Prove AI Privacy Policy

1. Purpose

This Privacy Policy (“Policy”) describes how Prove AI AG, a Swiss corporation with its registered seat at Baarerstrasse 43, 6300 Zug, Switzerland (together with its affiliates, subsidiaries, and parents, collectively the “Company”) collects, uses, shares, stores, and safeguards your personal information when you (1) access or use the website, proveai.com (including but not limited to all subdomains, all subdirectories, and any related, successor, or alias domains owned or operated by the Company, as well as all pages, content, applications, and functionalities available therein (the “Site”), (2) access or use of our observability interface with user controlled and customizable metrics for generative AI workloads (the “Dashboard”), (3) interact with or receive marketing materials, campaigns, promotions, sales, and any communications that link to this Policy, and (4) engage with any related products or services offered by the Company (hereinafter collectively referred to as “Products”).

The Company determines the collection and use of Personal Information and as such we are the “controller” or “covered business” for purposes of respective data privacy laws and regulations. By engaging with the Products you agree that your Personal Information will be handled as described in this Policy (including any applicable changes). For this Policy, we will refer to Company interchangeably as “we”, “our”, or “us”, and users of our Products as “you” and “your.”

By accessing, engaging with, or using any of the Products you acknowledge and agree that your Personal Information (defined below) will be handled as described in this Policy, including any applicable changes.

2. Changes to this Policy

We reserve the right to revise this Policy at any time. We will notify you of any material changes to the Policy by updating the Policy on the Product and changing the “Last Updated” date above. Therefore, we encourage you to periodically read this Policy to check for any revisions. We recommend that you store a copy of this Policy and any future versions that may apply to you from time to time for your records.

3. Data Privacy Statement

This Policy applies to every covered person, regardless of where you reside, who has dealings with us that results in the collection of personal information. However, please be aware that if you reside in Switzerland, this Policy is designed to meet the requirements of the Swiss Federal Act on Data Protection (“FADP”), including the Ordinance to the Federal Act on Data Protection (“OFADP”), as well as the Telecommunications Act (“TCA”); if you are a resident of the European Economic Area, this explanation and summary of the Policy is designed to meet the requirements of the General Data Protection Regulation (“GDPR”). If you are a resident of the United States, this explanation and summary of the Policy is designed to meet the requirements of the California Consumer Privacy Act (“CCPA”) and the California Privacy Rights Act of 2020 (“CPRA”). If you are a resident of Canada, this Policy is designed to meet the requirements of the Personal Information Protection and Electronic Data Act (“PIPEDA”).

4. Personal Information

“Personal Information” means information relating to an identified or identifiable individual, such as information that we obtain about you when you access, interact with, or use the Products. Personal Information does not include any data that is anonymized or data that cannot identify you in any way.

The types of Personal Information we may collect includes, but is not limited to:

• Contact information, such as full legal name and email address.
• Social media account information and other information you may share or make public when interacting with us on social media or with the Products. The following Personal Information is, for example, collected, when you like, comment or share our content: social media handle, contact information, IP address, and liked/commented/shared content.
• Internet Protocol (IP) address associated with a computing device that you use to access the Products as well as date and time of access, name and URL of the data accessed, the website from which access is made to our domain, your computer’s operating system and the browser you use, the country from which access to our Product is made, and the name of your Internet provider.
• Information that you provide to us directly in any context, such as personal details in job applications.

Inferences drawn from the Personal Information listed above, in combination with other information collected during your visit to the Products, which may be used to create a profile or summary about your preferences, including your browsing habits while you visit the Product.

5. How we collect your Personal Information

We may collect Personal Information about you that you voluntarily agree to provide when you visit or use the Products. Such collection may occur when:

• you create an account to use the Dashboard,
• you communicate with us via our contact addresses and channels (e.g. by email, telephone or contact form),
• you sign up for or request that we send you newsletters, alerts, or other materials,
• you apply for a job with us,
• you sign up for an event with us,
• you respond to our requests for information or provide feedback; and
• you access or use the Products.

Third-Party Sources: We may receive information about you from other sources, such as social media platforms or our service providers when you interact with us on those systems or platforms, or access our social media content. In some cases, we may collect information from third parties as directed by you. In order to obtain complete information about Third-Party Sources, we request that you consult the privacy policies of any third-party services.

Cookies and Web Beacons: Company and certain third-party service providers use various technologies to collect information about you, including cookies and web beacons (i.e. pixel tags). Cookies are small data files stored in the device memory of your computing device that help us to, among other things, improve your experience while using the Product, see which areas and features of the Product are popular, and count visits. Web beacons are clear, electronic images that may be used on the Product or in our emails and help deliver cookies, count visits, understand usage and campaign effectiveness, and determine if an email has been opened and acted upon. For information on which cookies are used for tracking purposes see below under “Tracking-Tools” and read the Prove AI Cookie Policy.

6. How we use your Personal Information

We use your Personal Information for various specific purposes, including to:

• Respond to your inquiries or requests for information about the Products or job application. In these cases, we process your Personal Information for the performance of a contract or to take steps prior to entering into a contract according to art. 6 para. 1 lit. b GDPR or based on our legitimate interest (answering your inquiry) according to art. 6 para. 1 lit. f GDPR.
• We use the data you provide to assess your application and suitability for employment. Application documents of unsuccessful applicants are deleted at the end of the application process, unless you explicitly agree to a longer retention period or we are not legally obliged to retain them for a longer period.
• We use a software application from Workable Software Limited, 5 Golden Square, 5th Floor, London, W1F 9BS, United Kingdom, to process applications. Therefore, your data may be stored in a database of Workable Software Limited, which may allow the third-party to access your data if this is necessary for the provision of the software and for support in the use of the software. The legal basis for processing your data for this purpose is the execution of a contract (pre-contractual phase) in accordance with art. 6 para. 1 lit. b GDPR.
• Provide you with Products and send Product-related communications. In these cases, we process your Personal Information for the performance of a contract or to take steps prior to entering into a contract according to art. 6 para. 1 lit. b GDPR.
• Send you newsletters, updates, event information, marketing communications, and other information that may interest you. In these cases, we process the Personal Information based on your consent according to art. 6 para. 1 lit. a GDPR. By subscribing to marketing emails, you also consent to the statistical evaluation of user behaviour for the purpose of optimizing and adapting the marketing emails.
• We use a software application from Hubspot, 25 First Street, 2nd Floor, Cambridge, MA 02141, USA to provide marketing emails. Therefore, your data may be stored in a database of Hubspot, which may allow Hubspot to access your data if this is necessary for the provision of the software and for support in the use of the software. Your consent constitutes the legal basis for the processing of data within the meaning of art. 6 para. 1 lit. a GDPR. You can revoke your consent for the future at any time.
• Conduct data analytics studies to review and better understand how the Product is being used. In these cases, we have a legitimate interest in art. 6 para. 1 lit. f GDPR.
• Enable the use of the Products, to ensure the long-term security and stability of the system and to optimise the Products, and for internal statistical purposes. However, such information will not be linked to or stored with Personal Information. Only in the case of an attack on the network infrastructure of the Product or in case of suspicion of other unauthorised or improper use of the Products, the IP address will be evaluated for clarification and defence and, if necessary, used in criminal proceedings for identification and to bring legal action against the users concerned under civil and criminal law. In this case, we have a legitimate interest in art. 6 para. 1 lit. f GDPR.

7. Disclosing your Personal Information to third parties

We do not sell your Personal Information to third parties.

However, various third-party service providers are explicitly mentioned in this Policy. We may share your Personal Information with non-related third-party service providers that perform services on our behalf, such as the web-hosting company Amazon Web Services, Inc., 410 Terry Avenue North, Seattle, WA 98109-5210, and the information technology provider Atlassian Pty Ltd c/o Atlassian, Inc., 350 Bush Street, Floor 13, San Francisco, CA 94104, and code repository management solution GitHub, Inc., 88 Colin P. Kelly Jr. Street, San Francisco, CA 94107. In many instances, these activities are for the purpose of completing a service request or inquiry from you, or to inform a previous user about new services which may be of interest. In these cases, we process your Personal Information for the performance of a contract or to take steps prior to entering into a contract according to art. 6 para. 1 lit. b GDPR, or based on our legitimate interest according to art. 6 para. 1 lit. f GDPR.

8. Central data storage and analysis in the CRM system

Insofar as a clear assignment to your person is possible, we will store and link the data described in this data protection declaration, i.e. in particular your personal details, your contacts, your behaviour with the Products in a central database. The legal basis for this data processing is our legitimate interest within the meaning of art. 6 para 1 lit. f GDPR in the efficient management of users’ data and Personal Information.

We also analyse this data in order to further develop and refine our Products in line with your needs and to be able to display and suggest the most relevant information and offers to you. We also use methods that predict possible interests based on your use of our Product.

For central data storage and analysis in the CRM system, we use a software application from Hubspot, 25 First Street, 2nd Floor, Cambridge, MA 02141, USA address, country. Therefore, your data may be stored in a database of Hubspot, which may allow Hubspot to access your data if this is necessary for the provision of the software and for support in the use of the software. Further information about data processing by Hubspot can be found at http://www.hubspot.com/privacy-policy and http://www.hubspot.com/terms-of-service.

The legal basis for this data processing is our legitimate interest within the meaning of art. 6 para. 1 lit. f GDPR in carrying out marketing activities.

9. Data sharing and cross-border transfers

We may share your Personal Information within the Prove AI Group, when necessary to conduct the business activities related to your relationship with us. In some instances, that sharing requires us to transfer your Personal Information to one or more of our affiliates outside of Switzerland, including to the United States, where your Personal Information is stored.

For the sake of completeness, we would like to point out that the U.S. authorities may take surveillance measures under U.S. law that allow general storage of all data transferred from the European Union or Switzerland to the United States. This is done without distinction, limitation or exception, on the basis of the objective pursued and without objective criteria that would allow limiting the access of the U.S. authorities to Personal Information and their subsequent use to specific, strictly limited purposes that justify access to such data. In addition, we would like to point out that there are no legal remedies in the U.S. for data subjects from EU Member States or Switzerland that would allow them to obtain access to the data concerning them and to obtain its correction or deletion, and that there is no effective legal protection against general access rights of the U.S. authorities. We expressly draw the data subject’s attention to this legal and factual situation so that he or she can make an informed decision about consenting to the use of his or her data.

When we transfer your Personal Information to another country, we ensure that our affiliate is able to provide the same adequate protection of that data as we provide, through internal standard contractual clauses between the entities part of the Prove AI Group.

In addition, we may share your Personal Information with a third party in order to complete our business commitment to you or to comply with a legal obligation associated with our relationship, as necessary to administer that relationship with you or in relation to the Products. In those situations, Prove AI conducts the same evaluation of adequacy to ensure that your Personal Information is protected. We will ensure by contract that the third party will not be permitted to process your Personal Information for any other purposes and in any other manner than we would be permitted.

Prove AI will not share or sell your Personal Information with a third party for any purpose other than to comply with a legal obligation, as necessary to facilitate or complete our business relationship with you or in relation with the optimization of the Products. We do not sell your Personal Information to third parties for marketing purposes; our agreements with such third parties expressly prohibits them from using your Personal Information for marketing/promotional purposes.

10. Third party services

10.1 Links to other websites from the Product

We may provide links to or embed content hosted by third-party websites, services, and applications that operate outside the control of Prove AI. Without the support of other companies, we would not be able to provide our Products in the desired form. In order for us to be able to use the services of these companies, it is also necessary to pass on your Personal Information to these companies to a certain extent. A transfer takes place to selected third-party service providers and only to the extent that is necessary for the optimal provision of our services. Third-party services may include an activity feed, social media buttons, and widgets. This Policy does not address the privacy, security, or other practices of third parties that provide such content. We encourage you to review the privacy policies of those third parties before providing any information to us through them.

The legal basis for these disclosures is the necessity for the fulfillment of a contract within the meaning of art. 6 para. 1 lit. b GDPR or on the basis of our legitimate interests (optimization of our online offering) according to art. 6 para. 1 lit. f GDPR.

10.2 Links to our social media presences

We have incorporated links to our social media profiles on the following networks:

• Facebook of Meta Platforms Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA;
• GitHub of GitHub Inc., 88 Colin P Kelly Jr Street, San Francisco, CA 94107, USA;
• Telegram of Telegram Messenger LLP, 71-75 Shelton Street Covent Garden, London, UK;
• Reddit of Reddit, Inc., 420 Taylor Street, San Francisco, CA 94102, USA;
• Twitter of Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA;
• YouTube, a service operated by Google Inc.;
• Discord Inc., 444 De Haro Street Suite 200, San Francisco, CA 94107;
• LinkedIn of LinkedIn Corporation, 1000 W Maude Ave. Sunnyvale, CA 94085.

When you click on the icons of the social networks, you are automatically redirected to our profile in the respective network. This establishes a direct connection between your browser and the server of the respective social network. This provides the network with the information that you have visited our Product with your IP address and clicked on the link. This may also result in data being transferred to servers abroad, e.g. the USA.

The legal basis for any data processing attributed to us is our legitimate interest within the meaning of art. 6 para. 1 lit. f GDPR in the use and promotion of our social media profiles.

11. Tracking-tools

11.1 General information on tracking

We use the web analytics service providers listed below for the purpose of demand-oriented design and continuous optimisation of the Product. In this context, pseudonymised usage profiles are created and cookies are used. The information generated by the cookie about your use of this Product is generally stored together with the data collected and is usually transferred to a server of the service provider, stored and processed there. This may also involve transmission to servers abroad, e.g. the USA.

By processing the data, we obtain the following information, among others:

• Navigation path followed by a visitor of the Product;
• Dwell time on the Product or subpage;
• Subpage on which the Product is left;
• Country, region or city from where access is made;
• End device (type, version, colour depth, resolution, width and height of the browser window); and
• returning or new visitors.

On our behalf, the third party web analytics service provider will use this information to evaluate the use of the Product, in particular to compile website activities and to provide other services associated with the use of the Product for the purposes of market research and demand-oriented design of the Product. For these processing operations, we and the third party web analytics service providers may be considered joint data controllers up to a certain extent.

The legal basis for this data processing with the following services is your consent within the meaning of art. 6 para. 1 lit. a GDPR. You can revoke your consent or refuse processing at any time by rejecting or deactivating the cookies in question in your web browser settings or by making use of the service-specific options described below.

For the further processing of the data by the respective provider as the (sole) responsible party under data protection law, in particular also a possible forwarding of this information to third parties, e.g. to authorities due to national legal regulations, please refer to the respective data protection information of the provider.

11.2 Google Analytics

The Products uses Google Analytics, a web analysis service of Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland, respectively Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA (“Google”). Google Analytics uses methods that allow an analysis of the use of the Products, such as “cookies”. These generates information about your use of the Products such as

• navigation path that a visitor takes on the site,
• length of stay on the Product or sub-page,
• the sub-page on which the Product is left,
• the country, region, or city from where access takes place,
• device (type, version, colour depth, resolution, width and height of the browser window),
• recurring or new visitors,
• browser type/version,
• the operating system used,
• the referrer URL (the page previously visited),
• host name of the accessing computer (IP address), and
• time of the server query

that are transferred to the USA and stored there on servers of Google, a company of the holding company Alphabet Inc. The IP-address will be shortened by the activation of IP anonymisation (“anonymiseIP”) on the Product, before transmission within the member states of the European Union or other states party to the agreement on the European Economic Area, as well as in Switzerland. The anonymised IP address that the user’s browser transmits within the scope of Google Analytics will not be merged with any other data held by Google. In exceptional cases only, the complete IP address may be transmitted to a Google server in the USA and shortened there. In these cases, we ensure through contractual guarantees that Google complies with a sufficient level of data protection.

The information is used in order to evaluate the use of the Products, to compile reports on the activities on the Products and to provide other services related to the use of the Products and the Internet for the purposes of market research and tailor-made website design. Google may also pass this information on to third parties insofar as this is required by law or if third parties process the data on Google’s behalf.

According to Google, no connection is ever made between the IP address and other data relating to the user. You can prevent the collection of the data (including the IP address) generated by the cookie and related to the Product use by the respective users as well as the processing of this data by Google, by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=en

As an alternative to the browser plug-in, you can amend your browser settings to prevent the collection of Personal Information by Google Analytics on this Product in the future. We use Google Analytics on the basis of your consent according to art. 6 para. 1 lit. a GDPR.

11.3 Google Tag Manager

The Product uses Google Tag Manager from Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA. Google Tag Manager is a solution by which the marketer can manage website tags via a surface. The Tag Manager tool is a domain without cookies that does not record Personal Information. The tool ensures the triggering of other tags, which may, under the circumstances, collect Personal Information on their part. Google Tag Manager does not access this data. If a deactivation has been made at the domain or cookie level, it remains for all tracking tags that are implemented with Google Tag Manager. You can prevent the placement of tags at any time.

11.4 HubSpot

The Product uses HubSpot, a software of HubSpot Inc, 25 First Street, 2nd Floor, Cambridge, MA 02141, USA. HubSpot is used in the area of inbound marketing and helps us to better coordinate and optimize our marketing strategy by means of statistical analyses and evaluation of logged user behaviour, among other things. Cookies are used. You can prevent the storage of cookies at any time by setting your browser software accordingly or delete the cookies already stored. Please note that if cookies are blocked, you may not be able to make full use of the services provided on the Product.

For more information, please refer to the Terms of Use and Privacy Policy of HubSpot Inc. at http://www.hubspot.com/terms-of-service and at http://www.hubspot.com/privacy-policy.

The use of HubSpot on the basis of our legitimate interests (efficient and quick processing of user requests, applications and optimization of our online offering) according to art. 6 para. 1 lit. f GDPR.

12. Children’s online privacy

Prove AI Products are not intended for children under the age of 13. Prove AI does not target the Product to children under 13 or knowingly collect information from children under the age of 13. Similarly, we do not normally collect Personal Information about children between the ages of 13 and 18; the exception to this normal rule would be if the parent or legal guardian of a child between 13 and 18 contractually provides us with consent to collect and process a child’s Personal Information.

Please contact us if you believe we have inadvertently collected Personal Information from a child under 18 without proper consent. This will allow us to delete such information as soon as possible.

13. Your rights and obligations

13.1 Your duty to inform us of changes

It is important that the Personal Information we hold about you is accurate and current. Please keep us informed if your Personal Information changes during the period in which our relationship is active.

13.2 Your rights in connection with Personal Information

Under certain circumstances and applicable data privacy laws, you may have the right to:

• Request access to your Personal Information. This enables you to receive a copy of the Personal Information we hold about you and to check that we are processing it lawfully.
• Request correction of the Personal Information. This enables you to request that we correct errors in your Personal Information.
• Object to processing of your Personal Information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation that causes you to object to processing on this ground.
• Request the restriction of processing of your Personal Information. This enables you to ask us to suspend the processing of Personal Information about you, for example, if you want us to establish its accuracy or reason for processing it.
• Request the transfer of your Personal Information to another party, which we may be able to do if it is feasible to do so (e.g., if such a transfer can be accomplished technically) or if it is appropriate to do so (e.g., if the other entity is willing to accept your Personal Information directly from us).
• Withdraw your consent at any time in general. You may withdraw your consent for us to collect, use, and disclose your Personal Information at any time with effect for the future by unsubscribing to any email or by sending us an email to privacy@proveai.com. However, processing activities based on your consent prior to your notification to withdraw does not become unlawful as a result of your revocation.
• Right to file a complaint with the competent data protection authority at any time.
• A final right you have is to request erasure of your Personal Information. This right enables you to ask us to delete or remove Personal Information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your Personal Information where you have exercised your right to object to processing. However, you should be aware there are specific exemptions under which Prove AI will NOT honour a request for erasure:

• Where we have an ongoing legal obligation to retain your Personal Information because of a regulatory requirement (e.g., employment regulations, auditing and record-keeping, etc.);
• Where retaining the information is necessary for us, our affiliates, or our service provider(s) to complete the transaction for which we collected the Personal Information, to provide a good or service that you requested, to take actions reasonably anticipated within the context of our ongoing business relationship with you, or to otherwise perform our contract with you; and
• Where the continued use of your Personal Information is necessary in order to detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.

If you want to review, verify, correct, or request erasure of your Personal Information, object to the processing of your Personal Information, revoke your consent or request that we transfer a copy of your Personal Information to another party, please contact us in writing. Please note that we may ask you to verify your identity before responding to such requests.

14. Information for European Economic Area residents

If you are a resident of Switzerland or a country in the European Economic Area (“EEA”), this portion of our Policy advises you of your rights and protections under applicable law regarding the processing of your “personal data,” as defined by the Swiss Federal Act on Data Protection (“FADP”), including the Ordinance to the Federal Act on Data Protection (“OFADP”), the Telecommunications Act (“TCA”), and the European General Data Protection Regulation (“GDPR”). When we process your personal data, we will only do so when we have your consent or if we can rely on any other legal basis permitting the processing of personal data. When processing is based on consent, you have the right to revoke your previously granted consent at any time with effect for the future by sending an email to privacy@proveai.com.

We will only retain your Personal Information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. Details of retention periods for different aspects of your Personal Information are available in our retention policy, which is available from our Data Protection Manager. To determine the appropriate retention period for Personal Information, we consider the amount, nature, and sensitivity of the Personal Information, the potential risk of harm from unauthorised use or disclosure of your Personal Information, the purposes for which we process your Personal Information and whether we can achieve those purposes through other means, and the applicable legal requirements. In some circumstances, we may anonymize your Personal Information so that it can no longer be associated with you, in which case we may use such information without further notice to you. When permitted or it is appropriate to do so, we will securely destroy your Personal Information in accordance with applicable laws and regulations. There may be specific statutory data retention obligations. Swiss law requires, for example, that business communication, concluded contracts and booking receipts must be stored for up to 10 years.

We are entitled to pass on your personal data to third-party companies abroad as described above under “Disclosing your personal data to Third Parties”. These third-party companies are obliged to respect your privacy to the same extent as we do. If the level of data protection in a country is considered inadequate within the meaning of the FADP or the GDPR, we will ensure, by means of a contract, that your personal data is protected according to Swiss regulations or the GDPR at all times.

Our EU representative according to art. 27 GDPR is:

MLL EU-GDPR GmbH
Ganghoferstrasse 37
DE-80339 Munich
casperlabs@mll-gdpr.com

15. Information for California consumers

This portion of our Policy advises California residents of rights provided under the California Consumer Privacy Act (the “CCPA”) and California Privacy Rights Act (“CPRA”) that relate to our collection, use, and disclosure of Personal Information.

Subject to certain limitations, you have the right to request to know more about the Personal Information (and categories of information) we collect, use, and disclose, and to request the deletion of your Personal Information. To make any such a request, please send an email to privacy@proveai.com.

You also have the right to opt-out of the disclosure of Personal Information to third parties for their direct marketing purposes. Prove AI does not disclose Personal Information to third parties for direct marketing purposes. California law (California Civil Code Section 1798.83) “Shine the Light Law” permits residents of California to opt out of our disclosures of your Personal Information to third parties for marketing purposes at any time. Prove AI will not disclose your personally identifiable information to third parties for marketing without giving you notice and getting your consent. Please note this opt-out does not prohibit disclosures for nonmarketing purposes. You can opt out for free by contacting us at privacy@proveai.com or writing to us at: Baarerstrasse 43, 6300 Zug, Switzerland.

Some website browsers may be able to send a do not track signal to websites. The Products do not respond to do not track signals or similar mechanisms and requests. If you block cookies through your browser, you will block cookies, as noted above.

16. Information for Canadian residents

Individuals covered by PIPEDA, or any of the six provincial privacy laws that have been declared “substantially similar” to PIPEDA, must obtain an individual’s consent when they collect, use, or share the individual’s Personal Information, and individuals have a right to access their Personal Information held by an organization and to challenge its accuracy, if need be. Prove AI can only use Personal Information for the purpose(s) for which it was collected. Individuals should also be assured that their Personal Information will be protected by appropriate safeguards.

17. Information security

Prove AI uses a variety of physical, administrative, and technological safeguards designed to protect your Personal Information against loss, misuse, and unauthorised access or disclosure and follows the applicable legal and regulatory requirements for safeguarding such information. We have dedicated information security programs and work hard to continuously enhance our technical and operational security measures. Our measures consider the sensitivity of the information we collect, use, and store, and the current state of technology. Our security measures include data encryption, firewalls, data use and access limitations for our personnel and subcontractors and physical access controls to our facilities and cloud-based data storage servers.

Please be aware that, despite our best efforts, no security measures are perfect. As a result, we cannot guarantee or warrant the security of any submitted Personal Information. In the event of a security breach that involves your Personal Information, Prove AI will notify the appropriate officials and notify you if you have reason to believe that your data has been compromised.

18. Data privacy manager

We have appointed a data privacy manager to oversee compliance with this Policy. If you have any questions about this Policy or how we handle your Personal Information, please contact the data privacy manager.

If you have any questions about this Policy, please contact our data privacy manager at privacy@proveai.com.