Privacy Policy

To provide the IntujiOS platform effectively, we collect information across three main categories:

• Account and Profile Data: We collect information you provide directly to us when you create an account, modify your profile, or communicate with our support team. This includes your name, email address, job title, company name, phone number, and billing information.
• Service Usage Data: We automatically log information about your interactions with the Service. This includes IP addresses, device types, browser types, operating systems, session durations, page views, and specific platform interactions (e.g., records created, API calls made).
• Customer Data: As a B2B platform, you may upload, input, or integrate third-party data into IntujiOS (e.g., your clients' CRM data, financial records). This Customer Data is owned by you, and we process it strictly as a Data Processor according to these terms.

We strictly limit the use of collected information to the following purposes:

• Service Provisioning: To operate, maintain, authenticate, and provide the core functionality of the IntujiOS platform.
• Communication: To send transactional emails (e.g., password resets, notifications), security alerts, billing notices, and technical support messages.
• Analytics and Improvement: To monitor and analyze trends, usage, and activities in connection with our Service, allowing us to continuously improve the platform's performance and UX.
• Legal Compliance: To comply with applicable legal obligations, enforce our Terms of Service, and protect against fraudulent or illegal activity.

We do not sell, rent, or trade your personal information or Customer Data to third parties. We may share information only in the following limited circumstances:

• Service Providers: We employ trusted third-party companies (Sub-processors) to facilitate our Service, such as cloud hosting providers (e.g., Supabase, AWS), payment processors (e.g., Stripe), and transactional email services (e.g., Resend). These third parties are bound by strict confidentiality agreements.
• Legal Requirements: If required to do so by law, court order, or governmental authority, we may disclose your information, provided we attempt to notify you prior to disclosure (unless prohibited by law).
• Business Transfers: In connection with any merger, sale of company assets, financing, or acquisition, your information may be transferred as part of the transaction.

We implement enterprise-grade technical and organizational measures to secure your personal data from accidental loss and from unauthorized access, use, alteration, and disclosure. This includes AES-256 encryption at rest, TLS 1.2+ for data in transit, and strict role-based access controls (RBAC) across our infrastructure.

We retain your personal data and Customer Data only for as long as your account is active or as needed to provide you the Service. Upon termination of your account, you have the right to request a full export of your Customer Data. We will permanently delete your data within 30 days of account termination or upon your explicit written request, except where retention is mandated by law (e.g., financial records).

Depending on your jurisdiction, you have specific rights regarding your personal data. If you are a resident of the EEA, UK, or California, you possess the right to:

• Access: Request a copy of the personal data we hold about you.
• Rectification: Request correction of inaccurate or incomplete data.
• Erasure (Right to be Forgotten): Request the deletion of your personal data under certain conditions.
• Restriction/Objection: Request restricted processing or object to our processing of your personal data.
• Data Portability: Request the transfer of your data to another organization.

To exercise any of these rights, please contact our Data Protection Officer at [email protected]. We will respond to your request within the timeframe required by applicable law.

We may update this Privacy Policy from time to time to reflect changes in our practices or statutory requirements. If we make material changes, we will notify you by revising the "Last updated" date at the top of this policy and, in some cases, we may provide you with additional notice (such as adding a statement to the platform dashboard or sending you an email notification). We encourage you to review the Privacy Policy whenever you access the Service.