1. Introduction

Crescent AI ("Crescent AI", "we", "our", or "us") operates the website www.ai-crescent.com and provides AI automation services, chatbots, workflow automation, and related services (the "Services"). This Privacy Policy explains how we collect, use, disclose, and protect your information when you use our website and Services.

Please read this Privacy Policy carefully. By accessing or using Crescent AI, you acknowledge that you have read, understood, and agree to be bound by all the provisions of this Privacy Policy. If you do not agree with our policies and practices, please do not use our Services.

2. Contact Information

3. Information We Collect

3.1 Information You Provide Directly

• Account Information: Name, email address, password, phone number, job title, company name, and other profile information when you create or update your account.
• Billing Information: Billing address, company details, and payment method information (note: payment card details are processed and stored by our payment processor, not by us).
• Communication Information: Any messages, emails, chat conversations, or support tickets you send to us, including content and attachments.
• Service Content: Data, prompts, documents, files, or other content you submit, upload, or provide when using the Services.
• Survey and Feedback: Responses to surveys, questionnaires, feedback forms, and reviews you voluntarily submit.

3.2 Information Collected Automatically

• Usage Data: Pages you visit, links you click, searches you perform, time spent on pages, and other interactions with our website and Services.
• Device and Log Data: IP address, device type, operating system, browser type, browser version, unique device identifiers, and log records.
• Cookies and Similar Technologies: Information collected through cookies, web beacons, pixels, and similar tracking technologies.
• Location Data: General location information inferred from IP address (country, city level).

3.3 Information from Third Parties

• Payment Processors: Transaction status, last four digits of card, transaction IDs, and payment history from Stripe, Razorpay, or other payment providers.
• Analytics and Marketing Platforms: Aggregated usage metrics from Google Analytics, Meta Pixel, or similar platforms.
• Integrations and APIs: Data you authorize us to access from connected third-party platforms.
• Social Media: If you log in via Google, Microsoft, or other social providers, we receive publicly available profile information.

4. How We Use Your Information

We use your information for the following purposes:

• Provide and Operate Services: To create and manage your account, deliver the Services you request, process transactions, and fulfill your orders.
• Customer Support: To respond to your inquiries, resolve issues, process complaints, and provide technical support.
• Communication: To send service-related notifications and contact you about your account.
• Improvement and Personalization: To analyze usage patterns, improve website and service functionality, and develop new features.
• Marketing and Promotion: To send promotional emails and marketing materials (where permitted and with opt-out options).
• Security and Compliance: To monitor, detect, investigate, and prevent fraud, abuse, and unauthorized access.
• Legal Obligations: To comply with applicable laws, regulations, and legal processes.

5. Legal Basis for Processing (GDPR/UK GDPR)

If you are located in the European Union, United Kingdom, or other jurisdictions with similar data protection laws, we process your personal data based on the following legal grounds:

• Performance of a Contract: Processing is necessary to perform the Services you have requested.
• Legitimate Interests: Processing is necessary for our legitimate business interests.
• Consent: We process certain data based on your explicit consent, which you may withdraw at any time.
• Legal Obligation: Processing is necessary to comply with applicable laws and regulations.

6. Cookies and Tracking Technologies

6.1 What Are Cookies?

Cookies are small text files stored on your device when you visit our website. They are used to remember your preferences, recognize you on repeat visits, and gather analytics data.

6.2 Types of Cookies We Use

• Essential Cookies: Required for website functionality (authentication, session management, security).
• Preference Cookies: Remember your settings and preferences (language, theme, display options).
• Analytics Cookies: Track how you use our site to help us improve it (Google Analytics).
• Marketing/Advertising Cookies: Used to display targeted ads and measure campaign effectiveness.

6.3 Cookie Control

You can control cookies through your browser settings and opt-out of non-essential cookies. Some features of the website may not function properly if cookies are disabled.

7. How We Share Your Information

We do not sell your personal information to third parties. We may share information in the following circumstances:

7.1 Service Providers and Data Processors

We share your information with trusted third-party service providers who perform services on our behalf under strict data protection agreements, including:

• Cloud hosting providers (AWS, Google Cloud, Azure)
• Payment processors (Stripe, Razorpay, PayPal)
• Email service providers (SendGrid, Mailchimp)
• Customer support platforms (Intercom, Zendesk)
• Analytics platforms (Google Analytics)

7.2 Business Transfers

If Crescent AI is involved in a merger, acquisition, bankruptcy, or similar transaction, your information may be transferred as part of that transaction. We will provide notice before your information becomes subject to a different privacy policy.

7.3 Legal Requirements and Safety

We may disclose your information where required by law, legal process, or governmental request. We may also share information to protect the rights, property, and safety of Crescent AI, our users, and the public.

7.4 With Your Consent

We share information with third parties when you explicitly authorize or request us to do so.

7.5 Aggregated and Anonymized Data

We may share aggregated, de-identified, or anonymized data that does not identify you with third parties for research, marketing, and analytics purposes.

8. Data Retention

8.1 How Long We Keep Your Data

• Active Account: While you maintain an active account, we retain your personal information to provide the Services.
• After Account Termination: We retain personal information for as long as necessary to fulfill legal, tax, and accounting obligations (typically 7 years for financial records).
• Backup and Archival: We may retain backup copies of your information for a limited period for disaster recovery purposes.
• Aggregated Data: Aggregated or anonymized data may be retained indefinitely for analytics and service improvement.

8.2 Deletion Requests

You may request deletion of your personal information by contacting us at support@ai-crescent.com. We will delete your information subject to legal retention requirements.

9. Data Security

9.1 Security Measures

We implement comprehensive technical and organizational measures to protect your personal information, including:

• Encryption in Transit: All data transmitted between your device and our servers is encrypted using HTTPS/TLS protocols.
• Encryption at Rest: Sensitive data stored on our servers is encrypted using industry-standard encryption.
• Access Controls: Strict access controls and role-based permissions limit employee access to personal information.
• Monitoring and Logging: Continuous monitoring and audit trails track access to personal data.
• Firewalls and Intrusion Detection: Network firewalls and intrusion detection systems protect our infrastructure.
• Employee Training: Our employees receive regular data protection and security training.

9.2 Limitations

No Guarantee of Absolute Security: While we implement reasonable security measures, no method of transmission or storage is completely secure. We cannot guarantee absolute security of your personal information. You use our Services at your own risk.

10. International Data Transfers

10.1 Cross-Border Data Processing

Your information may be transferred to, stored in, and processed in countries other than your country of residence, including countries that may have different data protection laws. These countries may include the United States, India, and European Union member states.

10.2 Safeguards for International Transfers

Where required by applicable law (e.g., GDPR for EU residents), we implement appropriate safeguards to protect your personal information during international transfers, including:

• Standard contractual clauses (SCCs) approved by the European Commission
• Adequacy decisions recognizing equivalent data protection
• Your explicit consent where necessary

By using our Services, you consent to the transfer of your information to countries outside your country of residence.

11. Your Privacy Rights

Depending on your location, you may have certain rights regarding your personal information:

11.1 General Rights (All Users)

• Access: The right to request what personal information we hold about you.
• Correction: The right to request correction or update of inaccurate or incomplete information.
• Deletion: The right to request deletion of your personal information (subject to legal retention requirements).
• Opt-Out of Marketing: The right to opt out of marketing communications at any time.

11.2 GDPR/UK GDPR Rights (EU/UK Residents)

If you are a resident of the European Union or United Kingdom, you have the following rights:

• Right to Access: Obtain a copy of your personal information we hold.
• Right to Rectification: Correct inaccurate or incomplete information.
• Right to Erasure: Request deletion of your data ("right to be forgotten"), subject to exceptions.
• Right to Restrict Processing: Request that we limit how we use your data.
• Right to Data Portability: Receive your data in a structured, machine-readable format.
• Right to Object: Object to processing based on legitimate interests or for direct marketing.
• Right to Withdraw Consent: Withdraw consent for data processing at any time.
• Right to Lodge a Complaint: File a complaint with your local data protection authority.

11.3 CCPA/CPRA Rights (California Residents)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

• Right to Know: Request what personal information we collect, use, and share about you.
• Right to Delete: Request deletion of personal information we have collected from you.
• Right to Correct: Request correction of inaccurate personal information.
• Right to Opt-Out of Sale/Share: Direct us not to sell or share your personal information.
• Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA/CPRA rights.

We do not sell or share personal information as defined under CCPA/CPRA.

11.4 How to Exercise Your Rights

12. Children's Privacy

12.1 Age Restrictions

Our Services are not directed to children under the age of 16, and we do not knowingly collect personal information from children under 16. If you are under 16, please do not provide any personal information to us.

12.2 Parental Notification

If we become aware that we have collected personal information from a child under 16, we will take prompt steps to delete such information. If you believe a child under 16 has provided us with personal information, please contact us immediately at support@ai-crescent.com.

12.3 Parental Consent

For users between 16 and 18 (or the age of majority in your jurisdiction), we may process limited personal information. If you are under 18, please ensure you have parental or guardian consent before using our Services.

13. Third-Party Links and Services

Our website and Services may contain links to third-party websites, applications, services, and social media platforms. This Privacy Policy applies only to www.ai-crescent.com and the Services provided by Crescent AI. We are not responsible for the privacy practices, policies, or content of third-party websites or services.

We encourage you to:

• Review the privacy policies of any third-party websites before providing personal information
• Exercise caution when clicking external links
• Understand that third parties may have different privacy practices than Crescent AI

14. AI Model Training and Data Usage

14.1 Model Improvement

We may use aggregated, anonymized, or de-identified data to train, fine-tune, and improve our AI models and algorithms. This data will not identify you or be linked to your personal information.

14.2 Opt-Out Options

• GDPR/UK GDPR Residents: You have the right to object to this processing. Contact us at support@ai-crescent.com to opt out.
• California Residents: You have the right to opt out of the use of your personal information for automated decision-making.
• All Users: You can request that we do not use your data for model improvement by contacting support@ai-crescent.com.

14.3 Your Content

Any content you submit (prompts, documents, files) may be used to improve our Services. We recommend you do not include sensitive, confidential, or personal information in content you submit.

15. Do Not Track (DNT) Signals

Some browsers include a "Do Not Track" (DNT) feature. Currently, there is no industry standard for recognizing DNT signals, and our website does not respond to DNT browser signals. However, you can control the use of cookies and tracking through your browser settings and our cookie preferences.

16. Changes to This Privacy Policy

16.1 Updates and Revisions

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, and other factors. When we make material changes, we will:

• Revise the "Last updated" date at the top of this page
• Notify you via email if the changes are significant
• Post a notice on our website

16.2 Your Acceptance

Your continued use of our Services after an updated Privacy Policy becomes effective constitutes your acceptance of the changes. If you do not agree with the updated policy, please stop using our Services. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

17. Contact Us

18. Additional Information for Specific Jurisdictions

18.1 India

Under the Information Technology Act, 2000, and the Digital Personal Data Protection Act, 2023 (if applicable), we comply with data protection requirements. You have the right to know what information we collect, request correction or deletion, and lodge complaints with the appropriate authority.

18.2 European Union / United Kingdom

See Section 11.2 for GDPR/UK GDPR specific rights.

18.3 Canada

Under the Personal Information Protection and Electronic Documents Act (PIPEDA), you have rights to access, correct, and request deletion of your personal information.

18.4 Australia

Under the Privacy Act 1988, you have the right to access, correct, and lodge complaints regarding your personal information.