This Privacy Policy ("Privacy Policy"), together with our Terms and Conditions (as made available at agentiiv.com/terms-and-conditions), governs the data processing and privacy obligations regarding your access to and use of the Agentiiv AI Platform and services (the "Service") as made available through agents.agentiiv.com. You agree to this Privacy Policy by accessing or using the Service. If you do not agree, you may not use the Service. In this Privacy Policy, "Agentiiv", "we", or "us" refers to Agentiiv Inc., an Ontario, Canada company, and "you" or "User" refers to any person accessing the Service.

​

At Agentiiv, we are committed to protecting the privacy and security of our users' personal information. This privacy policy outlines how we collect, use, disclose, and safeguard your data when you use the Service.

PLEASE READ THIS PRIVACY POLICY CAREFULLY AS IT BECOMES LEGALLY BINDING ON YOU WHEN YOU USE OUR SERVICE. IF YOU DO NOT AGREE TO THIS PRIVACY POLICY YOU SHOULD IMMEDIATELY STOP USING OUR SERVICE. FURTHER, PLEASE REVISIT US REGULARLY TO KEEP TRACK OF ANY PRIVACY POLICY UPDATES.

This privacy policy forms part of our Terms and Conditions. In the event of any conflict between the terms of this privacy policy and our Terms and Conditions, this privacy policy shall prevail with respect to privacy and data protection matters.
 

1. Definitions
For the purposes of this Privacy Policy, the following terms have the meanings set out below. Capitalized terms not defined herein shall have the meanings ascribed to them in our Terms and Conditions, which are incorporated herein by reference:

1.1. "Personal Data" or "Personal Information" means any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. In other words, this means any information that can be used to identify you as an individual, including your name, email, IP address, or any content you upload that contains identifying information.
 

1.2. "Processing" means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. In other words, this means anything we do with your personal information, from collecting it to storing it, using it, sharing it, or deleting it.

1.3. "Artificial Intelligence (AI)" or "AI Agents" means Agentiiv's proprietary artificial intelligence software programs and models that form part of the Services and may be incorporated into our platform, including but not limited to natural language processing engines, machine learning models, and automated reasoning systems that enable the core functionalities of the Services. In other words, this means the smart computer programs that power our platform's ability to understand and respond to your requests.

1.4. "Services" means software licensing and related services provided by Agentiiv under our Terms and Conditions, including but not limited to: Access to and use of Agentiiv's software platform; Standard implementation and configuration services; Technical support and maintenance; Training on software usage; Any additional software-related services. In other words, this means everything we provide to you through our platform and related support.

1.5. "Large Language Models (LLMs)" means Large Language Models, including but not limited to those provided by OpenAI and Anthropic, that we use to power our AI services. In other words, these are the advanced AI systems from companies like OpenAI and Anthropic that help our platform understand and generate human-like text responses.
 

1.6. "Enterprise Client" has the meaning set forth in our Terms and Conditions and includes any organization that has entered into a service agreement with Agentiiv for enterprise-level access to the Services.
 

1.7. "Authorized Enterprise User" means an individual designated by an Enterprise Client to access and use the Services under the Enterprise Client's account, including employees, contractors, or other authorized personnel.
 

2. Accountability and Privacy Officer Designation
 

2.1. Data Controller: Agentiiv Inc. 

• Address: 1854 Lakeshore Blvd East, Toronto, M4L 6S8, Ontario, Canada Contact 

• E-mail: admin@agentiiv.com

We are committed to safeguarding your information and using all reasonable skill and care in providing our Services.
 

2.2. Data Protection Officer (DPO) In order to be compliant with applicable data protection laws we have appointed a Data Protection Officer (DPO) who shall monitor our compliance with applicable privacy laws and assist in exercising your privacy rights. Below are the details about our DPO:

• Name: Michael Carrick 

• Phone number: 647 409-8935 

• Email: mike@agentiiv.com 

• Additional Contact Email: admin@agentiiv.com

 

3. Personal Information Collection
Agentiiv collects various types of personal data (that identifies a person, directly or indirectly) either directly from you (e.g., when you sign up for an account, create a new chat instance, or send us a message through our website). The types of data include, but are not limited to:
 

3.1. Information Provided by Users:

• Personal Identification Information: Email address, first name, last name, address, password, country

 

3.2. Information Collected Automatically:

• Usage Data

• Unique Device Identifiers

• Geographic Position and Device Information

• Demographic Data: Including geography/region, number of users, session duration

• Usage Metrics: Application opens, updates, first launches

 

3.3. Information Derived from AI Activities: 

• "Agent Output" which means any content, information, data, code, text, images, or other materials generated, produced, or created by our AI Agents specifically through your authorized use of the Services. This output may incorporate or be based on your inputs or our existing intellectual property, but you retain ownership of the output generated for you.

 

3.4. Enterprise Client Data Collection
For Enterprise Clients, data collection occurs within the context of the business relationship between Agentiiv and the Enterprise Client. When Authorized Enterprise Users access the Services through an Enterprise Client's account:

• The Enterprise Client is the primary contracting party and data controller for business-related use of the Services;

• Data generated through business use of the Services, including conversations, prompts, and outputs created in the course of employment or business activities, may be subject to the Enterprise Client's legitimate business interests and policies;

• Authorized Enterprise Users acknowledge that their use of the Services through Enterprise Client accounts is subject to the Enterprise Client's internal policies, monitoring practices, and data governance requirements;

• Personal data of Authorized Enterprise Users (such as names, email addresses, and account credentials) is collected and processed to facilitate the business relationship and Service delivery to the Enterprise Client.

 

4. Third-Party Data Processing
 

4.1 Overview of Third-Party Processing
To deliver our AI-powered Services, we engage specialized third-party service providers ("Third-Party Materials") who process your data on our behalf. These providers are essential to our Service functionality and are contractually bound to protect your data consistent with this Privacy Policy.
 

4.2 Categories of Third-Party Processing
Your data may be processed through the following categories of Third-Party Materials:

• AI Model Providers: Large Language Model services (such as OpenAI, Anthropic, and Google) that process your prompts, content, and inputs to generate AI responses. We have contractual agreements that prohibit these providers from using your data to train their public models.

• Authentication and Identity Management: Services that securely handle user credentials, login processes, and identity verification. 

• Cloud Infrastructure and Hosting:  Platforms that provide secure data storage, processing capabilities, and application hosting.

• Data Enhancement and Search Services: APIs that perform searches, data enrichment, or retrieve publicly available information based on your inputs to enhance Service functionality.

• Content Generation and Media Services: Specialized services that create audio, visual, or other media content based on your requests.

 

4.3 Specific Third-Party Materials
A comprehensive and current list of our Third-Party Materials, including provider names, specific services used, links to their privacy policies, and documentation, is maintained in Section 18 of our Terms and Conditions at agents.agentiiv.com/terms-and-conditions ("Third-Party List"). This list is incorporated herein by reference and forms an integral part of this Privacy Policy.
 

4.4 Your Consent and Control
By using our Service and accepting this Privacy Policy and our Terms and Conditions, you explicitly consent to the processing of your data through the Third-Party Materials listed in Section 18 of our Terms and Conditions. You may opt-out of specific Third-Party Materials by following the procedures outlined in Section 19.3 of our Terms and Conditions, though this may limit certain Service functionality.
 

5. Purposes of Data Processing
When we collect any personal information, we will do our best to store and process it securely. We will comply with our obligations and safeguard your rights under the applicable laws at all times. We process your data for the following purposes:
 

5.1. Provision of our Service. To allow you access and use our Service - create user accounts, send you an email containing a link to your chat instance, process transactions, send information about updates, notices, etc. We process Personal Data only to the extent, and in such a manner, as is necessary for providing our services under our Terms and Conditions and will not process your Personal Data for any other purpose.
 

5.2. Enhance User Experience. To enhance our services and give you a better user experience when you use our Service.
 

5.3. Diagnosis & Troubleshooting. To diagnose problems with our servers, to administer our Service.
 

5.4. Security. To prevent, detect and investigate illegal activities, breaches of any agreements entered into between you and us and threats to the security of the Service.
 

5.5. Statistics. To produce aggregate statistical information about users and their activities on our Service that does not identify any person.
 

5.6. Legal & Compliance. To investigate any claims or disputes concerning the use of our Service.
 

5.7. Research & Development. To improve and enhance the safety and security of our Service, as well as to design and develop new features and products relating to the Service.
 

5.8. AI Model Improvement and Training. We want to be clear that no element of your Client Instance, your Intellectual Property, or any other materials you provide shall be used for training any AI model, algorithm, or system. However, your data may be processed through third-party AI services such as LLMs from OpenAI and Anthropic to provide you with our Services, this processing may or may not involve training according to the terms of the third-party AI services.
 

6. Legal Bases of Data Processing
Under applicable laws, we are required to have valid legal bases in order to lawfully collect and process any personal information. The following are the legal bases that we rely on when we collect, use and process your personal information:
6.1. Consent. In order to collect and use certain information about you, we rely on your consent. This is where you have actively agreed to our collection and use of your personal information. For example, when you accept our use of cookies to collect and process certain information about your experience with us. 
For the provision of Services, you acknowledge and explicitly consent that data input by you will be transferred to and processed by the Third-Party Materials as defined and listed in Section 18 of our Terms and Conditions and detailed in Section 4 of this Privacy Policy. You may opt out of using specific Third-Party Materials by following the process outlined in Section 19.3 of our Terms and Conditions or by contacting us at support@agentiiv.com.
 

6.2. Performance of a Contract. As a user of our Service, you agree to our Terms and Conditions in order to access and use the Service. We will process your personal information on the legal basis that it is necessary for us to provide you with our Service.

For Enterprise Clients and their Authorized Enterprise Users, we process personal data on the legal basis that it is necessary to perform our contractual obligations to the Enterprise Client. Authorized Enterprise Users acknowledge that their use of the Services occurs within the scope of their business relationship with the Enterprise Client, and that business-related data generated through such use may be accessed by the Enterprise Client in accordance with applicable employment laws, internal policies, and legitimate business purposes.
 

6.3. Legal Compliance. We may have to process and share your personal data in order to comply with our legal obligations or to protect our rights or the rights of others. For example, we may be required to comply with a subpoena, court order, or a similar legal procedure.
 

6.4. Legitimate interests. In some situations, we rely on our legitimate business interests in order to collect and process your personal data. Before using your data for our legitimate interests, we always carry out a balancing test to carefully consider the impact of the processing on your interests, rights and freedoms. We only process your personal data if we are satisfied there is no negative impact on you. Particularly, we rely on legitimate interests for the following activities:

• providing, maintaining, improving and developing our Service;

• analyzing the use of our Service;

• using aggregated (non-personally identifiable) statistical and analysis data to identify usage trends;

• dealing with user queries and complaints;

• personalizing your experience on our Service;

• identifying fraudulent behavior and ensuring our Service and systems are safe and secure.

 

7. AI Transparency and Automated Decision-Making
 

7.1. AI System Use on Our Platform: Our AI Agents constitute our proprietary intellectual property and, while they may be customized for your specific needs, the underlying AI Agents remain our exclusive property. We use third-party AI services such as Large Language Models (LLMs) from providers like OpenAI and Anthropic. When you use our Services, your data may be transferred to servers located in the United States and European Union where these AI providers operate.
 

7.2. Nature of Our AI Services: We work with AI service providers (such as OpenAI and Anthropic) who are considered our sub-processors. These providers help us deliver the intelligent features of our platform, but we ensure they comply with data protection requirements consistent with this privacy policy.
 

7.3. AI Risk Mitigation: We make commercially reasonable efforts to ensure that our use of AI services complies with the data protection requirements set out in this privacy policy and all applicable laws. We implement safeguards to protect your data when it's processed through these AI systems.
 

8. Data Use for AI Model Training
We want to be absolutely clear about our AI training practices:
 

8.1. No Training with Your Data: No element of your Client Instance, your Intellectual Property, or any other materials you provide shall be used for training any AI model, algorithm, or system. Your data will be processed through LLMs to provide you with our Services, but this processing does not involve training these models with your information.
 

8.2. Intellectual Property of Outputs: All content generated through your authorized use of our Services remains your exclusive property. While our AI systems help generate this content, you own the output created for you.
 

9. Sharing of Your Information
When we provide our Service we share personal information with other parties. When we share your personal information, we do our best to ensure that it is stored and handled as securely as it is with us. We may share your personal information with the following categories of recipients:
 

9.1 Service Providers. We use third-party service providers to provide our services to you which may have access to your data in limited circumstances. We ensure that these service providers do not make use of your personal data for any secondary purposes other than our express written instructions. The following are the categories of such service providers:

• Hosting Service Providers - to host our Service, database (or parts thereof, e.g., Microsoft Azure and Google Cloud Platform) and media files;

• Payment Processors - to process payments (e.g., Stripe.com and Wix.com. Please note we neither have access to nor store any of your credit card or payment data.);

• Infrastructure Providers (e.g., OpenAI and Anthropic API);

• Web Analytics Providers; Error Reporting Services.

• Third-Party Materials for AI and Platform Services - As detailed in Section 4 of this Privacy Policy and Section 18 of our Terms and Conditions, we engage specialized Third-Party Materials including AI model providers, authentication services, data enhancement APIs, and content generation services. These Third-Party Materials operate under their own terms and privacy policies, which you are responsible for reviewing. We ensure Third-Party Materials comply with data protection obligations materially consistent with this Privacy Policy.

 

We may engage Third-Party Providers to assist in processing Personal Data. These Third-Party Providers operate under their own terms and privacy policies, which you are responsible for reviewing. We ensure Third-Party Providers comply with data protection obligations materially consistent with this privacy policy.
 

The current list of our key Sub-processors is provided in Section 18 of our Terms and Conditions and may also be included at trust.agentiiv.com. You may opt-out from specific Third-Party Materials or sub-processors by following the provisions set forth in Section 19 of our Terms and Conditions.
 

9.2. Business Transfers: If we ever sell, transfer, or merge parts of our business or assets, your data may be transferred to a third party. Any new owner of our business may continue to use your data in the same way that we have used it, as specified in this privacy policy (i.e. to communicate with you).
 

9.3. Law Enforcement: In some limited circumstances, we may be legally required to share certain data, which may rarely include your personal data, if we are involved in legal proceedings or complying with legal obligations, a court order, or the instructions of a government authority. Beyond operational transfers to our service providers, we will not transfer any Personal Data to any other third party without your prior consent.
 

9.4. Staff: We may share some personal information about you with our employees, or independent contractors. We ensure that they handle your personal data according to this privacy policy, applicable laws and our internal policies.
 

9.5. Data Deletion and Return: We agree to delete or return your Personal Data at any time upon request. When we delete Personal Data, deletion includes destruction of all existing copies unless there is a legal requirement to retain such Personal Data. Upon your request, we will provide certification of destruction of all Personal Data.
 

9.6. Enterprise Client Data Access
For Enterprise Clients, we may provide access to business-related data generated through the Services, including:

• Conversations, prompts, and outputs created by Authorized Enterprise Users in the course of their business activities;

• Usage analytics and reporting related to the Enterprise Client's account;

• Administrative data necessary for account management and compliance purposes.

 

Such access is provided to Enterprise Clients based on:

• Legitimate business interests in managing and monitoring business use of the Services;

• Contractual obligations under our service agreements with Enterprise Clients;

• Compliance with applicable employment laws and regulations;

• The Enterprise Client's role as data controller for business-related activities.

Authorized Enterprise Users are advised to review their Enterprise Client's internal policies regarding monitoring and data access practices.
 

10. Information Accuracy
We keep any information accurate, complete and up-to-date. Where there are changes in the information we retain about you, you are encouraged to submit a request to make changes.
 

We will maintain the integrity of your Personal Data, without alteration, ensuring that your Personal Data can be separated from any other information created by our systems.
 

11. Security Measures
We maintain physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of personal information. We also apply access restrictions to your personal data by our employees. Furthermore, we ensure to educate and train our employees about the importance of privacy and data protection continuously.
 

We use Secure Sockets Layer (SSL) to encrypt the information you enter on the Service to protect its security during transmission to and from our Service. When storing personal information, we protect its security by encryption and pseudonymization of data.
 

Although we take all these measures to maintain the safety and security of your personal information, you should be aware that no transmission over the Internet can ever be guaranteed to be secure. Therefore, we cannot fully guarantee the security of any personal information that you transfer over the Internet to us.
 

12. Your Privacy Rights
Under applicable data protection laws, you have the following rights regarding the personal data we hold about you:

• Right to information. You have the right to know the purposes for which your personal information is collected at or before the time the information is collected. This privacy policy sets out what personal information we collect, how and why we collect it.

• Right of access. You have the right to obtain access to your personal information we retain about you.

• Right to rectification. You have the right to obtain rectification of your personal information without undue delay where that personal information is inaccurate or incomplete.

• Right to erasure. The right to obtain the erasure of your personal information without undue delay in certain circumstances, such as where the personal information is no longer necessary in relation to the purposes for which it was collected or processed. The erasure of personal information also includes the anonymization of personal data.

• Right to withdraw consent. You have the right to withdraw consent at any time, subject to legal or contractual restrictions and reasonable notice. Once consent is withdrawn, you will have the right to have your personal information erased and no longer used for processing.

• Right to challenge compliance. You have the right to challenge our compliance with this privacy policy and applicable privacy laws. You can contact our Data Protection Officer to address any challenges via the contact details set out in this privacy policy.

• Rights Regarding Third-Party Processing. You have the right to:

  • Access information about which Third-Party Materials are processing your data by reviewing Section 18 of our Terms and Conditions and at trust.agentiiv.com 

  • Opt-out of specific Third-Party Materials as described in Section 19.3 of our Terms and Conditions, subject to potential limitations in Service functionality

  • Request information about the safeguards we have in place for third-party data processing

 

Please note that certain data subject rights (such as access, rectification, or erasure) may be impacted by our use of Third-Party Materials. We will make commercially reasonable efforts to facilitate the exercise of your rights in relation to these services, to the extent technically feasible.
 

We will assist you in responding to requests for exercising your data subject rights under applicable data protection laws, to the extent possible given the nature of the processing and the information available to us.
If you contact us directly with a data subject request, we will promptly respond to your request. Please note that the fulfillment of certain data subject rights (such as the right to access, rectification, or erasure) may be impacted by our use of third-party AI services. We will make commercially reasonable efforts to facilitate the exercise of your data subject rights in relation to these services, to the extent technically feasible.

12.1. How to Exercise Your Rights: To exercise any of these rights, please contact our DPO. We aim to respond within one (1) month of receiving a clear request. Complex or multiple requests may take longer, but we will keep you updated.
Note that conditions or limitations on these rights may apply depending on your legal jurisdiction. If you are dissatisfied with our response, you have the right to lodge a complaint with your local data protection authority.
 

12.2. Enterprise Client Considerations
For Authorized Enterprise Users accessing the Services through Enterprise Client accounts, certain privacy rights may be subject to:

• The Enterprise Client's legitimate business interests and internal policies;

• Applicable employment and labor laws in your jurisdiction;

• The contractual relationship between Agentiiv and the Enterprise Client;

• Legal and regulatory requirements applicable to the Enterprise Client's business.

If you are an Authorized Enterprise User and wish to exercise privacy rights, you should first consult your Enterprise Client's internal policies and may need to coordinate with your Enterprise Client's designated privacy contact.
 

13. International Transfer of Data
Your information, including Personal Data, may be transferred to and maintained on computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction. If you are located outside Canada and choose to provide information to us, please note that we transfer the data to Canada and process it there. Your consent to this privacy policy followed by your submission of such information represents your agreement to that transfer.
 

For the provision of Services, you acknowledge and explicitly consent that data input by you will be transferred to and shared with Third-Party Providers as necessary for the operation and delivery of the Services, including through the use of AI services and associated third-party service providers located in the United States and European Union.
We ensure that any cross-border transfers of Personal Data are conducted in compliance with applicable data protection laws, including PIPEDA. This may include, but is not limited to:

• Ensuring that the recipient country provides an adequate level of protection for Personal Data

• Implementing appropriate contractual safeguards, such as standard contractual clauses

• Obtaining specific consent from data subjects where required and appropriate

 

We acknowledge that the provision of Services involves the transfer of Personal Data to servers located in the United States and the European Union. We maintain appropriate safeguards for such transfers and will provide you with information about the locations where Personal Data is processed upon request.
 

The Third-Party Materials listed in Section 18 of our Terms and Conditions may process your data in various jurisdictions, including the United States and European Union. When you use our Services, your data may be transferred to and processed by these Third-Party Materials in their respective operating jurisdictions.
 

14. Minors' Personal Data
Agentiiv recognizes the importance of protecting the privacy and safety of children. Our Service is not designed for, targeted at, or intentionally marketed to children under the age of 19. We do not knowingly collect, use, or disclose personal data from children under 18 years of age.
 

We explicitly prohibit individuals under the age of 18 from using our Service. If we learn that we have inadvertently collected personal data from a child under 18 without the required parental consent, we will take immediate steps to delete such information and terminate the child's account.

If you are a parent or legal guardian and you believe that your child under the age of 18 has submitted personal information to us you can contact us at admin@agentiiv.com. We will promptly investigate the concern and, if necessary, remove the child's personal data from our records and deactivate any associated accounts.
 

15. Cookies and Tracking Technologies
We use essential and functional cookies to maintain your logged-in state and store preferences such as UI language, aiming to improve your experience without tracking personal information. For detailed information about our use of cookies and tracking technologies, please refer to our separate Cookie Policy available on our website.
 

16. Security Breaches
We will immediately notify affected users without undue delay but in no case later than seventy-two (72) hours upon determining a Personal Data Breach is known, or by the exercise of reasonable diligence would have been known to us, providing you with sufficient information that may be needed under applicable laws.
In the event of a Personal Data breach, we will:

• Describe the nature of the Personal Data breach

• Communicate the name and contact details of our designated contact point for security incidents

• Describe the likely consequences of the Personal Data breach

• Describe the measures taken or proposed to address the Personal Data breach and mitigate its possible adverse effects

• ​

We maintain a record of all Personal Data breaches, including the facts relating to the breach, its effects, and the remedial action taken.
 

We follow our Incident Response Plan in responding to and managing any Personal Data breach, and we will assist in addressing any breach requirements under applicable privacy laws, including PIPEDA's requirements for notification to the Privacy Commissioner of Canada when there is a real risk of significant harm to individuals.
 

17. Complaints and Dispute Resolution
 

17.1. Internal Complaint Process: If you have concerns about our privacy practices, please contact our Data Protection Officer first using the contact information provided in this policy. We are committed to working with you to resolve any privacy concerns.
 

17.2. Privacy Commissioner Resources: You have the right to lodge a complaint with the Office of the Privacy Commissioner of Canada if you believe we have not adequately addressed your privacy concerns. You can contact them at:

• Office of the Privacy Commissioner of Canada 30 Victoria Street Gatineau, Quebec K1A 1H3 Toll-free: 1-800-282-1376 

• Website: www.priv.gc.ca

 

17.3. Dispute Resolution: Any dispute which arises in the course of or following the performance of the present contract will be definitively settled under the auspices of The Canadian Commercial Arbitration Centre, by means of arbitration and to the exclusion of courts of law, in accordance with its General Commercial Arbitration Rules in force at the time this contract is signed and to which the parties declare they have adhered.
 

17.4. Governing Law: To the extent possible, these Privacy Policies and all related disputes shall be governed by and construed in accordance with the laws of the Province of Ontario, Canada.
 

17.5. Ontario Consumer Protection: If you are a consumer in Ontario, certain clauses of these Terms are void to the extent they conflict with statutory rights. Ontario’s Consumer Protection Act forbids any attempt to waive a consumer’s substantive or procedural rights. In particular, you are not bound by any mandatory arbitration clause or class-action waiver in this Agreement. Any term that purports to negate or vary any implied condition or warranty under Ontario law is void.
 

18. Changes to Privacy Policy
This privacy policy may be amended by us from time to time. This may be done out of necessity (e.g., in order to reflect changes in the applicable laws), or if we change our business in a way that affects personal data protection.
Any changes will immediately be posted on our website and you will be deemed to have accepted the terms of the updated privacy policy on your first use of our Service following the amendments. Therefore, we strongly recommend you to revisit this page and check our privacy policy regularly in order to keep up-to-date.
 

19. Supplementary Notice to EU/UK Residents
The General Data Protection Regulation of the EU and the UK (collectively the "GDPR") gives the residents of the EU/UK certain rights when their personal data is being collected and processed. At Agentiiv, we are committed to complying with the GDPR, as far as it applies to us, and we have embedded data protection by design and default into our Service.
This privacy policy, in its entirety, conforms with the information disclosure obligations set out under the GDPR. Therefore, EU/UK residents should read the entire privacy policy to find out how we handle their personal information.
 

19.1. Data Subjects Rights. As an EU/UK resident, you have the rights accorded to you under Chapter 3 of the GDPR, and we always work to uphold these rights. These rights correspond to your rights accorded to you under the relevant section of this privacy policy. In order to obtain more information about your rights and how to exercise your rights, please contact our DPO at admin@Agentiiv.com.
 

19.2. International Transfer of Data. If you are a resident of the EU/UK, you should be aware that when you access and use our Service your personal information will be transferred to countries located outside the EU/UK. We rely on several legal bases to lawfully transfer your personal data outside of your jurisdiction, including:

• Adequacy decision of the EU Commission, and, as applicable, the UK Government.

• Standard Contractual Clauses (SCC) approved by the European Commission, or international data transfer agreements (IDTA) or international data transfer addendum adopted by the UK Government.

 

19.3. Exercising Your Data Protection Rights. You may exercise your rights of access, rectification, cancellation, erasure, and opposition by contacting us. Please note that we may ask you to verify your identity before responding to such requests, such as by asking you questions about your use of the Service. If you make a request, we will try our best to respond to you as soon as possible.
 

20. Supplementary Notice to California Residents
If you are a consumer residing in California, the following section is relevant to you. It's important to be aware that the laws mentioned below may not always apply to us, as there are specific criteria that must be met for their application, criteria which we may not always satisfy.
 

20.1. California Shine the Light Law. California's Shine the Light Law, also known as the California Civil Code Section 1798.83 gives California residents the right to request information about how businesses share their personal information with third parties for direct marketing purposes.
 

Residents of California may ask us to provide them with a list of the types of personal information that we have disclosed during the preceding year to third parties for their direct marketing purposes, and the identity of those third parties. If you are a California resident and would like such a list, please contact us at admin@Agentiiv.com. 
 

For all such requests, please indicate "CA Shine the Light" in the subject field and include your full name, email address, street address, city, state, and zip code in your request.
 

20.2. California Consumer Privacy Act. The California Consumer Privacy Act of 2018 ("CCPA") and California Privacy Rights Act of 2020 ("CPRA") provide certain rights to residents of California. This section applies if you are a natural person who is a resident of California ("California Consumer") and use our Service. This notice supplements the information in our privacy policy. Certain terms used below have the meanings given to them in the CCPA and CPRA. The CCPA and CPRA shall be collectively referred to herein as the "CPRA".
 

For more details on the categories of personal information, the purposes for which we collected such information and the sources from which we obtain your personal information contact us at admin@agentiiv.com.
 

20.3. Sale/Sharing of Your Data. We do not sell your personal data. We will share the personal information collected from and about you over the past twelve (12) months as discussed in this privacy policy for various business purposes.
 

20.4. Your Privacy Rights and Choices. In addition to rights of access, correction and deletion, as described in the privacy policy, California Consumers may have certain additional rights in connection with the personal data we collect about you, many of which are subject to exceptions under applicable law:

• The right to access and disclosure and portability. You may have the right to request, twice during twelve months, the following information about the personal data we have collected about you:

  • the categories and specific pieces of personal information we have collected about you;

  • the categories of sources from which we collected the personal information;

  • the business or commercial purpose for which we collected or sold the personal information;

  • the categories of third parties with whom we shared the personal information;

  • the categories of personal information that we sold or disclosed for a business purpose, and the categories of third parties to whom we sold or disclosed that information for a business purpose; and

  • the specific pieces of personal information we obtained from you in a format that is easily understandable, and to the extent technically feasible, in a structured commonly used, machine-readable format.

• The right to nondiscrimination. We will not discriminate against you, alter our pricing, or offer a different standard of goods and services based on your decision to exercise these rights.
   

• The right to opt-out of the sale or sharing of your personal information. You have the right to opt out of the sale or sharing of your personal information. California law broadly defines sale such that it may include allowing third parties to receive certain information, such as cookies IP address and/or browsing behavior, to deliver targeted advertising.
   

• The right to limit the use of sensitive personal information. You possess the right to demand that we restrict the use or sharing of your confidential personal data strictly to what is essential for executing the services or delivering the goods you have solicited. We do not collect or share your sensitive information.

 

20.5. How to exercise your access, correction and deletion rights. California residents may exercise their California privacy rights, as far as applicable, by submitting a request via email at admin@agentiiv.com or by contacting us at 647 409-8935.

Once we have verified your identity (and your agent, as applicable), we will respond to your request as appropriate. If we are

unable to complete your requests fully for any of the reasons, we will provide you additional information about the reasons that we could not comply with your request.

 

20.6. Authorized Agents. You have the option to appoint a representative (authorized agent) to submit requests on your behalf regarding your rights under the CPRA as outlined previously. We will undertake measures to confirm the identity of the individual attempting to exercise their rights as mentioned, and to verify that your representative is authorized to act on your behalf, either through a signed written authorization or a power of attorney provided to us.
 

21. Account Termination and Data Retention
21.1 Data Retention Period We will keep your personal information only as long as is reasonably necessary for the purposes described in this privacy policy, or for a longer period as may be required by applicable laws. You can always request that we suspend or remove your personal data by writing to admin@agentiiv.com.
 

Upon termination of your account or our Services, we shall, at your choice, delete or return all Personal Data to you and delete existing copies unless applicable law requires storage of the Personal Data.
 

If you elect to have your Personal Data returned, we shall provide it in a commonly used, machine-readable format within thirty (30) days of the termination of Services.
 

Notwithstanding the above, we may retain Personal Data to the extent required by applicable laws or regulations, subject to the continued application of this privacy policy to such retained data.
 

Data processed through Third-Party Materials is retained according to our agreements with such providers and their respective data retention policies. Upon termination of our relationship with any Third-Party Material, we will take commercially reasonable steps to ensure the secure deletion or return of your data, subject to the technical capabilities and contractual terms with such providers.
 

21.2. Enterprise Client Data Retention
For Enterprise Clients, data retention is governed by:

• The service agreement between Agentiiv and the Enterprise Client;

• The Enterprise Client's data retention policies and business requirements;

• Applicable legal and regulatory requirements;

• Legitimate business purposes related to the Enterprise Client's operations.

Upon termination of an Enterprise Client's service agreement, data handling will be managed according to the terms of that agreement and applicable law.
 

22. Processing of Chat Data
All information collected when you create a new chat instance on the Service is securely stored using the cloud services of our Third-Party Materials as specified in Section 18.2 of our Terms and Conditions, the privacy policies of which are available in such list. If circumstances arise where we need to share your information with a third party beyond those listed in our Terms and Conditions (for instance, to link your billing information with your chat instance), we will always seek your explicit permission beforehand (via an "I understand" checkbox).

The chat instance you create is utilized by your users/team/community. When your users log in to the chat instance, we collect their email addresses to verify their identity. This information is used to send them an email with a login link. We also collect their name, avatar, and other information, but only if they choose to provide it to us. We use this information to display their name and avatar on the chat instance.

During the setup of your chat instance, we collect your OpenAI API key or Anthropic API key. These keys are utilized to connect to OpenAI/Anthropic to generate AI chat responses when your users use your AI chat instance. We never share your API keys with anyone else or any third-party services. Your users will not have access to see your API key, and keys are not used for any other purposes.

When your users log in to your chat instance, we dispatch an email to them containing the login code. The email originates from Agentiiv email services, with your name and email address displayed to the users as the "Reply-to" address.
The chat history and messages of your users are transmitted through our server when they interact with the chat instance. Chat messages are stored on our server so we can sync the chat between multiple devices for your users. Note messages must still pass through our server to prevent your API key from being exposed to the end users. Our server, through which the messages pass, is hosted on vercel.com. We do not log sensitive information (API Key) or user personal information on Vercel or any other logging system.

Your users' chat history, custom prompts, libraries, and bookmarks are stored locally on the device they use to access your chat instance. Users can opt to backup & sync their data across various services offered within the chat interface, including TypingMind Cloud (Backup/Sync/Share).

Users on your chat instance are unable to view each other's data and chat history.

23. Third-Party Links
Agentiiv includes links to third-party websites to enhance user experience. These sites are not operated or controlled by us, and we assume no responsibility for their content, privacy policies, or practices. These third-party sites have their own policies and we urge users to review them before using their sites and services. Linking does not imply endorsement in any way and your use these sites is at your own risk. Agentiiv shall not be liable for damages arising from the use of third-party sites.
 

24. Fair Information Principles
This privacy policy is crafted to align with the 10 fair information principles established by the Personal Information Protection and Electronic Documents Act of Canada ("PIPEDA"). In this policy, we detail our adherence to these principles. Below is a summary of the measures we take to ensure compliance.

24.1. Principle 1 - Accountability. We are committed to safeguarding your information. A designated Data Protection Officer oversees our compliance efforts. You can contact our DPO using the details provided in the designated section of our privacy policy.

24.2. Principle 2 - Identifying purposes. We have identified the purposes of processing in the relevant section of this privacy policy.

24.3. Principle 3 - Consent. We strive to obtain consent before collecting personal information, although local laws may vary. Individuals can contact our Data Protection Officer (DPO) using the details in this privacy policy to request information deletion.

24.4. Principle 4 - Limiting Collection. Personal data collected is limited to that which is necessary for the purposes identified in this privacy policy.

24.5. Principle 5 - Limiting Use, Disclosure, and Retention. We use your personal information only for the purposes for which it was collected. Details on the use, disclosure, and retention of your personal information are provided in the corresponding sections of this privacy policy

24.6. Principle 6 - Accuracy. We keep any information accurate, complete and up-to-date. Where there are changes in the information we retain about you, you are encouraged to submit a request to make changes.

24.7. Principle 7 - Safeguards. We protect your personal information with appropriate safeguards as set out in the relevant section of this privacy policy and ensure our service providers provide appropriate technical and organizational measures to protect your information from security breaches.

24.8. Principle 8 - Openness. We are open regarding our data collection and processing practices. You can find information about how we collect, use, process and disclose personal information in this privacy policy.

24.9. Principle 9 - Individual Access. You can submit a request to access your information we hold about you. You can use the contact details of our DPO to get in touch with us.

24.10. Principle 10 - Challenging Compliance. You are welcome to direct any questions or inquiries concerning our compliance with this privacy policy to our DPO.
 

Contact Information If you have any questions or concerns about this policy, please contact: legal@agentiiv.com.