Privacy Policy

1. Introduction & Scope

This Privacy Policy explains how Palaci collects, uses, processes, discloses, retains, and protects personal information when you use our services, platforms, websites, and applications. It applies to all users of our services globally and describes your rights regarding your personal information.

By using our services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, please do not use our services.

2. Data Collection

Directly provided (forms, registrations)

We may collect personal information that you voluntarily provide to us when you:

• Register for an account
• Sign up for our newsletter
• Request information or support
• Participate in surveys or promotions
• Apply for employment
• Use our AI services

This information may include your name, email address, phone number, company name, job title, and any other information you choose to provide.

Automatically collected (logs, analytics)

When you visit our website or use our services, we may automatically collect certain information about your device and usage patterns, including:

• IP address and device identifiers
• Browser type and version
• Operating system
• Pages visited and time spent
• Clickstream data
• Cookies and similar technologies

3. Legal Bases for Processing

We process your personal information under one or more of the following legal bases:

• Consent: You have given explicit consent to process your information for specific purposes
• Contract Performance: Processing is necessary to fulfill our contractual obligations to you
• Legitimate Interests: Processing is necessary for our legitimate business interests, provided they don't override your rights
• Legal Obligation: Processing is necessary to comply with applicable laws or regulations

4. Use of Your Data

When you use our AI services, we may collect data inputs, outputs, and feedback that help us improve our models and algorithms. This may include text, images, or other content you submit to our AI systems. We take specific measures to protect sensitive information within this data as described in our data processing practices.

5. Data Sharing & Third-Party Processors

We use the information we collect for various purposes, including to:

• Provide, maintain, and improve our services
• Process and fulfill your requests
• Communicate with you about our services, updates, and promotions
• Personalize your experience
• Analyze usage patterns and trends
• Detect and prevent fraud, security breaches, or other harmful activities
• Comply with legal obligations
• Train and improve our AI models (with appropriate safeguards)

6. International Data Transfers

We operate globally and may transfer your information to countries other than your country of residence, including the United States, where our primary servers and operations are located. These countries may have different data protection laws. When we transfer personal information across borders, we take steps to ensure that your information receives an adequate level of protection, including through appropriate contractual safeguards like standard contractual clauses or participation in frameworks like the EU-US Data Privacy Framework.

7. Data Security Measures

We may share your information with:

• Service Providers: Third-party vendors who perform services on our behalf, such as cloud hosting, analytics, and customer support
• Business Partners: Companies we collaborate with to offer joint services or promotions
• Legal Requirements: When required by law, legal process, or government requests
• Business Transfers: In connection with a merger, acquisition, or sale of assets
• With Your Consent: When you have explicitly agreed to the sharing

We do not sell your personal information to third parties for their marketing purposes.

8. Data Retention & Deletion

We retain your personal information for as long as necessary to provide the services you have requested, or for other essential purposes such as complying with legal obligations, resolving disputes, and enforcing our agreements.

The criteria used to determine our retention periods include the nature of the data, the purpose for which it was collected, legal and regulatory requirements, and operational considerations. When personal data is no longer necessary, we securely delete or anonymize it.

9. Automated Decision-Making / AI Profiling

Our services may include automated decision-making and profiling, including AI-driven analysis. This may involve processing your data to evaluate certain personal aspects, particularly to analyze or predict aspects concerning your preferences, interests, behavior, and location.

Where we make solely automated decisions that significantly affect you, you have the right to request human intervention, express your point of view, and contest the decision, unless an exception applies under applicable law.

10. Children's Privacy

We implement appropriate technical and organizational measures to protect your information from unauthorized access, disclosure, alteration, and destruction. These measures include encryption, access controls, regular security assessments, and employee training.

However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security. We encourage you to use strong passwords and take steps to protect your accounts and personal information.

11. Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information, including:

• Accessing and obtaining a copy of your data
• Rectifying inaccurate information
• Deleting your information (subject to certain exceptions)
• Restricting or objecting to certain processing activities
• Data portability
• Withdrawing consent (where processing is based on consent)

To exercise these rights, please contact us using the information provided in the "Contact Us" section below. We will respond to your request in accordance with applicable laws.

12. Cookies & Tracking Technologies

We use cookies, web beacons, pixels, and similar tracking technologies to improve your browsing experience, analyze website traffic, personalize content, and tailor advertisements. These technologies collect information about how you use our services and allow us to remember you when you return to our site.

You can manage your cookie preferences through your browser settings or our consent management tool. Please note that blocking certain cookies may impact your experience and the functionality of our services.

13. Data Breach Notification

In the event of a data breach that compromises your personal information, we will notify you and relevant regulatory authorities as required by applicable law. Our notification will include information about the nature of the breach, the information affected, the measures we have taken to address it, and recommended steps you can take to protect yourself.

14. Contact Info & Data Protection Officer (DPO)

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Our Data Protection Officer can be contacted directly at dpo@palaci.org for matters related to data protection and privacy compliance.

15. Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, and other factors. When we do, we will update the "Effective Date" at the top of this policy.

For significant changes, we will make reasonable efforts to notify you, such as by prominently posting a notice on our website, sending you an email, or through in-app notifications. We encourage you to periodically review this Privacy Policy to stay informed about our data practices.