retained indefinitely for model improvement
Your specific data is deleted per standard retention policies (Section 6)

Opt-Out:

Enterprise customers may opt-out of cross-customer model training
Contact us at privacy@u2xai.com for opt-out options

12.3 Transparency

We are committed to transparent AI practices:

We disclose when AI is making recommendations
We provide explanations for AI-driven insights where possible
We continuously monitor and improve AI fairness and accuracy

13. CALIFORNIA "SHINE THE LIGHT" LAW

California residents may request information about our disclosure of personal information to third parties for direct marketing purposes.

We do not share personal information with third parties for their direct marketing purposes.

If you have questions, contact us at privacy@u2xai.com.

14. CHANGES TO THIS PRIVACY POLICY

14.1 Updates

We may update this Privacy Policy from time to time. Changes will be effective when posted on this page with a new "Last Updated" date.

14.2 Notification

For material changes, we will notify you by:

Email to your registered email address
Prominent notice on our website
In-app notification

14.3 Continued Use

Your continued use of Services after changes indicates acceptance of the updated Privacy Policy.

14.4 Objection

If you object to changes, you may terminate your account. Termination does not affect prior processing.

15. THIRD-PARTY LINKS AND SERVICES

15.1 Third-Party Websites

Our Services may contain links to third-party websites (integrations, partner sites, resources). We are not responsible for the privacy practices of these sites.

Review their privacy policies before providing information.

15.2 Third-Party Services

When you use third-party integrations (ERP systems, e-commerce platforms), those services have their own privacy policies that govern how they handle your data.

16. BUSINESS CONTACTS

16.1 B2B Communications

If you are a business contact (not a user of our platform), we may process your business contact information to:

Respond to inquiries
Provide customer support
Send business communications
Maintain business relationships

16.2 Rights

Business contacts have the same privacy rights as users (Section 7).

17. DATA PROTECTION OFFICER (DPO)

For organizations in the EEA required to appoint a DPO, or if you wish to contact our privacy team:

Email: privacy@u2xai.com
Subject Line: "Data Protection Officer" or "Privacy Inquiry"

18. SUPERVISORY AUTHORITY

18.1 EU Users

If you are in the EEA and believe we have not adequately addressed your privacy concerns, you have the right to lodge a complaint with your local data protection authority.

Find Your Authority: ec.europa.eu/justice/data-protection/bodies/authorities

18.2 US Users

For US users, privacy complaints may be directed to:

Federal Trade Commission (FTC): ftc.gov/complaint
State Attorney General (for state-specific laws)

19. SPECIFIC STATE DISCLOSURES

19.1 Nevada Residents

Nevada law allows Nevada residents to opt-out of the sale of personal information. We do not sell personal information as defined by Nevada law. If you have questions, contact privacy@u2xai.com.

19.2 Other States

For users in states with specific privacy laws (Virginia, Colorado, Connecticut, Utah, Montana, Oregon, Texas, etc.), we comply with applicable state requirements. Contact us for state-specific information.

20. CONTACT US

For privacy questions, concerns, or to exercise your rights:

Email: privacy@u2xai.com (Preferred method)
Subject: "Privacy Inquiry" or "Data Subject Request"

Mail:
U2xAI LLC
Attn: Privacy Team
991 US 22, Suite 200
Bridgewater, NJ 08807
United States

General Contact: hello@u2xai.com

Response Time: We respond to privacy requests within 30 days.

21. ACKNOWLEDGMENT

By using U2xAI Services, you acknowledge that:

You have read and understood this Privacy Policy
You consent to the collection, use, and disclosure of your information as described
You understand your privacy rights and how to exercise them
You accept the international transfer of data as described

SUMMARY OF KEY POINTS

✅ We collect: Account info, business data, usage data, and cookies
✅ We use data: To provide Services, improve AI, support you, and comply with laws
✅ We don't sell data: Never sold to third parties for marketing
✅ We share with: Service providers (with safeguards), not competitors
✅ Your rights: Access, delete, export, opt-out, and more
✅ Security: Industry-standard encryption and protection
✅ Retention: Data deleted 60 days after account termination
✅ Contact us: privacy@u2xai.com for any privacy questions