Privacy Policy

Effective Date: January 25, 2025

1. Introduction

Precise.ai ("Precise," "we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard information when you use our federated intelligence platform.

Key Principle: We are a privacy-preserving infrastructure provider. We do not collect, store, or have access to the underlying data that flows through our federated queries.

2. Our Role in Data Processing

Precise acts as a data processor, not a data controller or data broker.

This means:

  • We process data only on behalf of and under the instructions of data controllers
  • We do not determine the purposes or means of data processing
  • We do not sell, rent, or trade any data
  • We enable privacy-preserving queries without accessing raw data

3. Information We Collect

3.1 Account Information

When you create an account, we collect:

  • Name and email address
  • Company information
  • Billing details (processed by our payment provider)
  • Authentication credentials

3.2 Usage Information

We collect metadata about platform usage:

  • Query volumes and types (not content)
  • API usage statistics
  • Performance metrics
  • Error logs (sanitized of any personal data)

3.3 What We Do NOT Collect

We explicitly do not collect or have access to:

  • Raw data from data controllers' databases
  • Individual user records or personal information from federated queries
  • Unencrypted query results
  • Any data that would make us a data broker

4. How Federated Intelligence Works

Our privacy-preserving architecture ensures:

  • Data Never Moves: All data remains in the data controller's infrastructure
  • Secure Enclaves: Queries execute in isolated, encrypted environments
  • Differential Privacy: All outputs include mathematical noise to prevent individual identification
  • Zero-Knowledge Proofs: We verify query compliance without seeing the data
  • Aggregation Only: Only statistical aggregates are returned, never individual records

5. Consent and Legal Basis

5.1 Opt-In by Default

All data processing through our platform requires explicit opt-in consent:

  • Data controllers must have valid consent from their users
  • No data is processed without explicit permission
  • Users can withdraw consent at any time through their data controller

5.2 Legal Basis for Processing

We process information based on:

  • Legitimate interests in providing our Services
  • Contractual necessity to deliver the Services
  • Compliance with legal obligations

6. Data Security

We implement industry-leading security measures:

  • SOC2 Type II certified infrastructure
  • End-to-end encryption for all data transmissions
  • Regular security audits and penetration testing
  • Secure enclave technology for query processing
  • Multi-factor authentication for all accounts
  • Regular security training for all employees

7. Data Retention

  • Account information: Retained while account is active plus 30 days
  • Usage logs: Retained for 90 days for debugging and optimization
  • Billing records: Retained as required by law (typically 7 years)
  • Query results: Never stored; computed and delivered in real-time

8. Your Rights

You have the right to:

  • Access your account information
  • Correct inaccurate information
  • Delete your account
  • Export your account data
  • Object to certain processing
  • Lodge a complaint with supervisory authorities

For data processed through federated queries, exercise your rights through the relevant data controller.

9. International Data Transfers

Our infrastructure ensures data sovereignty:

  • Data never leaves the data controller's jurisdiction
  • Only encrypted query instructions cross borders
  • We comply with all applicable data transfer regulations

10. Children's Privacy

Our Services are not directed to individuals under 18. We do not knowingly collect information from children.

11. Cookie Policy

We use only essential cookies required for:

  • Authentication and security
  • Session management
  • Preference storage

We do not use tracking or advertising cookies.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email and provide at least 30 days notice before changes take effect.

13. Contact Us

For privacy-related questions or to exercise your rights:

Privacy Team
Precise.ai
Email: privacy@precise.ai
Address: San Francisco, CA

EU Representative:
[To be appointed before EU operations commence]

14. Data Protection Officer

Our Data Protection Officer can be reached at: dpo@precise.ai