Privacy Policy

Account Information: Name, email address, company name, job title, and billing information when you register or subscribe.

Usage Data: Log data, device information, IP addresses, browser type, pages visited, features used, and interaction timestamps.

Customer Data: Data you upload to the platform including AI agent configurations, compliance documents, transaction records, and assessment results.

Cookies & Analytics: We use essential cookies for authentication and functionality, and analytics cookies to improve the Service (with your consent where required).

We use your information to: (a) provide, maintain, and improve the Service; (b) process transactions and send billing notices; (c) communicate product updates, security alerts, and support messages; (d) detect, prevent, and address fraud and security issues; (e) comply with legal obligations; (f) generate aggregated, anonymized analytics.

We do not sell your personal data. We share data only with: (a) service providers who assist in operating the platform (hosting, payments, analytics) under contractual data protection obligations; (b) law enforcement when required by valid legal process; (c) parties involved in a merger, acquisition, or asset sale, with prior notice.

We implement industry-standard security measures including: AES-256 encryption at rest, TLS 1.3 in transit, SOC 2 Type II compliant infrastructure, role-based access controls, regular penetration testing, and incident response procedures. No method of transmission or storage is 100% secure; we cannot guarantee absolute security.

We retain account data for the duration of your subscription plus 30 days. Usage logs are retained for 12 months. Customer Data is deleted within 30 days of account termination unless you request earlier deletion or legal retention is required.

Your data may be processed in the United States, European Union, and Australia. For transfers outside the EEA, we use Standard Contractual Clauses (SCCs) approved by the European Commission to ensure adequate protection.

Depending on your jurisdiction, you may have the right to: access, correct, or delete your personal data; restrict or object to processing; data portability; withdraw consent; and lodge a complaint with a supervisory authority. To exercise these rights, contact privacy@apir.ai.

GDPR (EU/EEA): We act as a data processor for Customer Data and a data controller for account/usage data.

CCPA (California): We do not sell personal information. You have the right to know, delete, and opt out.

Australian Privacy Act: We comply with the Australian Privacy Principles (APPs).

The Service is not directed to individuals under 18. We do not knowingly collect personal information from children.

We will notify you of material changes via email or in-product notice at least 30 days before they take effect.

Data Protection Officer: dpo@apir.ai

General inquiries: privacy@apir.ai