Privacy & Terms

Privacy Policy

How Aurict handles data, governance, and your rights. This summary complements your MSA or online terms.

Who we are

  • Aurict builds B2B SaaS including MicroTarget (real-time on-device ML) and AI Act OS (regulation-grade AI delivery). We act as controller for our own sites/app telemetry and as processor for customer-provided data.

What data we collect

  • Site telemetry: device/IP (truncated), timestamps, pages, referrers, coarse location, performance metrics.
  • Product usage (logged-in): auth identifiers, role/tenant, feature flags, event streams (actions, latency, errors).
  • Support and business records: email content, tickets, contracts, billing contact, audit trails of admin actions.
  • No sensitive categories unless explicitly agreed; we discourage uploading such data.

Why we process data

  • Provide and secure the services (authentication, fraud/abuse prevention, debugging, incident response).
  • Performance and reliability monitoring; capacity planning and optimization.
  • Compliance: audit trails, access logs, policy enforcement, safety guardrails in AI Act OS.
  • Customer support and communications, including critical service notifications.
  • Research and improvement with privacy-preserving techniques (aggregation, minimization, on-device inference).

Legal bases

  • Contract necessity for service delivery and support.
  • Legitimate interests for security, fraud prevention, and service improvement, balanced against user rights.
  • Consent where required (e.g., non-essential cookies/trackers in applicable jurisdictions).
  • Legal obligations for record-keeping, safety, and regulatory compliance.

Retention

  • Operational logs: typically 90-180 days unless security investigations require longer.
  • Audit and compliance records: retained per legal/contractual requirements.
  • Product data stored for as long as the customer account is active or as required to deliver the service.
  • Data is deleted or irreversibly anonymized at end of retention periods; backups age out on a rolling schedule.

Security

  • Zero trust principles, least privilege, MFA, and hardware-backed keys for sensitive operations.
  • Network segmentation, encryption in transit (TLS) and at rest.
  • Continuous monitoring, alerting, and documented incident response with customer notification commitments.
  • AI Act OS guardrails compile policies into pipelines; MicroTarget runs on-device when feasible to minimize exfil.

Cookies & tracking

  • Essential cookies for auth/session and security; optional analytics with reduced identifiers where allowed.
  • You can disable non-essential cookies in browser settings; essential cookies are required to operate the service.

Data sharing & transfers

  • Processors/subprocessors for hosting, monitoring, email/support tooling; bound by DPAs and confidentiality.
  • Cross-border transfers use appropriate safeguards (e.g., SCCs or equivalent) where applicable.
  • No selling of personal data; no third-party advertising trackers in product surfaces.

Your rights (where applicable)

  • Access, rectification, erasure, restriction, objection, and portability subject to law and contractual scope.
  • Opt-out of non-essential analytics where required by jurisdiction.
  • Appeal and complaint rights with your local supervisory authority.
  • Exercising rights: contact support@aurict.com; we may need to verify identity and scope via your tenant admin.

Customer responsibilities

  • Configure role-based access, retention, and redaction settings offered by the platform.
  • Avoid uploading sensitive data unless contractually permitted and properly safeguarded.
  • Provide end-user notices and obtain consents where you act as controller using Aurict services.

AI and model governance

  • MicroTarget: on-device inference where possible; models receive only minimized features; guardrails enforce policies set by customers.
  • AI Act OS: maintains lineage, consent, and risk ledgers; supports conformity assessments and red-team automation.
  • We do not use customer data to train global models unless explicitly agreed in writing.

Third-party services

  • Hosting, storage, monitoring, email/support tooling, CI/CD. A current list of processors is available on request from support@aurict.com.
  • Third parties are bound to process data only per our instructions and applicable laws.

Children

  • Services are not directed to children; we do not knowingly collect data from individuals under applicable minimum age.

Changes

  • We may update this policy; material changes will be communicated via product notices or email where appropriate.

Contact

  • support@aurict.com for privacy requests, data subject rights, security reports, and compliance inquiries.

Terms of Use (summary)

  • Use the services only as permitted by contract and law; no abuse, infringement, or unauthorized access.
  • You retain ownership of your content; you grant Aurict rights necessary to operate and secure the service.
  • Services provided “as is” except as specified in contract; liability and remedies are governed by the applicable agreement.
  • Export control and sanctions compliance apply; you are responsible for lawful use in your jurisdictions.
  • For the full binding terms, refer to your Master Service Agreement (MSA) or the online Terms linked in your order form.

Need to reach us?

Contact Aurict privacy and support teams. We respond to rights requests, DPAs, and security reports.

support@aurict.comBack to Home →