Privacy Policy

1. Introduction

Welcome to Petronella AI ("we," "our," or "us"). Petronella AI is a division of Petronella Technology Group, Inc., a leading provider of AI automation solutions, cybersecurity services, and digital transformation consulting.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website petronella.ai, use our AI services, interact with our AI assistants, or engage with our automation solutions.

We are committed to protecting your personal information and your right to privacy. If you have any questions or concerns about this privacy notice or our practices with regard to your personal information, please contact us at [email protected].

2. Information We Collect

2.1 Information You Provide Directly

• Contact Information: Name, email address, phone number, company name, job title
• Account Data: Username, password, account preferences
• Business Information: Company size, industry, business needs, current technology stack
• Communications: Messages, emails, chat transcripts, support tickets, SMS/text messages
• Payment Information: Billing address, payment method details (processed by secure third-party providers)
• AI Training Data: Custom data you provide to train AI models for your specific use cases
• Voice Data: Recordings and transcripts from interactions with our AI voice assistants
• SMS Data: Phone numbers, message content, and opt-in/opt-out preferences for text messaging

2.2 Information Collected Automatically

• Device Information: IP address, browser type, operating system, device identifiers
• Usage Data: Pages visited, features used, interaction patterns, session duration
• Location Data: Approximate geographic location based on IP address
• Performance Data: System performance metrics, error logs, debugging information
• AI Interaction Data: Queries, responses, conversation flows, user feedback on AI outputs

2.3 Information from Third Parties

• Social Media: Information from social media platforms when you interact with our content
• Business Partners: Information from CRM integrations, marketing partners, or referral sources
• Public Sources: Publicly available business information to enhance our services
• Analytics Providers: Aggregated data about website usage and engagement

3. How We Use Your Information

3.1 Service Delivery

• Provide and maintain our AI automation services
• Process and fulfill service requests
• Customize AI models and workflows for your business needs
• Provide customer support and technical assistance
• Send service-related communications and updates

3.2 Business Operations

• Process payments and manage billing
• Analyze usage patterns to improve our services
• Conduct research and development
• Ensure platform security and prevent fraud
• Comply with legal obligations and enforce our terms

3.3 Marketing and Communications

• Send promotional communications (with your consent)
• Provide information about new features and services
• Respond to inquiries and requests
• Conduct surveys and gather feedback
• Personalize marketing content based on your interests

3.4 AI Training and Improvement

• Improve AI model accuracy and performance
• Develop new AI capabilities and features
• Ensure AI safety and ethical compliance
• Create aggregated insights and benchmarks

4. AI Services and Data Processing

4.1 AI Data Processing

When you use our AI services, we process data through various AI models and systems. This includes:

• Natural language processing of text inputs
• Voice recognition and synthesis
• Pattern recognition for automation
• Predictive analytics and recommendations
• Computer vision for document processing

4.2 AI Model Training

We may use aggregated and anonymized data to improve our AI models. Your specific business data is never used to train models for other customers unless you explicitly consent to participate in our collaborative learning programs.

4.3 AI Ethics and Bias Prevention

We implement measures to prevent bias and ensure fairness in our AI systems:

• Regular audits of AI decision-making processes
• Diverse training data sets
• Human oversight of critical AI decisions
• Transparent AI explainability features
• Compliance with AI ethics guidelines

4.4 Third-Party AI Services

We may use third-party AI services (such as OpenAI, Anthropic, or Google AI) to enhance our capabilities. When using these services:

• We ensure data is processed according to strict privacy agreements
• We implement additional security measures
• We provide transparency about which services are used
• You can opt-out of specific third-party AI processing

5. Information Sharing and Disclosure

5.1 We DO NOT Sell Your Personal Information

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

5.2 Authorized Sharing

We may share your information in the following circumstances:

• Service Providers: With vendors who help us provide our services (hosting, analytics, payment processing)
• Business Partners: With partners for joint offerings (with your consent)
• Legal Requirements: To comply with laws, regulations, or valid legal requests
• Protection of Rights: To protect our rights, property, or safety, or that of others
• Business Transfers: In connection with mergers, acquisitions, or asset sales
• Consent: With your explicit consent for specific purposes

5.3 Aggregate and Anonymous Data

We may share aggregated or anonymized data that cannot identify you personally for research, marketing, analytics, and other business purposes.

6. Data Security

6.1 Security Measures

We implement comprehensive security measures to protect your data:

• Encryption: Data encrypted in transit (TLS/SSL) and at rest (AES-256)
• Access Controls: Role-based access with multi-factor authentication
• Infrastructure: Secure cloud infrastructure with SOC 2 compliance
• Monitoring: 24/7 security monitoring and threat detection
• Audits: Regular security assessments and penetration testing
• Incident Response: Comprehensive incident response and breach notification procedures

6.2 Compliance Standards

Our security practices comply with industry standards:

• SOC 2 Type II certification
• HIPAA compliance for healthcare clients
• CMMC compliance for defense contractors
• PCI DSS for payment processing
• ISO 27001 standards

6.3 Data Retention

We retain your information for as long as necessary to provide our services and comply with legal obligations. Typical retention periods:

• Account data: Duration of account plus 3 years
• Transaction records: 7 years for tax purposes
• Marketing data: Until consent withdrawn
• AI training data: As specified in service agreements
• Log data: 90 days for operational purposes

7. Your Rights and Choices

7.1 Your Privacy Rights

Depending on your location, you may have the following rights:

• Access: Request a copy of your personal information
• Correction: Request correction of inaccurate information
• Deletion: Request deletion of your information
• Portability: Receive your data in a portable format
• Restriction: Request limitation of processing
• Objection: Object to certain processing activities
• Withdrawal: Withdraw consent where processing is based on consent

7.2 Exercising Your Rights

To exercise your rights, contact us at [email protected]. We will respond to your request within 30 days.

7.3 Communication Preferences

• Marketing Emails: Unsubscribe via link in emails or contact us
• SMS/Text Messages: Reply STOP to any message or contact us to opt-out
• WhatsApp: Block our number or contact us to opt-out
• Service Communications: Essential communications cannot be opted out
• Cookie Preferences: Manage via browser settings or cookie banner
• AI Processing: Opt-out of certain AI processing activities

8. Cookies and Tracking Technologies

8.1 Types of Cookies We Use

• Essential Cookies: Required for website functionality
• Performance Cookies: Help us understand usage patterns
• Functional Cookies: Remember your preferences
• Analytics Cookies: Collect aggregated usage data
• Marketing Cookies: Deliver personalized advertisements

8.2 Third-Party Cookies

Third parties may set cookies for:

• Google Analytics for usage analytics
• LinkedIn for social media integration
• Intercom for customer support chat
• HubSpot for marketing automation

8.3 Managing Cookies

You can control cookies through:

• Browser settings to block or delete cookies
• Our cookie preference center
• Third-party opt-out tools
• Do Not Track browser signals (honored)

9. Third-Party Services

9.1 Third-Party Integrations

Our services integrate with various third-party platforms:

• CRM systems (Salesforce, HubSpot)
• Communication platforms (Slack, Microsoft Teams)
• Cloud providers (AWS, Google Cloud, Azure)
• Payment processors (Stripe, PayPal)
• AI platforms (OpenAI, Anthropic)

9.2 Third-Party Privacy Policies

We encourage you to review the privacy policies of third-party services you connect to our platform. We are not responsible for their privacy practices.

10. Children's Privacy

Our services are not directed to individuals under 18. We do not knowingly collect personal information from children. If we learn we have collected information from a child under 13, we will delete that information promptly.

11. SMS/Text Messaging

11.1 SMS Service Overview

When you provide your mobile phone number and opt-in to receive text messages, you agree to receive SMS/text messages from Petronella AI regarding:

• Service updates and important notifications
• Appointment reminders and scheduling confirmations
• AI audit results and recommendations
• Marketing messages about our services (with your consent)
• Two-factor authentication codes
• Customer support communications

11.2 Consent and Opt-In

By providing your phone number and checking the consent box, or by texting us first, you expressly consent to receive text messages from us. You understand that:

• Consent is not a condition of purchase
• You can opt-out at any time
• Message frequency varies based on your interactions
• We will never share your phone number for third-party marketing

11.3 Message Frequency and Charges

Message frequency depends on your account activity and preferences:

• Transactional messages: As needed based on your requests
• Marketing messages: Maximum of 4 messages per month
• Alerts and notifications: Based on your configured preferences

Important: Message and data rates may apply. Contact your mobile carrier for details about your messaging plan. We are not responsible for any carrier charges incurred.

11.4 How to Opt-Out

You can stop receiving SMS messages from us at any time:

• Text STOP: Reply STOP to any message to unsubscribe immediately
• Text HELP: Reply HELP for assistance and support options
• Contact Us: Call (919) 601-1601 or email [email protected]
• Account Settings: Update your preferences in your account dashboard

After you opt-out, you will receive a final confirmation message and no further messages will be sent unless you re-subscribe.

11.5 WhatsApp Communications

We also offer communication via WhatsApp for your convenience. When you message us on WhatsApp:

• WhatsApp's privacy policy applies in addition to ours
• Messages are end-to-end encrypted
• You can block our number at any time to stop communications
• We use WhatsApp Business API for professional communications
• Your WhatsApp data is processed according to this privacy policy

11.6 SMS Data Security

We implement security measures to protect your SMS data:

• Encrypted storage of phone numbers and message logs
• Secure transmission protocols
• Access restricted to authorized personnel only
• Regular security audits of our SMS service providers
• Compliance with TCPA (Telephone Consumer Protection Act) regulations

11.7 SMS Service Providers

We use reputable third-party SMS service providers (such as Twilio) to deliver text messages. These providers:

• Are contractually obligated to protect your information
• May not use your data for their own purposes
• Comply with applicable telecommunications regulations
• Maintain appropriate security certifications

11.8 Support and Questions

For SMS-related support or questions:

• Text HELP: To any of our messages for immediate assistance
• Call: (919) 601-1601
• Email: [email protected]

12. International Data Transfers

Your information may be transferred to and processed in the United States or other countries. We ensure appropriate safeguards are in place:

• Standard contractual clauses for EU data transfers
• Privacy Shield principles compliance
• Adequate security measures regardless of location
• Compliance with local data protection laws

13. California Privacy Rights

12.1 CCPA Rights

California residents have additional rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information is collected
• Right to know if personal information is sold or disclosed
• Right to opt-out of the sale of personal information
• Right to deletion of personal information
• Right to non-discrimination for exercising privacy rights

12.2 California "Do Not Track" Disclosure

We honor Do Not Track signals and do not track, plant cookies, or use advertising when a Do Not Track browser mechanism is in place.

12.3 Categories of Information Collected

In the last 12 months, we have collected the following categories of personal information as defined by CCPA:

• Identifiers (name, email, IP address)
• Commercial information (purchase history)
• Internet activity (browsing history on our site)
• Professional information (job title, company)
• Inferences drawn from the above

14. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

• Posting the new Privacy Policy on this page
• Updating the "Last Updated" date
• Sending email notification for material changes
• Obtaining consent where required by law

We encourage you to review this Privacy Policy periodically for any changes.

15. Contact Information