Advanced Step AI

Privacy Policy

Last updated: March 15, 2024

Introduction and Scope

At Advanced Step AI, we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered internet safety platform and related services ("Services").

This policy applies to all users of our platform, including visitors to our website, registered users, and customers of our premium services. By using our Services, you agree to the collection and use of information in accordance with this policy. We will not use or share your information with anyone except as described in this Privacy Policy.

We understand that privacy is fundamental to trust, and trust is essential for effective cybersecurity. This policy reflects our commitment to transparency and our respect for your privacy rights under applicable data protection laws, including GDPR, CCPA, and other relevant regulations.

Information We Collect

Personal Information You Provide

We collect personally identifiable information that you voluntarily provide to us when you:

  • Register for our services or create an account
  • Contact us for support or inquiries
  • Subscribe to our newsletters, alerts, or updates
  • Participate in surveys, feedback forms, or user research
  • Attend webinars, training sessions, or other events
  • Apply for employment or partnership opportunities
  • Make purchases or payments for premium services

This information may include your name, email address, phone number, company information, job title, billing address, payment information, and any other information you choose to provide.

Automatically Collected Information

We automatically collect certain information when you use our Services:

  • URLs submitted for safety analysis and risk assessment
  • Device information including browser type, operating system, and device identifiers
  • IP address, location data, and network information
  • Usage patterns, feature interactions, and navigation behavior
  • Log files, error reports, and performance metrics
  • Cookies and similar tracking technologies data
  • Referral sources and marketing campaign interactions

Third-Party Information

We may receive information about you from third-party sources, including:

  • Threat intelligence feeds and security databases
  • Public records and domain registration information
  • Business partners and integration providers
  • Social media platforms (only if you choose to connect them)
  • Marketing and analytics service providers

How We Use Your Information

We use the collected information for various legitimate business purposes:

  • Service Provision: To provide, maintain, and improve our AI-powered safety assessments, risk analysis, and security guidance
  • Communication: To respond to your inquiries, provide customer support, and send important service notifications
  • Security and Safety: To detect, prevent, and address technical issues, security threats, and fraudulent activities
  • Analytics and Improvement: To understand how our Services are used, identify trends, and improve user experience
  • Legal Compliance: To comply with applicable laws, regulations, and legal processes
  • Marketing and Outreach: To send promotional materials, newsletters, and relevant security updates (with your consent)
  • Research and Development: To develop new features, improve our AI algorithms, and advance cybersecurity research
  • Business Operations: To manage accounts, process payments, and conduct internal business operations
  • Personalization: To customize your experience and provide relevant content and recommendations

Legal Basis for Processing

We process your personal information based on the following legal grounds:

  • Consent: Where you have given clear consent for specific processing activities
  • Contract Performance: To fulfill our contractual obligations and provide requested services
  • Legitimate Interests: For our legitimate business interests, including security, fraud prevention, and service improvement
  • Legal Obligation: To comply with applicable laws and regulatory requirements
  • Vital Interests: To protect the vital interests of individuals in emergency situations

Information Sharing and Disclosure

We do not sell, trade, or otherwise transfer your personal information to third parties except in the following circumstances:

  • Service Providers: We may share information with trusted third-party service providers who assist us in operating our platform, conducting business, or serving users, provided they agree to keep information confidential
  • Business Partners: With partners who provide complementary services, but only with your explicit consent
  • Legal Requirements: When required by law, court order, or government request, or to protect our rights, property, and safety
  • Business Transfers: In connection with mergers, acquisitions, or sale of assets, where user information may be transferred as part of the business
  • Threat Intelligence: Anonymous, aggregated threat data may be shared with cybersecurity community for research purposes
  • Emergency Situations: To prevent harm to individuals or respond to security incidents
  • Consent: With your explicit consent for specific sharing purposes

Data Security Measures

We implement comprehensive technical and organizational security measures to protect your personal information:

  • Encryption: Data is encrypted in transit using TLS/SSL and at rest using industry-standard encryption algorithms
  • Access Controls: Strict access controls and authentication mechanisms limit data access to authorized personnel only
  • Security Monitoring: Continuous monitoring systems detect and respond to potential security threats
  • Regular Audits: Regular security assessments, penetration testing, and compliance audits
  • Employee Training: Comprehensive training programs on data protection practices and security protocols
  • Incident Response: Established procedures for detecting, responding to, and recovering from security incidents
  • Data Minimization: We collect and retain only the minimum data necessary for our stated purposes
  • Secure Infrastructure: Use of secure cloud infrastructure with industry-leading security certifications

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee absolute security.

Your Privacy Rights and Choices

You have certain rights regarding your personal information, which may vary depending on your location:

  • Access: You can request access to the personal information we hold about you, including details about how it's processed
  • Correction: You can request correction of inaccurate or incomplete information
  • Deletion: You can request deletion of your personal information, subject to legal and contractual requirements
  • Portability: You can request a copy of your data in a structured, machine-readable format
  • Restriction: You can request restriction of processing under certain circumstances
  • Objection: You can object to processing based on legitimate interests or for direct marketing purposes
  • Opt-out: You can opt out of marketing communications at any time
  • Withdraw Consent: Where processing is based on consent, you can withdraw it at any time
  • Lodge Complaints: You can file complaints with relevant data protection authorities

To exercise these rights, please contact us using the information provided below. We will respond to your request within the timeframes required by applicable law.

Data Retention Policies

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Our retention periods are based on:

  • Account Information: Retained while your account is active and for a reasonable period after closure
  • Transaction Records: Retained for accounting and legal compliance purposes, typically 7 years
  • Support Communications: Retained for 3 years to provide ongoing support and improve services
  • Marketing Data: Retained until you opt out or for 2 years of inactivity
  • Security Logs: Retained for 1 year for security monitoring and incident response
  • Analytics Data: Aggregated and anonymized data may be retained indefinitely for research purposes

When we no longer need your information, we will securely delete or anonymize it using industry-standard data destruction methods.

International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure that such transfers comply with applicable data protection laws through:

  • Adequacy Decisions: Transfers to countries with adequate data protection as determined by relevant authorities
  • Standard Contractual Clauses: Use of approved contractual clauses for transfers to countries without adequacy decisions
  • Binding Corporate Rules: Internal policies ensuring consistent data protection across our organization
  • Certification Programs: Participation in recognized data protection certification programs

Children's Privacy Protection

Our Services are not intended for children under the age of 13 (or 16 in the European Union). We do not knowingly collect personal information from children under these ages. If we become aware that we have collected personal information from a child under the applicable age without parental consent, we will take steps to delete such information promptly.

Parents and guardians who believe their child has provided personal information to us should contact us immediately. We encourage parents to monitor their children's internet usage and to help enforce this policy by instructing their children never to provide personal information without permission.

California Privacy Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: You can request information about the categories and specific pieces of personal information we collect
  • Right to Delete: You can request deletion of your personal information, subject to certain exceptions
  • Right to Opt-Out: You can opt out of the sale of personal information (note: we do not sell personal information)
  • Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights

To exercise these rights, please contact us using the methods described in this policy. We may need to verify your identity before processing your request.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by:

  • Posting the updated Privacy Policy on our website with a new "Last updated" date
  • Sending email notifications to registered users for significant changes
  • Providing in-app notifications or prominent website notices
  • Obtaining your consent where required by applicable law

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Contact Information

If you have any questions about this Privacy Policy, our privacy practices, or wish to exercise your privacy rights, please contact us:

Phone: +1 726 381 5904

Email: [email protected]

Address: 4247 Big Meadows St, San Antonio, TX 78230, USA

Data Protection Officer: [email protected]

We are committed to resolving any privacy concerns you may have. We will acknowledge receipt of your inquiry within 48 hours and provide a substantive response within 30 days, or as required by applicable law.