Atugil Intelligence ("Company", "we", "our", or "us") is committed to protecting your privacy, maintaining your trust, and upholding the highest standards of data protection. This Global Privacy Policy details our stringent protocols regarding the collection, use, disclosure, and safeguarding of your personal data when you interact with our websites, applications, and digital infrastructure (collectively, the "Services").
This document is architected to ensure comprehensive compliance with prevailing international data protection frameworks, including the General Data Protection Regulation (GDPR) for the European Economic Area and the UK, the California Privacy Rights Act (CPRA) amending the California Consumer Privacy Act (CCPA), the Virginia Consumer Data Protection Act (VCDPA), and the Personal Information Protection and Electronic Documents Act (PIPEDA).
For the purposes of this Policy, "Personal Data" means any information relating to an identified or identifiable natural person. "Processing" means any operation performed on Personal Data, whether or not by automated means, such as collection, recording, storage, adaptation, or destruction.
We adhere to the principle of data minimization. We only collect the precise data necessary to securely deliver our Services and maintain the integrity of our platform. We collect data through direct interactions (information you provide) and automated technologies (telemetry and edge routing).
| Data Category | Specific Data Points Collected | Purpose of Processing | Lawful Basis (GDPR Art. 6) |
|---|---|---|---|
| Identity & Contact Data | Email address. | To authenticate your identity, secure your placement on the waitlist, and deliver transactional product communications. | Explicit Consent |
| Behavioral Telemetry | Anonymous hardware interaction variance (e.g., localized mouse or touch heuristics), generated entropy hashes. | To perform zero-power human verification, generating a temporary "Human Score" to mitigate automated bot attacks and API abuse. | Legitimate Interest |
| Network & Edge Data | IP addresses, browser User-Agent strings, geographic region (country/city level), edge-server connection timestamps. | To optimize global latency, route traffic to the nearest secure data center, and provide Distributed Denial of Service (DDoS) protection. | Legitimate Interest |
Our website utilizes a Consent Management Platform (Cookiebot) to give you absolute control over non-essential tracking technologies. However, to ensure the fundamental security and functionality of our platform, we deploy "Strictly Necessary" cookies and edge-processing analytics.
Our web infrastructure is distributed globally via Cloudflare. As part of this zero-trust architecture, Cloudflare may collect aggregate, non-identifying web analytics and place a strictly necessary security cookie (e.g., __cf_bm) on your device. This cookie is used exclusively for Bot Management and Web Application Firewall (WAF) rule enforcement. It does not track your behavior across other websites and is exempt from prior consent requirements under the ePrivacy Directive, though we disclose its presence here in the interest of absolute transparency.
We categorically do not sell, rent, or monetize your personal data. We share information exclusively with enterprise-grade sub-processors under strict Data Processing Agreements (DPAs) that legally bind them to confidentiality and GDPR compliance. Our authorized sub-processors include:
As a global AI entity, your data may be transferred to, and processed in, data centers located outside of your country of residence (including the United States). Whenever we transfer Personal Data originating from the European Economic Area (EEA), the UK, or Switzerland to third countries, we ensure a legally equivalent degree of protection is afforded by utilizing the European Commission's approved Standard Contractual Clauses (SCCs) or verifying that our processors are certified under the EU-U.S. Data Privacy Framework.
We retain your Personal Data only for as long as reasonably necessary to fulfill the purposes outlined in this Policy. Specifically:
We believe privacy is a fundamental human right. Regardless of your jurisdiction, we extend the following comprehensive data rights to all users:
Under the California Privacy Rights Act (CPRA), California residents are afforded specific disclosures:
We employ military-grade organizational and technical measures to safeguard your data. This includes End-to-End Encryption (using TLS 1.3 in transit and AES-256 at rest), strict Role-Based Access Controls (RBAC), and continuous threat monitoring. While no internet-based service can guarantee absolute security, in the unlikely event of a data breach that materially compromises your rights, we will notify you and the relevant supervisory authorities within 72 hours, in strict compliance with GDPR Article 33.
Our Services are inherently designed for adult professionals and are not directed to individuals under the age of sixteen (16). We do not knowingly collect personal information from minors. If we become aware that we have inadvertently collected data from a child under 16 without verifiable parental consent, we will take immediate steps to permanently delete such information from our infrastructure.
We reserve the right to update or modify this Privacy Policy to reflect changes in our operational practices, technological advancements, or legal mandates. Material changes will be communicated prominently on our website and by updating the "Effective Date" at the top of this document.
If you have any questions, concerns, or requests to exercise your data rights, please contact our dedicated privacy team directly. We are committed to addressing all inquiries promptly and transparently.