CAIT AI

Privacy Policy

Last updated: 6/17/2026

This Privacy Policy explains how CAIT AI("we", "our", "us") collects, uses, discloses, and safeguards personal information when you use our websites, products, and services, including PACTIQ and LARA (collectively, the "Services"). It also describes your privacy rights and how to exercise them.

1. Who We Are & Scope

CAIT AI provides an AI‑powered platform for catalog enrichment (PACTIQ), security & compliance automation (LARA), and related developer tools. This Policy applies to information processed when you visit our sites, create an account, use our apps and integrations (e.g., Shopify), contact support, or interact with us otherwise.

2. Information We Collect

We collect information you provide directly and data automatically generated by your use of the Services.

  • Account & Contact Data: name, email, role, company, billing details, authentication identifiers.
  • Commerce & Catalog Data (PACTIQ): product titles, attributes, images, pricing/SKU metadata, channel mappings, and synchronization logs provided by you or your connected platforms (e.g., Shopify).
  • Security & Compliance Data (LARA): configuration metadata, policy definitions, scan results, evidence artifacts, and related operational telemetry.
  • Usage & Device Data: pages viewed, features used, clicks, timestamps, IP address, device/browser type, language, referral URLs.
  • Cookies & Similar Technologies: we use necessary cookies to operate the Services and (where permitted) analytics cookies to improve performance. See Cookies below.
  • Support & Communications: messages, feedback, survey responses, and records of interactions with us.

3. How We Use Information

  • Provide, maintain, secure, and improve the Services.
  • Enrich and synchronize product catalogs across channels (PACTIQ).
  • Automate security checks, policy enforcement, and compliance evidence (LARA).
  • Personalize experiences, including recommended settings and features.
  • Monitor performance, troubleshoot issues, and prevent abuse or fraud.
  • Analyze usage to guide product decisions and develop new features.
  • Communicate with you about updates, security notices, and support.
  • Comply with legal obligations and enforce terms.

4. Legal Bases (EEA/UK)

Where GDPR/UK GDPR applies, we process personal data under these legal bases:

  • Contract: to provide the Services you requested.
  • Legitimate Interests: to secure and improve our Services, prevent fraud, and understand usage.
  • Consent: where required for optional analytics or marketing communications.
  • Legal Obligation: to comply with applicable laws and regulations.

5. Sharing & Disclosures

We do not sell personal information. We share information only as described below:

  • Service Providers / Processors: cloud hosting, analytics, customer support, and communications services that process data on our behalf under contracts and confidentiality obligations (e.g., Google Cloud, Slack).
  • Platform Integrations: at your direction we connect to third‑party platforms (e.g., Shopify) to enable catalog sync, evidence capture, or messaging. Data shared is limited to what’s required for the integration.
  • Business Transfers: in connection with mergers, acquisitions, or asset sales, subject to appropriate safeguards.
  • Legal & Safety: to comply with law, respond to lawful requests, or protect rights, safety, and the integrity of the Services.

6. Data Retention

We retain personal information only as long as necessary to provide the Services, comply with legal obligations, resolve disputes, and enforce agreements. When no longer needed, we take reasonable steps to delete, de‑identify, or anonymize data.

7. International Transfers

We may transfer, store, and process information in countries other than where it was collected. Where required, we use appropriate safeguards (such as Standard Contractual Clauses) to protect personal data transferred from the EEA/UK or other regions.

8. Security

We implement administrative, technical, and physical safeguards designed to protect personal information (e.g., encryption in transit, access controls, audit logging). No method of transmission or storage is 100% secure; we continuously improve our protections.

9. Your Rights & Choices

Your rights may include, subject to local law:

  • Access, correct, update, or delete your personal information.
  • Object to or request restriction of certain processing.
  • Portability of your data where technically feasible.
  • Opt‑out of marketing emails by using unsubscribe links.
  • Control cookies through your browser or our preferences (where available).

EEA/UK individuals may contact us to exercise GDPR rights. California residents may have rights under the CCPA/CPRA, including the right to know, delete, and correct personal information, and to opt‑out of "sale" or "sharing" (we do not sell personal information).

10. Cookies

We use necessary cookies to operate core site features (e.g., authentication, security). Where permitted, we use analytics cookies to understand usage and improve performance. You can control cookies via your browser settings and, where implemented, our cookie banner.

11. Children’s Privacy

Our Services are not directed to children under 13 (or as defined by local law), and we do not knowingly collect their personal information. If you believe a child has provided us data, please contact us and we will take appropriate steps to remove it.

12. Automated Decision‑Making & AI

Certain features use automated processing (e.g., data normalization, enrichment suggestions, anomaly detection). Decisions with legal or similarly significant effects are not made without appropriate human review. We do not use personal information to train public models; any model improvements occur within our controlled environment.

13. Third‑Party Links

Our Services may link to third‑party sites or services. Their privacy practices are governed by their own policies; we encourage you to review them.

14. Changes to This Policy

We may update this Policy from time to time. Material changes will be indicated by updating the "Last updated" date and, where appropriate, additional notice.

15. Contact Us

Questions or requests? Contact us at support@cait.app.