Privacy Policy

Effective Date: December 1, 2024

This Privacy Policy explains how deep navy collects, uses, and protects your information when you use our service.

📚 Table of Contents

• 1. Information We Collect
  • 1.1 Account Information
  • 1.2 Usage Information
  • 1.3 Payment Information
• 2. How We Use Your Information
  • 2.1 Service Provision
  • 2.2 Service Improvement
  • 2.3 Communications
• 3. Information Sharing and Disclosure
  • 3.1 We Do Not Sell Your Data
  • 3.2 Service Providers
  • 3.3 Legal Requirements
  • 3.4 Business Transfers
• 4. Data Security
  • 4.1 Technical Safeguards
  • 4.2 Data Retention
• 5. Your Privacy Rights
  • 5.1 Data Access and Control
  • 5.2 Regional Privacy Rights
  • 5.3 Exercising Your Rights
• 6. Cookies and Tracking
  • 6.1 Essential Cookies
  • 6.2 Analytics Cookies
  • 6.3 Third-Party Cookies
• 7. Children’s Privacy
  • 7.1 Age Restrictions
  • 7.2 COPPA Compliance
• 8. International Data Transfers
  • 8.1 Global Service
  • 8.2 Transfer Safeguards
• 9. Data Processing Legal Basis
  • 9.1 Legitimate Interests
  • 9.2 Contractual Necessity
  • 9.3 Legal Compliance
• 10. Privacy Policy Changes
  • 10.1 Update Process
  • 10.2 Notification Methods
• 11. Contact Information
  • 11.1 Privacy Questions
  • 11.2 Business Address
  • 11.3 EU Representative
• 12. Definitions

1. Information We Collect

1.1 Account Information

Account Data:

• Email address
• Hashed password (bcrypt)
• Account creation date

Account Details:

• Account creation date
• Subscription plan information
• Billing history (via Apple Pay)

1.2 Usage Information

API Usage Data:

• Request timestamps and frequency
• Model types used
• Response times and success rates
• Error logs (without personal content)

Website Analytics:

• Page views and navigation patterns
• Device type and browser information
• IP address (anonymized for analytics)
• Session duration and bounce rates

1.3 Payment Information

Apple Pay Integration:

• We do not store payment card details
• Apple Pay handles all payment processing
• We receive only transaction confirmations
• Billing managed through Apple’s secure systems

2. How We Use Your Information

2.1 Service Provision

• Authentication: Verify your identity via Apple Sign-in
• API Access: Provide secure access to AI models
• Billing: Process subscriptions and usage tracking
• Support: Respond to help requests and technical issues

2.2 Service Improvement

• Performance Optimization: Monitor and improve response times
• Feature Development: Analyze usage patterns for new features
• Quality Assurance: Identify and fix service issues
• Security Enhancement: Detect and prevent abuse

2.3 Communications

• Service Updates: Notify about important changes or maintenance
• Billing Notifications: Send subscription and payment confirmations
• Support Responses: Reply to your questions and requests
• Security Alerts: Inform about account security issues

3. Information Sharing and Disclosure

3.1 We Do Not Sell Your Data

• We never sell personal information to third parties
• We do not rent or lease user data
• Anonymous, aggregated statistics may be shared for industry insights

3.2 Service Providers

Payment Services:

• Apple Pay for payment processing (iOS/macOS)
• Stripe for payment processing (web)
• Payment provider privacy policies apply

Infrastructure Providers:

• AWS for hosting and data processing
• CloudFlare for content delivery and security
• Service providers bound by data protection agreements

3.3 Legal Requirements

We may disclose information when required by law:

• Response to valid legal requests
• Protection against fraud or security threats
• Enforcement of our Terms of Service
• Compliance with regulatory requirements

3.4 Business Transfers

In the event of a merger, acquisition, or sale:

• User data may be transferred to the new entity
• Users will be notified of any ownership changes
• Same privacy protections will be maintained

4. Data Security

4.1 Technical Safeguards

Encryption:

• All data transmitted via HTTPS/TLS
• API keys encrypted with SHA-256
• Database encryption at rest

Access Controls:

• Role-based access to systems
• Multi-factor authentication for admin access
• Regular security audits and penetration testing

Infrastructure Security:

• AWS security best practices
• SOC 2 Type II compliant hosting
• Automated security monitoring

4.2 Data Retention

Account Data:

• Retained while your account is active
• Deleted within 30 days of account closure
• Billing records retained as required by law

Usage Data:

• API logs retained for 90 days
• Aggregated analytics retained for 2 years
• No permanent storage of conversation content

Security Logs:

• Security events retained for 1 year
• Access logs retained for 90 days
• Incident reports retained as required by compliance

5. Your Privacy Rights

5.1 Data Access and Control

Account Management:

• View and update your profile information
• Download your usage data and statistics
• Delete your account and associated data

API Key Management:

• Generate and revoke API keys
• Monitor usage and access patterns
• Set usage alerts and limits

5.2 Regional Privacy Rights

California Residents (CCPA):

• Right to know what data we collect
• Right to delete personal information
• Right to opt-out of data sales (we don’t sell data)
• Right to non-discrimination for exercising rights

European Residents (GDPR):

• Right to access your data
• Right to rectification of inaccurate data
• Right to erasure (“right to be forgotten”)
• Right to data portability
• Right to object to processing

5.3 Exercising Your Rights

To exercise your privacy rights:

• Email: support@deepnavy.ai
• Account Dashboard: Manage most settings online
• Response Time: We respond within 30 days
• Verification: We may require identity verification

6. Cookies and Tracking

6.1 Essential Cookies

• Authentication tokens for signed-in users
• Session management for website functionality
• Security tokens for API access

6.2 Analytics Cookies

• Anonymous usage statistics
• Performance monitoring
• Error tracking for service improvement

6.3 Third-Party Cookies

• Apple Sign-in authentication
• GitHub Pages hosting (if applicable)
• You can disable cookies in your browser settings

7. Children’s Privacy

7.1 Age Restrictions

• Our service is not intended for children under 13
• We do not knowingly collect data from children
• Parental consent required for users under 18

7.2 COPPA Compliance

• If we discover we have collected children’s data
• We will delete it immediately
• Parents may contact us to request deletion

8. International Data Transfers

8.1 Global Service

• Our service operates globally using AWS infrastructure
• Data may be processed in multiple countries
• All transfers comply with applicable privacy laws

8.2 Transfer Safeguards

• Standard Contractual Clauses for EU data
• Adequacy decisions where available
• Additional safeguards for sensitive jurisdictions

9. Data Processing Legal Basis

9.1 Legitimate Interests

• Service provision and improvement
• Security and fraud prevention
• Customer support and communications

9.2 Contractual Necessity

• Account authentication
• Billing and payment processing
• Service delivery as agreed

9.3 Legal Compliance

• Tax and accounting requirements
• Law enforcement requests
• Regulatory compliance

10. Privacy Policy Changes

10.1 Update Process

• We may update this policy periodically
• Material changes communicated via email
• Continued use indicates acceptance
• Previous versions available upon request

10.2 Notification Methods

• Email notification to registered users
• Website banner for 30 days after changes
• Dashboard notification for logged-in users

11. Contact Information

11.1 Privacy Questions

Email: support@deepnavy.ai

11.2 Business Address

[Your Business Address] [City, State, ZIP Code] [Country]

11.3 EU Representative

(If applicable for GDPR compliance) [EU Representative Name and Address]

12. Definitions

Personal Information: Information that identifies or can be used to identify you Processing: Any operation performed on personal data Service: deep navy platform and website We/Us/Our: deep navy and its affiliates You/Your: The user of our service

---

Last Updated: December 1, 2024

This Privacy Policy is designed to be clear and transparent. If you have questions, please contact us at support@deepnavy.ai.