Privacy Policy

Introduction and Scope

EcoSync AI Inc. ("EcoSync AI," "we," "us," or "our") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our digital ecosystem integration platform, visit our website, or interact with our services.

This policy applies to all users of our platform, including business customers, individual users, and website visitors. By using our services, you consent to the data practices described in this policy.

Information We Collect

Personal Information

We collect personal information that you voluntarily provide to us, including:

• Contact information (name, email address, phone number, company name)
• Account credentials and authentication information
• Billing and payment information
• Professional information (job title, department, business role)
• Communication preferences and marketing consents

Business Data and Integration Information

When you use our platform to integrate your business systems, we may access and process:

• Configuration data from your connected applications
• Metadata about your business processes and workflows
• System logs and integration performance data
• API credentials and connection parameters (encrypted)

Automatically Collected Information

We automatically collect certain information when you use our services:

• Device information (IP address, browser type, operating system)
• Usage data (pages visited, features used, time spent)
• Performance metrics and error logs
• Cookies and similar tracking technologies

How We Use Your Information

We use the collected information for the following purposes:

• Service Provision: To provide, maintain, and improve our integration platform
• Account Management: To create and manage your account, process payments, and provide customer support
• Communication: To send service updates, security alerts, and respond to your inquiries
• Platform Optimization: To analyze usage patterns and improve our AI algorithms
• Security: To detect, prevent, and respond to security threats and fraudulent activity
• Legal Compliance: To comply with applicable laws, regulations, and legal processes
• Marketing: To send promotional communications (with your consent)

Information Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following limited circumstances:

Service Providers

We work with trusted third-party service providers who assist us in operating our platform, including cloud hosting, payment processing, and customer support services. These providers are contractually bound to protect your information.

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the business transaction, subject to equivalent privacy protections.

Legal Requirements

We may disclose your information when required by law, court order, or government regulation, or when we believe disclosure is necessary to protect our rights or the safety of others.

Data Security and Protection

We implement comprehensive security measures to protect your information:

• Encryption: All data is encrypted in transit and at rest using industry-standard protocols
• Access Controls: Strict access controls and authentication mechanisms protect against unauthorized access
• Regular Audits: We conduct regular security audits and vulnerability assessments
• SOC 2 Compliance: Our security practices are audited and certified under SOC 2 Type II standards
• Employee Training: All employees receive regular security and privacy training
• Incident Response: We maintain a comprehensive incident response plan for security breaches

Data Retention and Deletion

We retain your information only as long as necessary to provide our services and comply with legal obligations:

• Account Data: Retained while your account is active and for 3 years after account closure
• Integration Data: Retained for the duration of active integrations plus 1 year for troubleshooting
• Communication Records: Retained for 7 years for legal and compliance purposes
• Marketing Data: Retained until you withdraw consent or for 2 years of inactivity

You may request deletion of your personal information at any time, subject to legal retention requirements.

Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

• Access: Request a copy of the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information
• Portability: Request transfer of your data to another service provider
• Restriction: Request limitation of how we process your information
• Objection: Object to certain types of processing, including marketing
• Withdrawal: Withdraw consent for processing based on consent

To exercise these rights, please contact us at [email protected].

International Data Transfers

EcoSync AI is based in Canada, and we may transfer your information to countries outside your jurisdiction for processing and storage. When we transfer personal information internationally, we ensure appropriate safeguards are in place:

• Standard Contractual Clauses approved by relevant data protection authorities
• Adequacy decisions recognizing equivalent privacy protections
• Certification schemes and codes of conduct
• Binding corporate rules for intra-group transfers

Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience and analyze usage patterns:

• Essential Cookies: Required for basic platform functionality
• Performance Cookies: Help us understand how you use our services
• Functional Cookies: Remember your preferences and settings
• Marketing Cookies: Used to deliver relevant advertisements (with consent)

You can manage your cookie preferences through your browser settings or our cookie preference center. For more information, see our Cookie Policy.

Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will take steps to delete such information promptly.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

Third-Party Integrations

Our platform integrates with numerous third-party applications and services. This Privacy Policy does not cover the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party services you connect through our platform.

We implement privacy-by-design principles in our integrations, including data minimization and purpose limitation, to protect your information across connected systems.

Privacy by Design

We incorporate privacy considerations into our product development and business processes:

• Data Minimization: We collect only the information necessary for our services
• Purpose Limitation: We use information only for the purposes disclosed to you
• Transparency: We provide clear information about our data practices
• User Control: We give you control over your information and privacy settings
• Security by Default: We implement strong security measures as standard practice

Updates to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes through:

• Email notification to your registered email address
• Prominent notice on our website and platform
• In-app notifications for significant changes

Your continued use of our services after the effective date of any changes constitutes acceptance of the updated policy.

Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us: