Privacy Policy

Personal information you disclose to us

We collect personal information that you voluntarily provide to us when you register on the Services, express an interest in obtaining information about us or our products and Services, when you participate in activities on the Services, or otherwise when you contact us. Personal information we collect may include: names, phone numbers, email addresses, mailing addresses, job titles, usernames, passwords, contact preferences, contact or authentication data, billing addresses, and debit/credit card numbers. Sensitive Information: When necessary, with your consent or as otherwise permitted by applicable law, we process the following categories of sensitive information: financial data, biometric data, and social security numbers or other government identifiers. Payment Data: We may collect data necessary to process your payment if you choose to make purchases. All payment data is handled and stored by Stripe, PayPal, Plaid, and Solana. You may find their privacy notices at: stripe.com/privacy, paypal.com, plaid.com/legal, and solana.com/privacy-policy. Social Media Login Data: We may provide you with the option to register with us using your existing social media account details such as Facebook or X. Application Data: If you use our application(s), we may collect geolocation information, mobile device access and permissions, mobile device data (device ID, model, OS version, IP address), and push notification preferences.

Information automatically collected

We automatically collect certain information when you visit, use, or navigate the Services. This includes Log and Usage Data (IP address, browser type, pages viewed, timestamps), Device Data (device identifiers, hardware model, OS, ISP), and Location Data (device location based on IP address or GPS). Like many businesses, we also collect information through cookies and similar technologies.

Google API

Our use of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.

Information collected from other sources

We may collect limited data from public databases, marketing partners, social media platforms, and other outside sources — including mailing addresses, job titles, email addresses, phone numbers, intent data, IP addresses, social media profiles, and custom profiles — to enhance our ability to provide relevant marketing, offers, and services to you.

We process your personal information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law. Specific purposes include: • Facilitate account creation, authentication, and account management • Deliver and facilitate delivery of services to the user • Respond to user inquiries and offer support • Send administrative information, product updates, and policy changes • Fulfill and manage your orders, payments, returns, and exchanges • Enable user-to-user communications • Request feedback about your use of our Services • Send you marketing and promotional communications (per your preferences) • Deliver targeted advertising tailored to your interests • Protect our Services through fraud monitoring and prevention • Identify usage trends to improve our Services • Determine the effectiveness of our marketing campaigns • Save or protect an individual's vital interest

EU & UK (GDPR)

We rely on the following legal bases: Consent (which you may withdraw at any time), Performance of a Contract, Legitimate Interests (such as improving our Services, preventing fraud, marketing to users), Legal Obligations, and Vital Interests.

Canada

We may process your information if you have given us express or implied consent. You can withdraw your consent at any time. In some exceptional cases, we may be legally permitted under applicable law to process your information without your consent (e.g., fraud detection, business transactions, legal obligations, public interest).

Third-Party Service Providers

We may share your data with vendors, service providers, contractors, or agents who perform services for us. Categories include: Ad Networks, Affiliate Marketing Programs, AI Platforms, Cloud Computing Services, Communication & Collaboration Tools, Data Analytics Services, Data Storage Providers, Finance & Accounting Tools, Government Entities, Payment Processors, Performance Monitoring Tools, Retargeting Platforms, Sales & Marketing Tools, Social Networks, Testing Tools, User Account Registration & Authentication Services, and Website Hosting Providers.

Other Situations

We may also share personal information in connection with: Business Transfers (mergers, acquisitions, financing), Google Maps Platform API usage (location cached on your device), with Affiliates (parent company, subsidiaries, joint ventures), Business Partners (for products, services, or promotions), Other Users (when you post public content), and third-party hosted Offer Walls on our application(s).

The Services may link to third-party websites, online services, or mobile applications. We are not responsible for the content, privacy practices, or security of any third-party websites. Inclusion of a link does not imply endorsement by us. Any data you provide to third parties is not covered by this Privacy Notice.

We may use cookies and similar tracking technologies (like web beacons and pixels) to gather information when you interact with our Services. We also permit third parties to use online tracking technologies for analytics and advertising purposes. We may share your information with Google Analytics, including Advertising Features such as Remarketing with Google Analytics, Google Display Network Impressions Reporting, and Demographics and Interests Reporting. To opt out of Google Analytics tracking, visit tools.google.com/dlpage/gaoptout. Specific information about our use of cookies is set out in our Cookie Notice.

We offer products, features, or tools powered by artificial intelligence, machine learning, or similar technologies ("AI Products"). These are provided through third-party AI Service Providers including Grok (xAI), Anthropic, Meta, Mistral, DeepSeek, Google, Perplexity, OpenAI, and others. Before we send your personal data to any AI Service Provider, we ask for your in-app consent. We tell you what data will be sent, to whom, and how it is used. You may agree or decline — if you decline, that feature will not send your data to the AI. Our AI Products cover: AI automation, AI applications, AI bots, AI development & deployment, document generation, insights, predictive analytics, research, search, translation, blockchain, image & video analysis and generation, IoT, machine learning models, natural language processing, and text analysis.

Our Services offer you the ability to register and log in using your third-party social media account details (like your Facebook or X logins). We will receive certain profile information from your social media provider — typically your name, email address, friends list, and profile picture. We will use the information we receive only for the purposes described in this Privacy Notice. We are not responsible for other uses of your personal information by your third-party social media provider, and we recommend you review their privacy notice.

Our servers are located in the United States. If you access our Services from outside the United States, your information may be transferred to, stored by, and processed by us in the United States and other countries. If you are a resident of the EEA, UK, or Switzerland, we have implemented the European Commission's Standard Contractual Clauses to protect your personal information. These clauses require all recipients to protect personal information originating from the EEA or UK in accordance with European data protection laws. Our Standard Contractual Clauses can be provided upon request.

We will only keep your personal information for as long as it is necessary for the purposes set out in this Privacy Notice, unless a longer retention period is required by law. No purpose in this notice will require us to keep your personal information for longer than eighty-four (84) months past the termination of your account. When we have no ongoing legitimate business need to process your personal information, we will delete or anonymize it, or, if this is not possible (e.g., information stored in backup archives), securely store it and isolate it from any further processing until deletion is possible.

We have implemented appropriate and reasonable technical and organizational security measures designed to protect the security of any personal information we process. However, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure. Although we will do our best to protect your personal information, transmission of personal information to and from our Services is at your own risk. You should only access the Services within a secure environment.

EEA, UK, Switzerland & Canada

You may have the right to: (i) request access and obtain a copy of your personal information, (ii) request rectification or erasure, (iii) restrict the processing of your personal information, (iv) data portability, and (v) not be subject to automated decision-making. You can also object to processing in certain circumstances. If you are in the EEA or UK and believe we are unlawfully processing your personal information, you have the right to complain to your Member State data protection authority or UK data protection authority. If in Switzerland, you may contact the Federal Data Protection and Information Commissioner.

Withdrawing Consent & Opting Out

You can withdraw consent at any time by contacting us using the details in Section 16. You can unsubscribe from marketing at any time by clicking the unsubscribe link in emails, replying "STOP" to SMS messages, or contacting us directly. No mobile information will be shared with third parties or affiliates for marketing or promotional purposes. Information sharing to subcontractors in support services (such as customer service) is permitted.

Account Information

You can log in to your account settings to review or change your information or terminate your account at any time. Upon your request to terminate your account, we will deactivate or delete your account and information from our active databases, though we may retain some information to prevent fraud or comply with legal requirements. Questions about your privacy rights? Email us at legal@aphid.com.

Most web browsers and some mobile operating systems and applications include a Do-Not-Track ("DNT") feature. At this stage, no uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. California law requires us to disclose how we respond to web browser DNT signals. Because there is no industry or legal standard for recognizing or honoring DNT signals, we do not respond to them at this time.

Applicable States

If you are a resident of California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, or Virginia, you may have specific privacy rights under applicable state law.

Your Rights

These rights include: right to know whether we are processing your personal data, right to access your personal data, right to correct inaccuracies, right to request deletion, right to obtain a copy of personal data you previously shared with us, right to non-discrimination for exercising your rights, and right to opt out of processing for targeted advertising, sale of personal data, or profiling. Depending on your state, additional rights may apply (e.g., obtaining a list of third parties to whom we've disclosed data in California, Delaware, Maryland, Minnesota, and Oregon; reviewing how personal data has been profiled in Minnesota; limiting use of sensitive data in California; opting out of voice or facial recognition feature data collection in Florida).

How to Exercise Your Rights

To exercise these rights, submit a data subject access request, visit aphid.com/contact, or use the contact details in Section 16. You can opt out of the selling of your personal information, targeted advertising, or profiling by disabling cookies in Cookie Preference Settings. You may also designate an authorized agent to make a request on your behalf. We may deny a request from an authorized agent that does not submit proof of valid authorization.

California "Shine The Light" Law

California Civil Code Section 1798.83 permits California residents to request, once a year and free of charge, information about categories of personal information (if any) we disclosed to third parties for direct marketing purposes. Submit such requests in writing using the contact details in Section 16.

Yes, we will update this notice as necessary to stay compliant with relevant laws. The updated version will be indicated by an updated "Last updated" date at the top of this Privacy Notice. If we make material changes, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this Privacy Notice frequently.

If you have questions or comments about this notice, you may contact our Data Protection Officer (DPO): Email: legal@aphid.com Aphid AI Inc. Data Protection Officer 333 Washington Blvd #229 Marina Del Rey, CA 90292 United States

Based on the applicable laws of your country or state of residence, you may have the right to request access to the personal information we collect from you, details about how we have processed it, correct inaccuracies, or delete your personal information. You may also have the right to withdraw your consent to our processing of your personal information. These rights may be limited in some circumstances by applicable law. To request to review, update, or delete your personal information, please submit a data subject access request or contact us at legal@aphid.com.