Privacy Policy

Effective Date: January 14, 2025

Thank you for choosing Oodle AI, Inc ("we," "us," "our"). This Privacy Policy describes how we collect, use, and disclose information when you use our website, products, and services ("Services"). By accessing or using our Services, you agree to the terms of this Privacy Policy.

Information We Collect

• Personal Information: When you use our Services, we may collect personal information such as your name, email address, contact information, and billing details.
• Usage Data: We may automatically collect information about your interaction with our Services, including your IP address, browser type, operating system, and pages visited.
• Applicant Information: If you apply for an employment opportunity with Oodle, we collect your name, email, phone number, address, and the information you provide in your application materials and during any interview process.
• Contact Information: Such as name, business email, phone number, company details or address when you express an interest in obtaining additional information about our services via our "contact-us" or similar options on the website. We may also be getting the information from events we conduct and third-party sources/tools.
• API Credentials: We may collect API credentials for facilitating migration, provide intended services & third-party integrations.
• Surveys and Feedback: If you voluntarily submit certain information to us, such as by filling out a survey, providing feedback, or submitting a review of our services, we collect the information that you have provided.
• Cookies: We may use cookies and similar tracking technologies to enhance your experience, analyze usage patterns, and deliver tailored content or advertisements. We ensure that any non-essential cookies or tracking technologies requiring user consent are only deployed after obtaining your agreement through our website or contractual terms.

How We Use Information

We use all the personal data we receive from entities like Prospects, Customers, suppliers, employees, contractors etc. for business purposes out of legitimate interest/legal obligation or consent based and only as and when it is necessarily required. We may use the information we collect for various purposes, including but not limited to:

• Providing and maintaining our Services.
• Personalizing your experience and delivering relevant content.
• Communicating with you about our products, services, and promotions.
• Analyzing usage trends and improving our Services.
• Protecting our rights, property, and safety, as well as that of our users and others.

Any products, services, websites or content that are offered by third parties through integrations are governed by their own respective privacy policies.

Information Sharing and Disclosure

We may share your information in the following circumstances:

• With service providers and partners who assist us in delivering our Services.
• In response to legal requests or to comply with applicable laws and regulations.
• In connection with a merger, acquisition, or sale of assets, where your information may be transferred as part of the transaction.
• With your consent or as otherwise disclosed at the time of collection.

We do not sell any Personal information we collect.

How do we store your data? (If you are not in European Union)

Our Company securely stores your data in AWS data centers, which are compliant with industry-standard security protocols. We currently maintain deployments in us-west-2(Oregon) & ap-south-1(Mumbai). Upon request, we can establish data storage in additional AWS regions to meet your specific geographic requirements. Please contact us to discuss data localization needs.

How do we store your data? (If you are in European Union)

Our Company securely stores your data in GDPR-compliant data centers located within the European Union. We will retain your personal information for as long as you use our services. Upon termination, all personal data will be securely deleted within the time period agreed upon in our contract.

International Data Transfer

Personal information we collect may be stored and processed in your region, or in any other country where we or our affiliates or service providers maintain facilities. We take steps designed to ensure that the personal information we collect under this Privacy Notice is processed as described and according to any applicable laws & contractual agreement. As a result, your personal information may be subject to the laws of foreign jurisdictions, including laws that permit or require the disclosure of information to law enforcement or national security authorities upon request.

For further information please contact us atprivacy@oodle.ai

Security

We design our systems with your security and privacy in mind.

• We maintain technical, physical, and organizational safeguards in connection with the collection, storage, and disclosure of personal information.
• We protect the security of your information during transmission to or from Oodle by using encryption protocols and software.
• We go through regular SOC2, GDPR, VAPT independent assessments to evaluate our security & privacy posture and ensure adequate measures are in place.

However, no security measure or modality of data transmission over the Internet is 100% secure. Although we strive to use commercially acceptable means to protect your personal information, we cannot guarantee absolute security. You are solely responsible for protecting your password, limiting access to your devices, and signing out of websites after your sessions.

If you have any questions about the security of our websites, please contact us at security@oodle.ai

Your Personal Information Rights & Choices

Depending on your location, you may have certain rights regarding your personal information. To exercise your rights, please contact us atprivacy@oodle.ai. Subject to applicable law, you may have the following rights:

• Right to Know whether we hold personal information about you, and request copies of such personal information and information about how it is processed;
• Right to Modify that inaccurate personal information about you is corrected;
• Right to Erasure request deletion of your personal information. If any information is inaccurate or incomplete, the Data Subject may request that the data to be erased. If the data being processed is no longer legal or appropriate, the data to be deleted/erased, unless required by applicable laws.
• Right to Restriction of Processing of your personal information where the processing is inappropriate;
• Right to Object to certain processing of your personal information;
• Right to Data Portability of personal information that you have provided to us in a structured, commonly used, and machine-readable format;
• Right to Withdraw consent: You can withdraw your consent to processing your personal information. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.

  When you visit or log in to our website, cookies and similar technologies may be used by our online data partners or vendors to associate these activities with other personal information they or others have about you, including by association with your email. We (or service providers on our behalf) may then send communications and marketing to these email. You may opt out of receiving this advertising by visiting https://app.retention.com/optout

• Right to Unsubscribe from receiving promotional emails or direct mail from us. Each time you receive electronic marketing information from us, you have the option to decline to receive further marketing information from us by clicking on "unsubscribe" link or by contacting us atprivacy@oodle.ai.

Data Protection Officer(DPO) and their responsibilities

• Oversee the implementation of data protection policies and procedures.
• Ensure the organization's compliance with data protection regulations.
• Conduct risk assessments related to data processing activities.
• Serve as a point of contact for data subjects and supervisory authorities.
• Monitor data security measures, investigate breaches, and enforce staff training to uphold data security.

Data Breach Procedure and Reporting Time Period

In the event of a data breach, we follow a stringent procedure to mitigate and address the incident promptly. Our response includes identifying the breach, containing its impact, assessing affected data, notifying relevant authorities, and communicating transparently with affected individuals. We conduct thorough investigations to understand the extent of the breach and implement corrective measures to prevent recurrence.

Any detected data breach will be reported to relevant authorities and affected individuals within 72 hours of its identification, in compliance with applicable data protection regulations.

Children's Privacy

Our Services are not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us immediately.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page, and the "Effective Date" at the top will be updated accordingly. We encourage you to review this Privacy Policy periodically for any changes.

Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us. You can also reach out at privacy@oodle.ai.