Privacy and Data Handling Policy

Effective Date: 2024-11-25

Last Updated: 2024-11-25

Aggregate Intellect Inc. (“we,” “our,” or “us”) is committed to protecting the privacy and data security of our users. This Privacy and Data Handling Policy outlines how we collect, use, store, and share data in connection with our generative AI tool for construction material suppliers (“the Service”).

1. Types of Data We Handle

We handle two categories of data:

• Customer Data: Includes user-provided data such as inventory details, emails, order files, and business logic (e.g., prompt templates). This data is owned by the user and can be manually entered or integrated through third-party systems.
  • Ownership and Control: Users retain full ownership of Customer Data and can delete it at any time.
  • Usage: Used exclusively to tailor our services to individual users.
  • Isolation: Customer Data, any derived data, and models fine-tuned using this data are isolated and used solely for the specific tenant.
• Platform Data: Operational data collected to monitor and improve system health and performance. This data is anonymized and aggregated and does not overlap with Customer Data.

2. Data Collection and Usage

• Customer Data: Used to fine-tune services for individual users. Anonymized and aggregated data may be used for analytics or shared with third-party providers, such as LLM services, under strict data minimization principles.
• Platform Data: Used to enhance the overall performance and reliability of the Service.

3. Data Storage and Security

• Storage: Customer Data and Platform Data are stored in secure environments using industry-standard encryption for data at rest and in transit.
• Retention: Data is retained only as long as necessary to provide the Service or as required by law. Users can delete Customer Data at any time.
• Isolation: Customer Data and its derivatives are stored in tenant-isolated spaces and are never used for cross-tenant purposes.

4. Data Sharing

We may share data with third-party providers to enable the Service, including processing Customer Data through third-party LLM services. When sharing data:

• Data is anonymized and aggregated wherever possible.
• Only the minimum necessary data is shared to achieve the intended purpose.

5. User Rights

• Control Over Customer Data: Users have full control over their Customer Data, including the ability to edit or delete it at any time.
• Training and Opt-Out: The Service does not use Customer Data for platform-wide training.

6. Inference and Model Usage

User inputs and outputs are stored within tenant-isolated spaces. These inputs and outputs, along with any fine-tuned models, are used solely for the respective customer.

7. Security

We employ industry-standard security measures to protect data, including:

• Regular audits and updates to security protocols.
• Incident response plans to address unauthorized access or breaches.

8. Communication and Support

We will notify users of significant updates to this policy. For questions or concerns, users can contact our support team at [Support Contact Information].

9. Updates to this Policy

This Privacy and Data Handling Policy may be updated periodically to reflect changes in our practices or applicable laws. We encourage users to review this policy regularly.