This Privacy Notice for FlexAI ("we," "us," or "our"), incorporates and is incorporated into our Terms of Use (“Terms”) [link]. This policy describes how and why we access, collect, store, use, and/or share ("Process") your personal information when you use our services ("Services"), including when you:
This Privacy Policy acts as legal notice of your privacy rights and will help you understand those rights and how to exercise them. We draw a distinction between Client Data and End User Data as defined in the Terms of Use or Terms.
Additional terms as defined in the GDPR under Article 4 are incorporated into this document and can be found here: https://gdpr-info.eu/art-4-gdpr/
With respect to your Client Data (workloads, etc.) as defined in our Terms, we are a Data Processor acting on your behalf.
With respect to your End User Data as defined in our Terms, we are a Data Controller, responsible for making decisions about how your personal information is processed.
If you do not agree with our policies and practices including our Terms of Use, Acceptable Use Policy, or this Privacy Policy, please do not use our Services. If you still have any questions or concerns, please contact us at legal@flex.ai.
What personal information do we process? We process End User information that you provide to us. For example, if you sign up for more information, we process your email address. We may also process information required to keep our systems running smoothly which may include information about the type of browser you use or your IP address.
We do not process any End User Data that is sensitive personal information. Some information may be considered "special" or "sensitive" in certain jurisdictions, for example your racial or ethnic origins, sexual orientation, and religious beliefs. We do not process sensitive personal information.
Do we collect any End User information from third parties? We may collect information from public databases, marketing partners, social media platforms, and other outside sources for marketing purposes, but this data is not used in the Provision of Services.
Why do we process your End User information? We process your End User information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with the law. We may also process your information for other purposes with your consent. We process your information only when we have a valid legal reason to do so.
We do not look at the contents of your workloads (Client Data) unless you ask us to. With respect to your Client Data meaning workloads, training data, or other data processed by our Services, we process your data in the sense that we manage the data at the workload level. Your Client Data is encrypted at rest and in transit and we do not look at it unless you explicitly ask us to, for example, if you required support and asked us to look at the contents of a dataset we may see the data incidentally but would not record or keep or use that data for any reason.
We use commercially reasonable and industry best practices to protect your personal information. No electronic transmission over the internet or information storage technology can be completely guaranteed to be secure. So, we cannot guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information.
What are your rights? Depending on where you are located geographically, the applicable privacy law may mean you have certain rights regarding your personal information.
How do you exercise your rights? The easiest way to exercise your rights is by contacting us. We will consider and act upon any request in accordance with applicable data protection laws.
Information you provide to us: including company name, your name, email address, phone number, and payment/billing information such as address and payment method.
Including device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, general location, information about how and when you use our Services, and other technical information. This information is primarily needed to maintain the security and operation of our Services, and for our internal analytics and reporting purposes.
Like many businesses, we also collect information through cookies and similar technologies. You can find out more about this in our Cookie Notice.[link]
The information we collect includes:
Our website(s) may use Cookies and other tracking technologies such as beacons or pixels and share user information with 3rd parties for analytics and marketing purposes when you provide consent for us to do so via our Opt In notices where these technologies are used. Some online tracking technologies help us maintain the security of our Services, prevent crashes, fix bugs, save your preferences, and assist with basic site functions. We also permit third parties and service providers to use online tracking technologies on our Services for analytics to track user behavior on our site.
Data Collection tools we use may include: Google Analytics, Facebook Connect, Linkedin Analytics, and others.
Our Services (SaaS and PaaS as defined in our Terms [link]) do not use these technologies. We may share operational or utilization information with our Sub Processors to improve or fix our Services. These Sub Processors will have at least the same level of Privacy protections that we do.
Any breach of these Intellectual Property Rights will constitute a material breach of our Legal Terms and your right to use our Services will terminate immediately.
We process your personal information for a variety of reasons, depending on how you interact with our Services, including:
Consent. We collect the End User information you provide to us with the intent of using our Services/sites based on your consent. Your consent comes in the form of an opt in or by placing an order with us. You can withdraw your consent at any time (see “Withdrawing Your Consent” below).
Vendors, Consultants, and Other Third-Party Service Providers. We may share your data with third-party vendors, service providers, contractors, or agents ("third parties") who perform services for us or on our behalf and require access to such information to do their work. We have contracts in place with our third parties, which are designed to help safeguard your personal information. This means that they cannot do anything with your personal information unless we have instructed them to do so. They will also not share your personal information with any organization apart from us. They also commit to protect the data they hold on our behalf and to retain it for the period we instruct. Third parties are required to maintain the same level of protection as we have.
We also may need to share your personal information in the following situations:
Your End User Information and Client Data may be transferred to a country different than the country where you live. If we transfer personal information which originates in the European Economic Area, Switzerland, and/or the United Kingdom to a country that does not have an adequate level of protection under applicable data protection laws, one of the safeguards we may use to support such transfer is the EU Standard Contractual Clauses available here: https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32021D0914#enc_1where you are the Data Exporter and we are the Data Importer, and we are a Controller for your End User Data (personal data), and Processor for your Client Data (workloads, models, weights,...). .
Upon request, we will provide you with access to the personal information that we hold about you. You may also correct, amend, or delete the personal information we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under the Data Privacy Framework, should direct their query to legal@flex.ai. If requested to remove data, we will respond within a reasonable timeframe.
We will only keep your personal information for as long as it is necessary for the purposes set out in this Privacy Notice, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements).
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize such information, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until the archive ages out or deletion is possible.
We have implemented appropriate and reasonable technical and organizational security measures designed to protect the security of any personal information we process. However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. Although we will do our best to protect your personal information, transmission of personal information to and from our Services is at your own risk.
We do not knowingly collect, solicit data from, or market to children under 18 years of age, nor do we knowingly sell such personal information. By using the Services, you represent that you are at least 18 or that you are the parent or guardian of such a minor and consent to such minor dependent’s use of the Services. If we learn that personal information from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we may have collected from children under age 18, please contact us at legal@flex.ai.
In some regions (like California, the EEA, UK, Switzerland, and Canada), you have certain rights under applicable data protection laws. These may include the right (i) to request access and obtain a copy of your personal information, (ii) to request rectification or erasure; (iii) to restrict the processing of your personal information; (iv) if applicable, to data portability; and (v) not to be subject to automated decision-making. In certain circumstances, you may also have the right to object to the processing of your personal information. You can make such a request by contacting us by email at legal@flex.ai or at the contact address on this site. We will consider and act upon any request in accordance with applicable data protection laws.
Withdrawing your consent: You have the right to withdraw your consent for our processing of your information at any time. Even if you are not in a jurisdiction that requires it, we will remove your data upon your request. You can withdraw your consent at any time by contacting us by using the contact details provided on this site or by email at legal@flex.ai.
However, please note that this will not affect the lawfulness of the processing before its withdrawal nor, when applicable law allows, will it affect the processing of your personal information conducted in reliance on lawful processing grounds other than consent.
Disabling Cookies: Most Web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove cookies and to reject cookies. If you choose to remove cookies or reject cookies, this could affect certain features or services of our Services. For further information, please see our Cookie Notice: [link].
If you have questions or comments about your privacy rights, you may email us at legal@flex.ai.
Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track ("DNT") feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. At this stage, no uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this Privacy Notice.
California law requires us to let you know how we respond to web browser DNT signals. Because there currently is not an industry or legal standard for recognizing or honoring DNT signals, we do not respond to them at this time.
US states have varying degrees of Privacy Protections. Check with your state’s laws.
We have collected the following categories of personal information in the past twelve (12) months:
We may also collect other personal information outside of these categories through instances where you interact with us in person, online, or by phone or mail in the context of:
Category
A. Identifiers
Examples
Contact details, such as real name, postal address, telephone or mobile contact number, unique personal identifier, online identifier, Internet Protocol address, email address, and account name
Collected
YES
We will use and retain the collected personal information as needed to provide the Services or for:
We may use your personal information for our own business purposes, such as for undertaking internal research for technological development and demonstration. This is not considered to be "selling" your personal information.
We have disclosed personal information to third parties for a business or commercial purpose in the preceding twelve (12) months:
We have shared the following categories of personal information to third parties in the preceding twelve (12) months:
You have rights under certain US state data protection laws. However, these rights are not absolute, and in certain cases, we may decline your request as permitted by law. These rights include:
Depending upon the state where you live, you may also have the following rights:
To exercise these rights, you can contact us by emailing us at legal@flex.ai or by referring to the contact details at the bottom of this document.
You can opt out generally from the selling of your personal information, targeted advertising, or profiling by disabling cookies in Cookie Preference Settings.
Under certain US state data protection laws, you can designate an authorized agent to make a request on your behalf. We may deny a request from an authorized agent that does not submit proof that they have been validly authorized to act on your behalf in accordance with applicable laws.
Upon receiving your request, we will need to verify your identity to determine you are the same person about whom we have the information in our system. We will only use personal information provided in your request to verify your identity or authority to make the request. However, if we cannot verify your identity from the information already maintained by us, we may request that you provide additional information for the purposes of verifying your identity and for security or fraud-prevention purposes.
If you submit the request through an authorized agent, we may need to collect additional information to verify your identity before processing your request and the agent will need to provide a written and signed permission from you to submit such request on your behalf.
Under certain US state data protection laws, if we decline to take action regarding your request, you may appeal our decision by emailing us at legal@flex.ai. We will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If your appeal is denied, you may submit a complaint to your state attorney general.
California Civil Code Section 1798.83, also known as the "Shine The Light" law, permits our users who are California residents to request and obtain from us, once a year and free of charge, information about categories of personal information (if any) we disclosed to third parties for direct marketing purposes and the names and addresses of all third parties with which we shared personal information in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please submit your request in writing to us by email at legal@flex.ai.
We will update this Privacy Notice from time to time. The updated version will be indicated by an updated "Revised" date at the top of this Privacy Notice. If we make material changes to this Privacy Notice, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this Privacy Notice frequently to be informed of how we are protecting your information.
Based on the applicable laws of your country or state of residence in the US, you may have the right to request access to the personal information we collect from you, details about how we have processed it, correct inaccuracies, or delete your personal information. You may also have the right to request we limit the use or disclosure of your personal information or withdraw your consent to our processing of your personal information. These rights may be limited in some circumstances by applicable law. To request to review, update, or delete your personal information, please email us at legal@flex.ai.
If you have questions or comments about this notice, you may email us at legal@flex.ai or contact us by post at:
FlexAI SAS
9 Rue des Colonnes, 75002 Paris, France
Paris, Île-de-France 75002
France
