Privacy Policy

1. Overview

This Privacy Policy explains how Visant.AI collects, uses, and protects personal data when you use our hardware, software, or services.

2. Data We Collect

• Account data: Email address, organization name, and billing information via Stripe.
• Device data: Device IDs, device type (hardware/web camera), online status, and configuration settings.
• Capture data: Images captured by your cameras, alert conditions you define, and AI classification results.
• Usage data: Timestamps, capture frequency, and notification delivery status.

3. How We Use Data

• Process captures through our dual-agent AI system (OpenAI GPT and Google Gemini) to detect alert conditions.
• Send email notifications via SendGrid when alerts are triggered.
• Display capture history and AI analysis results in your dashboard.
• Process payments and manage subscriptions through Stripe.
• Improve AI accuracy and service reliability through aggregated, de-identified analytics.
• Send marketing communications, product updates, and promotional offers (you may opt out at any time).

4. Sharing & Disclosure

We do not sell personal data. We share data only with trusted service providers:

• Railway.app: Cloud hosting and database
• Supabase: Authentication services
• Stripe: Payment processing
• SendGrid: Email delivery
• OpenAI & Google: AI image analysis (captures are processed but not stored by these providers)

We may also disclose data when required by law or to protect our rights.

5. Data Retention

• Captures: Stored for up to 3 years in cloud storage.
• Account data: Retained while your account is active and for a reasonable period afterward for legal compliance.
• Billing records: Retained as required by tax and financial regulations.
• Marketing data: Retained for up to 3 years or until you opt out of marketing communications.

6. Security

We implement encryption in transit, role-based access, logging, and regular audits to protect data. No system is completely secure; notify us of any suspected vulnerability.

7. Your Rights

Depending on your jurisdiction, you may request access, correction, deletion, or portability of your personal data by emailing visant@contoro.com.

8. International Transfers

Visant.AI may process data in the United States and other countries. We rely on approved transfer mechanisms such as Standard Contractual Clauses when data moves across borders.

9. Children

Our services are not directed to children under 16. If we learn that we have collected data from a minor, we will delete it promptly.

10. Changes

We may update this policy to reflect operational or legal requirements. We will post the new date above and, when changes are material, provide additional notice.

11. Contact

Questions about privacy can be sent to visant@contoro.com.