Privacy Policy

1. Information We Collect

• Account information such as name, email, business name, and login credentials.
• Profile, tenant, company, or project details you choose to provide.
• AI inputs, prompts, uploaded knowledge, documents, voice samples, avatar selections, settings, and generated outputs.
• Usage data such as pages viewed, features used, timestamps, logs, session data, and device information.
• Payment and subscription information processed through Stripe. We do not store full card numbers.
• Partner, referral, and rewards activity in the Partner Portal and UDIN system.
• Security data used for fraud prevention, abuse monitoring, and account protection.

2. How We Use Information

• Provide, operate, secure, and improve our Services.
• Create and manage accounts, subscriptions, dashboards, and platform access.
• Process AI Clone, AI Agent, RAG retrieval, voice, avatar, automation, and content generation requests.
• Deliver customer support, onboarding, service notices, and product updates.
• Manage partner referrals, rewards points, and UDIN identity verification.
• Detect abuse, fraud, security incidents, and unauthorized access.
• Analyze usage to improve performance, reliability, and user experience.
• Comply with legal, tax, regulatory, and contractual obligations.

3. AI Content and Knowledge Data

You may provide prompts, documents, instructions, business information, knowledge base content, voice inputs, and other materials to configure AI Clones, Agents, RAG systems, or Digital Workforce deployments. We process this content solely to provide the requested services. Unless separately agreed in writing, you are responsible for ensuring you have the rights and permissions necessary to upload or submit such content.

AI-generated outputs may be inaccurate or incomplete. You should review outputs before relying on them for business, legal, medical, financial, or other important decisions.

4. Cookies and Similar Technologies

We use essential cookies for authentication, security, session management, and core functionality. With your consent where required, we may use analytics cookies or similar technologies to understand usage and improve our Services. You may manage cookie preferences through your browser controls or any consent controls we provide.

5. Legal Bases for Processing

Where GDPR or UK GDPR applies, we process personal information based on one or more legal bases, including performance of a contract, legitimate interests, consent, compliance with legal obligations, and protection of vital or public interests where applicable.

6. Sharing and Service Providers

We may share information with trusted service providers that help us operate our platform, including hosting providers, database providers, payment processors (Stripe), authentication tools, email and communications services, AI infrastructure providers, and analytics services. These providers process data only as necessary to support our Services, under appropriate safeguards and data processing agreements.

7. International Data Transfers

GlobSynk operates globally. Your information may be processed in countries other than where you live. Where required, we use appropriate safeguards for cross-border transfers, such as Standard Contractual Clauses, contractual protections, and security measures.

8. Data Retention

We retain personal information for as long as necessary to provide Services, maintain business records, comply with legal obligations, resolve disputes, enforce agreements, and protect platform security. Retention periods vary depending on account status, service type, legal requirements, and operational needs.

9. Security

We use reasonable technical and organizational safeguards designed to protect personal information, including encryption, access controls, and secure infrastructure. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

10. GDPR and UK GDPR Rights

If you are located in the European Economic Area or the United Kingdom, you may have rights to access, correct, delete, restrict, or object to processing of your personal data, request data portability, and withdraw consent where processing is based on consent. To exercise these rights, contact us at [email protected].

11. California Privacy Rights (CCPA/CPRA)

California residents may have rights to know what personal information we collect, request deletion or correction, opt out of certain sharing or sales where applicable, and not be discriminated against for exercising privacy rights. GlobSynk does not sell personal information in the traditional sense. To submit a California privacy request, contact us at [email protected].

12. Children's Privacy

Our Services are not intended for children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided personal information, contact us so we can review and address the situation.

13. Lead Capture and Contact Submissions (TheBizCard™)

TheBizCard™ digital business cards may include a voluntary lead capture form. When a visitor chooses to submit their contact information (name, email, phone, company, and/or message) through a card holder's public digital card, that information is stored and made available to the card owner for follow-up purposes.

Submission is always voluntary and requires affirmative consent. Lead data is linked to the specific card and owner and is not shared with unrelated third parties. Visitors may request removal by contacting us at [email protected]. Do not submit sensitive personal or financial information through lead capture forms.

14. Changes to This Policy

We may update this Privacy Policy from time to time. Updates will be posted on this page with a revised "Last updated" date. Continued use of our Services after updates constitutes acceptance of the revised Policy.

15. Contact

For privacy questions, data requests, or concerns, contact us at: [email protected]