Privacy Policy

Personal Information

• Account Information: Name, email address, username, password (encrypted), profile information, and account preferences.
• Payment Information: Billing address, payment method details, transaction history, and related financial information processed through our payment processors.
• Contact Information: Information provided when you contact us for support, feedback, or inquiries.
• Identity Verification: Information required for identity verification, fraud prevention, and compliance with legal obligations.

Usage and Service Data

• Service Usage: Prompts, queries, AI interactions, generated content, token usage, feature utilization, and service preferences.
• Performance Data: Response times, error logs, system performance metrics, and service optimization data.
• Content Data: User-generated content, uploaded files, conversation history, and AI-generated outputs.

Technical and Device Information

• Device Information: Device type, operating system, browser type and version, screen resolution, and device identifiers.
• Network Information: IP address, internet service provider, network connection type, and geographic location data.
• Usage Analytics: Page views, click patterns, session duration, referral sources, and user behavior analytics.
• Cookies and Tracking: Cookies, web beacons, local storage, and similar tracking technologies.

Third-Party Information

• Social Media: Information from social media platforms if you connect your accounts or use social login features.
• Partner Data: Information from business partners, affiliates, and integrated third-party services.
• Public Sources: Publicly available information that may be relevant to fraud prevention or service improvement.

Service Provision and Operations

• Provide, maintain, and improve our Services and user experience.
• Process transactions, manage subscriptions, and handle billing operations.
• Authenticate users, maintain account security, and prevent unauthorized access.
• Deliver customer support, respond to inquiries, and resolve technical issues.
• Personalize content, recommendations, and service features based on usage patterns.

Legal and Compliance

• Comply with applicable laws, regulations, and legal obligations.
• Respond to legal requests, court orders, and government inquiries.
• Enforce our Terms of Service and other policies.
• Protect against fraud, abuse, security threats, and illegal activities.
• Conduct internal audits and maintain business records as required by law.

Business Operations and Communications

• Analyze usage patterns and conduct research to improve our Services.
• Send service-related notifications, updates, and important announcements.
• Communicate marketing materials and promotional offers (with your consent where required).
• Conduct surveys, gather feedback, and perform market research.
• Facilitate business transactions, including mergers, acquisitions, or asset sales.

AI and Machine Learning

• Train, improve, and optimize AI models and algorithms (in aggregated, anonymized form).
• Develop new features, services, and AI capabilities.
• Conduct research and development in artificial intelligence and machine learning.

Service Providers and Business Partners

We may share your information with trusted third parties who assist us in operating our business:

• Payment Processors: TagMango Inc. (for customers outside India) and TagMango Pvt Ltd (for Indian customers) to process payments and manage billing.
• AI Service Providers: Third-party AI platforms (OpenAI, Google, etc.) to generate responses and provide AI services.
• Cloud Infrastructure: Cloud hosting providers, content delivery networks, and data storage services.
• Analytics and Marketing: Analytics providers, marketing platforms, and customer support tools.
• Professional Services: Legal counsel, accountants, auditors, and other professional service providers.

Legal and Regulatory Requirements

We may disclose your information when required by law or to protect our rights:

• In response to legal process, court orders, subpoenas, or government requests.
• To comply with applicable laws, regulations, and legal obligations.
• To protect the rights, property, safety, and security of our company, users, or the public.
• To investigate, prevent, or take action regarding illegal activities, fraud, or security threats.
• To enforce our Terms of Service and other agreements.

Business Transactions

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of assets, your information may be transferred as part of the business transaction. We will provide notice of any such transfer and any choices you may have regarding your information.

Aggregated and Anonymized Data

We may share aggregated, anonymized, or de-identified information that cannot reasonably be used to identify you for research, analytics, marketing, or other business purposes.

Security Measures

We implement comprehensive security measures to protect your information:

• Encryption: Data encryption in transit (TLS/SSL) and at rest using industry-standard protocols.
• Access Controls: Role-based access controls, multi-factor authentication, and principle of least privilege.
• Infrastructure Security: Secure cloud infrastructure, firewalls, intrusion detection, and monitoring systems.
• Regular Audits: Security assessments, vulnerability testing, and compliance audits.
• Employee Training: Regular security training and background checks for personnel with data access.

Data Breach Response

In the event of a data breach that may compromise your personal information, we will:

• Investigate and contain the breach promptly.
• Notify affected users and relevant authorities as required by applicable law.
• Provide information about the breach and steps being taken to address it.
• Implement additional security measures to prevent future incidents.

Retention Periods

We retain your information for different periods based on the type of data and business needs:

• Account Information: Retained while your account is active and for up to 7 years after account closure for legal and business purposes.
• Usage Data: Retained for up to 3 years for service improvement and analytics purposes.
• Payment Information: Retained as required by financial regulations and tax laws (typically 7-10 years).
• Support Communications: Retained for up to 5 years for quality assurance and legal purposes.
• Marketing Data: Retained until you withdraw consent or as required by applicable law.

Legal and Regulatory Requirements

We may retain certain information longer when required by:

• Legal obligations, including tax, accounting, and regulatory requirements.
• Ongoing legal proceedings, investigations, or disputes.
• Legitimate business interests, such as fraud prevention and security.
• Contractual obligations with third parties.

Data Deletion

When retention periods expire or upon valid deletion requests, we will securely delete or anonymize your information using industry-standard methods. Some information may remain in backup systems for a limited time but will be inaccessible for normal business operations.

Cross-Border Transfers

Your information may be transferred to, stored, and processed in countries other than your country of residence, including the United States and other jurisdictions where our service providers operate. These countries may have different data protection laws than your country.

Safeguards for International Transfers

When transferring your information internationally, we implement appropriate safeguards:

• Standard Contractual Clauses approved by relevant data protection authorities.
• Adequacy decisions by the European Commission or other relevant authorities.
• Binding Corporate Rules and other approved transfer mechanisms.
• Contractual commitments with third parties to maintain appropriate data protection standards.

Types of Cookies We Use

• Essential Cookies: Required for basic website functionality, authentication, and security.
• Performance/Analytics Cookies: Help us understand how users interact with our Services to improve performance. These include cookies set by Google Analytics, Mixpanel, and Hotjar.
• Functional Cookies: Remember your preferences and settings to enhance your experience.
• Marketing Cookies: Used to deliver relevant advertisements and measure campaign effectiveness (with your consent). These include cookies set by Google Ads.

Analytics and Tracking Services We Use

• Google Analytics (GA4): Collects anonymized usage data such as page views, session duration, and traffic sources to help us understand how our Services are used. Google's privacy policy: policies.google.com/privacy
• Mixpanel: Tracks user interactions and events within our platform to help us improve features and user experience. Mixpanel's privacy policy: mixpanel.com/legal/privacy-policy
• Hotjar: Records anonymized session replays, heatmaps, and user feedback to help us understand how users navigate our platform and identify areas for improvement. Hotjar's privacy policy: hotjar.com/legal/policies/privacy

Managing Cookies

You can control cookies through your browser settings and our cookie preference center. You may also opt out of specific services directly: Mixpanel provides an opt-out mechanism, Hotjar offers a Do Not Track option, and Google provides browser add-ons to opt out of Analytics. Note that disabling certain cookies may affect the functionality of our Services. For full details, see our Cookie Policy.

Third-Party Tracking

The third-party analytics and advertising services listed above use cookies and similar technologies. These third parties have their own privacy policies governing their use of your information. We only activate these services after you have given your consent through our cookie preference center.

General Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

• Access: Request access to your personal information and details about how we process it.
• Correction: Request correction of inaccurate or incomplete personal information.
• Deletion: Request deletion of your personal information, subject to legal and contractual obligations.
• Portability: Request a copy of your personal information in a structured, machine-readable format.
• Restriction: Request restriction of processing under certain circumstances.
• Objection: Object to processing based on legitimate interests or for direct marketing purposes.
• Withdraw Consent: Withdraw consent where processing is based on your consent.

Exercising Your Rights

To exercise your privacy rights, contact us at support@widelai.com with the subject line "Privacy Rights Request." We will respond to your request within the timeframes required by applicable law. We may need to verify your identity before processing your request.

Limitations

Your rights may be limited in certain circumstances, such as when processing is necessary for:

• Compliance with legal obligations or court orders.
• Establishment, exercise, or defense of legal claims.
• Protection of the rights and freedoms of others.
• Performance of tasks in the public interest.

European Economic Area (GDPR)

• Access, update, or delete your personal data.
• Object to processing and request data portability.
• Withdraw consent at any time where processing is based on consent.
• Lodge a complaint with your local Data Protection Authority.

California Residents (CCPA)

• Request disclosure of collected personal information.
• Request deletion of personal information, subject to legal exceptions.
• Opt-out of the sale of personal data (WidelAI does not sell personal data).
• Be free from discrimination for exercising privacy rights.

To exercise these rights, email support@widelai.com with the subject line "Privacy Request".

Minimum Age Requirements

Our Services are not intended for children under the minimum digital consent age in their jurisdiction:

• 13 years old in the United States and most other countries.
• 16 years old in the European Union (unless lowered by member state law).
• Other ages as specified by local law in your jurisdiction.

Parental Consent

If you are under the applicable minimum age, you may only use our Services with verifiable parental or guardian consent. Parents and guardians are responsible for monitoring their children's use of our Services.

Child Data Protection

We do not knowingly collect personal information from children under the applicable minimum age without proper consent. If we become aware that we have collected such information, we will take steps to delete it promptly. If you believe we have collected information from a child without proper consent, please contact us immediately.

AI Training and Development

We may use aggregated, anonymized usage data to improve our AI models and develop new features. This includes analyzing patterns in user interactions, prompts, and system performance to enhance service quality.

Third-Party AI Services

Our Services integrate with third-party AI providers (OpenAI, Google, etc.). Your interactions with these services are subject to their respective privacy policies and terms of service. We encourage you to review these policies to understand how your data is handled by these providers.

AI-Generated Content

AI-generated responses may not always be accurate, complete, or appropriate. We are not responsible for the content, accuracy, or reliability of AI-generated outputs. Users should verify important information independently.

Third-Party Services and Integrations

Our Services may contain links to third-party websites, applications, or services that are not owned or controlled by us. We are not responsible for the privacy practices, content, or policies of these third parties.

AI-Generated References

AI-generated responses may include references to third-party information, websites, or content. We do not endorse, verify, or take responsibility for the accuracy, legality, or appropriateness of such references.

User Responsibility

When you access third-party services through our platform or follow links in AI-generated content, you do so at your own risk. We encourage you to review the privacy policies and terms of service of any third-party services you use.

Data Loss and Service Interruptions

While we implement backup and recovery procedures, we cannot guarantee against data loss or service interruptions. You are responsible for maintaining your own backups of important data and content.

AI-Generated Content Disclaimer

AI-generated content may contain errors, biases, or inappropriate material. We are not responsible for the accuracy, completeness, or appropriateness of AI-generated outputs. Users should exercise judgment and verify information independently.

Policy Updates

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will post the updated policy on our website and update the "Effective Date" at the top.

Notification of Material Changes

For material changes that significantly affect your privacy rights, we will provide additional notice through:

• Email notification to your registered email address.
• Prominent notice on our website or within our Services.
• In-app notifications or pop-up notices.

Continued Use

Your continued use of our Services after the effective date of any changes constitutes your acceptance of the revised Privacy Policy. If you do not agree with the changes, you must stop using our Services and may request deletion of your account.

General Contact

For questions, support, privacy requests, or legal notices, contact:

Data Protection Officer

For privacy-related inquiries, especially from EU residents, you may contact our Data Protection Officer at:

Response Times

We aim to respond to privacy requests within:

• General inquiries: 5 business days
• Privacy rights requests: 30 days (as required by law)
• Data breach notifications: As required by applicable law
• Legal requests: As required by law or court order

Supervisory Authority

If you are located in the European Union and believe we have not adequately addressed your privacy concerns, you have the right to lodge a complaint with your local Data Protection Authority.