Privacy Policy

Last updated: February 13, 2025

1. Introduction

CasmoAI ("CasmoAI," "we," "our," or "us") is committed to protecting the privacy and security of the personal information of our users ("you" or "your"). This Privacy Policy describes our practices concerning the collection, use, storage, disclosure, and protection of information obtained through the CasmoAI platform, website, and related services (collectively, the "Service").

By accessing or using the Service, you acknowledge that you have read, understood, and agree to the practices described in this Privacy Policy. If you do not agree with the terms of this policy, you must discontinue your use of the Service immediately. This Privacy Policy should be read in conjunction with our Terms of Service.

2. Information We Collect

We collect information from you in several ways, including information you provide directly, information collected automatically through your use of the Service, and information obtained from third-party sources.

2.1 Information You Provide Directly

  • Account registration information, including your full name, email address, and password
  • Organization and team details, including company name and role information
  • Documents, files, and other content you upload to the Service for processing
  • Chat messages, prompts, and other interactions with AI-powered features
  • Billing and payment information processed through our third-party payment processors
  • Communications you send to us, including support requests and feedback
  • Any other information you voluntarily provide through the Service

2.2 Information Collected Automatically

  • Usage data, including features accessed, pages viewed, actions taken, and timestamps of interactions
  • Device information, including browser type and version, operating system, device identifiers, and screen resolution
  • Network information, including Internet Protocol (IP) address and general geographic location
  • Referral data, including the URL that directed you to the Service
  • Log data, including server logs that record requests made to our systems

2.3 Information from Third Parties

We may receive information about you from third-party services you connect to the Service, authentication providers used for single sign-on, and publicly available sources. We may combine this information with data we collect directly from you.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • To provide, operate, maintain, and improve the Service and its features
  • To process your documents and deliver AI-powered extraction, review, and analysis results
  • To create, manage, and authenticate your account
  • To process transactions and send related billing information
  • To send you technical notices, service updates, security alerts, and administrative communications
  • To respond to your requests, comments, and questions and provide customer support
  • To monitor and analyze usage patterns and trends to improve user experience and Service performance
  • To detect, investigate, and prevent fraudulent transactions, unauthorized access, and other illegal or harmful activities
  • To comply with applicable legal obligations, regulations, and enforceable governmental requests
  • To enforce our Terms of Service and other agreements
  • To protect the rights, property, and safety of CasmoAI, our users, and the public

4. Document Processing and AI Usage

The core functionality of the Service involves processing documents and data using artificial intelligence and machine learning technologies. When you upload documents to CasmoAI, the following applies:

  • Your documents are processed using AI models to provide extraction, classification, review, and analysis capabilities
  • Documents and their extracted data are stored securely and are accessible only to you and authorized members of your organization
  • We do not use your uploaded documents or their contents to train, improve, or develop our AI models unless you provide explicit, affirmative consent to participate in such programs
  • AI-generated outputs, including extracted data, classifications, and review results, are provided on an "as-is" basis and may contain errors or inaccuracies
  • We may use anonymized, aggregated, and de-identified data derived from Service usage for the purpose of improving our technology and Service offerings, provided such data cannot reasonably be used to identify you or any individual

5. Data Sharing and Disclosure

We do not sell, rent, or trade your personal information to third parties for their commercial or marketing purposes. We may share your information only in the following limited circumstances:

  • With your consent: We may share your information when you have provided explicit consent to do so or at your direction
  • Service providers: We engage trusted third-party companies and individuals to perform services on our behalf, such as hosting, analytics, payment processing, and customer support. These providers have access only to the information necessary to perform their functions and are contractually obligated to protect your data
  • Legal compliance: We may disclose your information if required to do so by law, regulation, legal process, or enforceable governmental request, or if we believe in good faith that such disclosure is necessary to comply with applicable law
  • Protection of rights: We may disclose information to protect the rights, property, or safety of CasmoAI, our users, or the public, including to detect, prevent, or otherwise address fraud, security, or technical issues
  • Business transfers: In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control of your personal information
  • Within your organization: If you are part of a team or organization on CasmoAI, certain information and content may be visible to other authorized members of your organization as necessary to facilitate collaboration

6. Data Security

We implement and maintain reasonable administrative, technical, and physical safeguards designed to protect your personal information from unauthorized access, use, alteration, disclosure, or destruction. Our security measures include, but are not limited to:

  • Access controls that limit access to personal information to authorized personnel on a need-to-know basis
  • Regular security assessments and vulnerability testing of our systems and infrastructure
  • Secure software development practices and code review procedures
  • Monitoring of our systems for potential security incidents and unauthorized access attempts
  • Incident response procedures for promptly addressing and mitigating security events

While we take reasonable precautions to protect your information, no method of electronic transmission or storage is completely secure. We cannot guarantee the absolute security of your data, and you acknowledge that you provide your information at your own risk.

7. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes for which it was collected, including to satisfy any legal, accounting, or reporting requirements. The criteria we use to determine retention periods include:

  • The duration of your active account and use of the Service
  • Whether there is a legal obligation to which we are subject that requires retention
  • Whether retention is advisable in light of our legal position, such as with regard to applicable statutes of limitations, litigation, or regulatory investigations

Upon account deletion or upon your verified request, we will delete or anonymize your personal data within thirty (30) days, except where we are required by law to retain certain information or where retention is necessary for the establishment, exercise, or defense of legal claims.

8. Your Rights and Choices

Subject to applicable law and depending on your jurisdiction, you may have certain rights with respect to your personal information, including:

  • Right of access: You may request a copy of the personal information we hold about you
  • Right to rectification: You may request correction of inaccurate or incomplete personal information
  • Right to erasure: You may request deletion of your personal information, subject to certain legal exceptions
  • Right to data portability: You may request a copy of your data in a structured, commonly used, and machine-readable format
  • Right to restrict processing: You may request that we restrict the processing of your personal information under certain circumstances
  • Right to object: You may object to the processing of your personal information for certain purposes, including direct marketing
  • Right to withdraw consent: Where processing is based on your consent, you may withdraw that consent at any time without affecting the lawfulness of prior processing

To exercise any of these rights, please contact us at hasaan@casmoai.com. We will respond to your request within a reasonable timeframe and in accordance with applicable law. We may require verification of your identity before processing your request.

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to operate and administer the Service, gather usage data, and improve your experience. The types of cookies we use include:

  • Strictly necessary cookies: Required for the operation of the Service, including session management and authentication. These cookies cannot be disabled
  • Functional cookies: Used to remember your preferences and settings to enhance your experience
  • Analytics cookies: Used to collect information about how users interact with the Service, including pages visited, features used, and navigation patterns. This data helps us understand usage trends and improve the Service

You may control and manage cookies through your browser settings. Please note that disabling certain cookies may affect the functionality of the Service. We do not respond to Do Not Track (DNT) signals at this time, as there is no universally accepted standard for how to respond to such signals.

10. International Data Transfers

Your information may be transferred to, stored, and processed in countries other than the country in which you reside. These countries may have data protection laws that differ from the laws of your jurisdiction. By using the Service, you consent to the transfer of your information to such countries. We take appropriate steps to ensure that your personal information receives an adequate level of protection in the jurisdictions in which we process it.

11. Third-Party Services and Links

The Service may contain links to third-party websites, applications, or services that are not owned or controlled by CasmoAI. This Privacy Policy does not apply to third-party services, and we are not responsible for the privacy practices or content of such third parties. We encourage you to review the privacy policies of any third-party services you access through or in connection with the Service.

12. Children's Privacy

The Service is not directed to, and we do not knowingly collect personal information from, children under the age of sixteen (16). If we become aware that we have inadvertently collected personal information from a child under the age of 16, we will take reasonable steps to delete such information promptly. If you believe that a child under 16 has provided personal information to us, please contact us at hasaan@casmoai.com so that we can take appropriate action.

13. Changes to This Privacy Policy

We reserve the right to modify this Privacy Policy at any time. If we make material changes to this policy, we will notify you by posting the updated policy on this page and updating the "Last updated" date at the top. We may also provide additional notice through email or in-app notifications for significant changes. Your continued use of the Service following the posting of changes constitutes your acceptance of such changes. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

CasmoAI
Email: hasaan@casmoai.com

We will make every effort to respond to your inquiry in a timely manner and resolve any concerns you may have regarding the handling of your personal information.