PRIVACY POLICY

Uru Intelligence System Platform

Effective Date: January 2025 Last Updated: January 2025

1. OVERVIEW AND SCOPE

This Privacy Policy explains how Uru Intelligence Inc. (“Uru,” “we,” “us,” or “our”) collects, uses, discloses, and protects information in connection with the Uru Intelligence System platform and related services (collectively, the “Services”).

This Policy covers:

The Services provided to business customers and their authorized users; and
Our websites and communications that link to or reference this Policy.

If you are using the Services on behalf of an organization, your organization’s agreement(s) with us (including any data processing addendum, if applicable) may further describe how we handle certain data.

2. DEFINITIONS

For clarity, we use the terms below:

“Customer” / “Organization”: The company or other entity that enters into an agreement with Uru for the Services.
“Authorized User”: An individual authorized by a Customer to use the Services (for example, administrators, employees, contractors).
“Customer Data”: Data, content, files, messages, configuration, and other information that Customers or Authorized Users submit to, store in, or process through the Services, including data retrieved from Customer-connected third-party applications via integrations.
“Account Data”: Information associated with an account and workspace, such as names, emails, workspace membership/roles, billing contact details, and authentication/session information.
“Usage Data”: Information about how the Services are accessed and used (for example, feature usage, performance and error diagnostics, logs, device/browser information).
“Service Providers”: Vendors and subcontractors that process data on our behalf to provide or support the Services (also referred to as subprocessors in some contracts).

3. OUR ROLE: CONTROLLER VS. PROCESSOR

Our role depends on the type of data:

Customer Data: We generally process Customer Data on behalf of the Customer and in accordance with the Customer’s instructions and agreement(s) with us.
Account Data and Usage Data: We generally process Account Data and Usage Data to operate, secure, and improve the Services and to manage our relationship with Customers.

4. INFORMATION WE COLLECT

4.1 Account Data

We may collect:

Customer/Workspace information: Workspace name, organization name (if provided), workspace membership and roles.
Authorized User information: Name, email address, authentication/session information.
Billing and payment-related information: Billing contact name and email, plan/usage settings, and records necessary to administer billing (note: payment details may be collected directly by a payment processor, depending on your plan and implementation).

4.2 Customer Data

Customers and Authorized Users may provide or process Customer Data through the Services, including:

Data from connected third-party applications (integrations)
Documents, files, and content submitted for processing
Configuration settings and parameters for workflows and automations
Transactional and operational data required to run requested workflows

We access and process only the Customer Data necessary to provide the Services and the workflows the Customer requests.

4.3 Integration Data (Connected Third-Party Services)

When you connect third-party services, we may process:

Tokens/credentials required to connect and maintain integrations (e.g., OAuth tokens, API keys)
Data pulled from or sent to the connected service as part of the workflows you configure
Event and execution records associated with running automations

Third-party services you connect have their own privacy practices and terms that apply to your use of those services.

4.4 Usage Data and Device/Technical Data

We may collect:

Logs and security events (e.g., login events, IP address, device and browser information, session identifiers)
Diagnostics (e.g., performance metrics, error reports, reliability signals)
Feature usage information (e.g., which features are used and how frequently)

If you use native/mobile versions of the Services, the application may also collect device information (such as device identifiers) and network status to support functionality and reliability.

4.5 Information You Provide When You Contact Us

If you contact us (for example, to request support), we collect the information you choose to provide, such as your name, email address, and the contents of your message.

5. HOW WE USE INFORMATION

We use information for the following purposes:

Provide the Services: Create and administer accounts, authenticate users, run workflows/automations, provide customer support, and fulfill contractual obligations.
Security and integrity: Protect against fraud and abuse, enforce policies, debug, and maintain the security of the Services.
Improve and develop the Services: Understand usage patterns, fix bugs, and improve functionality and performance.
Billing and operations: Manage subscriptions and billing settings, keep records, and perform internal operations.
Legal and compliance: Comply with applicable law, respond to lawful requests, and protect rights and safety.

6. HOW WE DISCLOSE INFORMATION

6.1 We do not sell personal information

We do not sell personal information in exchange for money. We also do not share personal information for cross-context behavioral advertising on our websites.

6.2 Service Providers

We may disclose Account Data, Usage Data, and (where applicable) Customer Data to Service Providers that help us operate and support the Services, such as:

Cloud hosting and infrastructure providers
Database and managed platform providers
Payment and invoicing providers (e.g., Stripe, if enabled/used for billing)
Security, monitoring, and reliability service providers
Customer support and communications tools

Service Providers are required by contract to protect information and use it only for the purposes we specify.

6.3 Disclosures at Customer direction

We disclose Customer Data to third parties at the Customer’s direction, such as when a Customer enables integrations or configures workflows that send data to a connected service.

6.4 Legal and safety

We may disclose information if we believe disclosure is required by law or legal process, or is necessary to protect the rights, property, or safety of Uru, our Customers, users, or others.

6.5 Business transfers

If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of some or all assets, information may be disclosed or transferred as part of that transaction, subject to applicable law.

7. COOKIES, LOCAL STORAGE, AND SIMILAR TECHNOLOGIES

The Services may use essential cookies and similar technologies (including local storage) for:

Authentication and session management
Security (e.g., protecting against abuse)
Core functionality and preferences

You can control cookies through your browser settings. If you disable essential cookies, some features may not function properly.

8. DATA RETENTION

We retain information for as long as necessary to provide the Services and for legitimate business purposes such as security, compliance, dispute resolution, and enforcing agreements.

For example:

Active accounts: We retain Account Data and Customer Data while the account/workspace is active.
After termination: Customers may be able to export data for a limited period following termination; thereafter, we delete or de-identify data consistent with our agreements and legal obligations.
Logs and security records: We retain certain logs and security records for a period necessary to maintain security, investigate incidents, and comply with law.

9. SECURITY

We maintain reasonable administrative, technical, and organizational safeguards designed to protect information. No security measures are perfect; we cannot guarantee absolute security.

10. INTERNATIONAL DATA TRANSFERS

We may process and store information in the United States and other locations where we or our Service Providers operate. If you access the Services from outside the United States, you understand that information may be transferred to, stored in, and processed in the United States and other jurisdictions.

11. CHILDREN’S PRIVACY

The Services are intended for business use and are not directed to children. We do not knowingly collect personal information from individuals under 18.

12. YOUR PRIVACY RIGHTS (U.S. STATE PRIVACY LAWS)

Depending on where you live and applicable law, you (or an authorized agent) may have rights to:

Access/Know: Request information about the personal information we collected about you.
Correction: Request that we correct inaccurate personal information.
Deletion: Request deletion of personal information, subject to exceptions.
Portability: Request a copy of certain personal information in a portable format.
Opt-out: Opt out of certain processing, such as targeted advertising, the sale of personal information, or certain profiling, where applicable.
Non-discrimination: Not be discriminated against for exercising your rights.

How to submit a request

To submit a request, email us at support@uruintelligence.com.

Verification

To protect privacy and security, we may take steps to verify your identity and/or your authority to make a request (for example, confirming access to the email address on the account or requesting additional information).

Authorized agents

Where permitted by law, you may designate an authorized agent to submit a request on your behalf. We may request proof of the agent’s authority and may still need to verify your identity directly.

Appeals

If we deny your request, you may appeal by replying to the denial message or emailing us at support@uruintelligence.com with “Privacy Appeal” in the subject line.

13. CALIFORNIA PRIVACY NOTICE (CCPA/CPRA)

This section applies to California residents to the extent the California Consumer Privacy Act, as amended by the California Privacy Rights Act (“CCPA/CPRA”), applies.

13.1 Categories of personal information we collect

In the last 12 months, we may have collected the categories below (depending on how the Services are used). We do not knowingly collect “sensitive personal information” for the purpose of inferring characteristics about you. If Customers include sensitive information in Customer Data, we process it as Customer Data on the Customer’s instructions.

Category (CCPA)	Examples in our Services	Sources	Business/Commercial Purposes	Categories of Recipients	Retention (high level)
Identifiers	Name, email address, account/workspace identifiers, IP address, device identifiers (where applicable)	You/your organization; your device; integrations	Account administration, authentication, security, support	Service Providers; Customer-directed recipients (integrations)	As needed for Services; security/log retention per policy
Commercial information	Billing contact info; plan configuration; transaction/billing records (as applicable)	You/your organization; payment/invoicing providers	Billing, account management, fraud prevention	Service Providers (payment/invoicing)	As required for billing, accounting, and legal obligations
Internet/network activity	Usage logs, feature usage, session data, diagnostics	Your device/browser; our systems	Provide, secure, and improve Services	Service Providers (hosting, monitoring)	As needed for operations and security
Professional/employment information	Organization name, role within workspace (if provided)	You/your organization	Account administration, authorization	Service Providers	As needed for Services
Other information you provide	Customer Data/content submitted to Services	You/your organization; integrations	Provide requested workflows/automations	Service Providers; Customer-directed recipients (integrations)	As directed by Customer and/or per agreements

13.2 Sale and sharing

Sale: We do not sell personal information.
Share (for cross-context behavioral advertising): We do not share personal information for cross-context behavioral advertising.

13.3 Your California rights

California residents may have rights to know/access, delete, correct, and obtain information about disclosures, subject to exceptions and verification. You also have the right not to be discriminated against for exercising your rights.

To exercise your rights, contact us at support@uruintelligence.com.

14. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time. If we make material changes, we will update the “Last Updated” date and may provide additional notice (for example, via the Services or email to an administrator).

15. CONTACT US

For questions, concerns, or to exercise privacy rights, contact:

Uru Intelligence Inc. 5511 Parkcrest Drive, Suite 103 Austin, TX 78731 USA Email: support@uruintelligence.com

By using the Services, your organization acknowledges that it has read and understood this Privacy Policy.

PrivacyPolicy