Privacy Policy

Introduction

At BastionAI Inc. ("we", "us", "our", or "Company"), we are committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our services.

Please read this Privacy Policy carefully. If you do not agree with our policies and practices, please do not use our services. By accessing and using BastionAI, you acknowledge that you have read, understood, and agree to be bound by all the provisions of this Privacy Policy.

Information We Collect

We collect information in several ways to provide, improve, and protect our services:

Personal Information

When you interact with BastionAI, we may collect personal information that can identify you, including:

• Name: Your full name as provided during registration or communication
• Email Address: Your email for account creation, communications, and support
• Company Information: Organization name and professional details
• Contact Details: Phone number and physical address when voluntarily provided

Usage Data

We automatically collect certain information about your device and how you interact with our services:

• IP Address: Your Internet Protocol address for security and analytics
• Browser Type: Information about your web browser and version
• Device Information: Device type, operating system, and unique device identifiers
• Behavioral Data: Pages visited, time spent, clicks, and user interactions
• Referral Source: How you accessed our website or service

Cookies and Similar Technologies

We use cookies, pixels, and similar tracking technologies to enhance your experience, analyze usage patterns, and deliver personalized content. You can control these through your browser settings.

How We Use Your Information

BastionAI uses the information we collect for various purposes, including:

• Service Provision: To create, maintain, and improve your account and deliver our core services
• Communications: To send transactional emails, service updates, and respond to your inquiries
• Marketing: To send promotional materials and updates about new features (with your consent)
• Analytics and Improvement: To understand how users interact with our platform and optimize performance
• Security: To detect, investigate, and prevent fraudulent activities and security incidents
• Legal Compliance: To comply with applicable laws, regulations, and legal requests
• Business Operations: To conduct internal research, analytics, and operational improvements

Information Sharing and Disclosure

We may share your information in specific circumstances to support our operations and protect your rights:

• Service Providers: With third-party vendors who assist in operating our website, processing payments, conducting analytics, and providing customer support. These providers are contractually obligated to maintain confidentiality.
• Legal Requirements: When required by law, court order, or government request, or when necessary to protect our legal rights and safety
• Business Transfers: If BastionAI is involved in a merger, acquisition, bankruptcy, or sale of assets, your information may be transferred as part of that transaction
• User Consent: With your explicit consent or at your direction

Important: BastionAI does not sell, rent, or trade your personal data to third parties for marketing purposes. We are committed to protecting your privacy and maintaining your trust.

Data Security

We implement comprehensive security measures to protect your personal information from unauthorized access, alteration, disclosure, or destruction. Our security practices include:

• Encryption: Industry-standard SSL/TLS encryption for data in transit
• Access Controls: Strict access limitations for employees and contractors who need personal data
• Data Protection: Secure databases and storage systems with encryption at rest
• Security Audits: Regular security assessments and vulnerability testing
• Incident Response: Established procedures to respond to security incidents

While we strive to protect your information using reasonable security measures, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security, and you use our services at your own risk.

Data Retention

We retain your personal information for as long as necessary to provide our services, fulfill legal obligations, and protect our legitimate business interests. The retention period varies depending on the type of data and its purpose:

• Account Information: Retained for the duration of your account and a reasonable period thereafter
• Communications: Kept for customer service and support purposes
• Usage Data: Typically retained for analytics purposes for up to 24 months
• Legal Requirements: Retained as long as required by applicable law

You may request deletion of your data at any time, subject to certain legal obligations and operational requirements. We will make reasonable efforts to comply with deletion requests in accordance with applicable privacy laws.

Your Privacy Rights

Depending on your location, you may have specific rights regarding your personal information. BastionAI respects and supports these rights:

California Residents (CCPA)

Under the California Consumer Privacy Act, you have the right to:

• Right to Know: Request what personal information we collect, use, and share
• Right to Delete: Request deletion of personal information collected from you
• Right to Opt-Out: Opt out of the sale or sharing of your personal information
• Right to Non-Discrimination: Receive equal service and pricing for exercising your CCPA rights

European Residents (GDPR)

Under the General Data Protection Regulation, you have the right to:

• Right of Access: Obtain confirmation of whether we process your data and request a copy
• Right of Rectification: Correct inaccurate or incomplete personal information
• Right to Erasure: Request deletion of your data under certain circumstances
• Right to Restrict Processing: Limit how we use your information in specific situations
• Right to Data Portability: Receive your data in a structured, portable format
• Right to Object: Object to certain types of processing, including marketing

To exercise any of these rights, please contact us at privacy@bastionai.io with your request. We will respond within the timeframe required by applicable law.

Cookies and Tracking Technologies

BastionAI uses cookies and similar technologies to enhance your experience and gather analytics:

• Essential Cookies: Required for basic website functionality, security, and user authentication
• Analytics Cookies: Help us understand user behavior and improve our services
• Preference Cookies: Remember your settings and preferences for future visits

Managing Cookies: You can control cookies through your browser settings. Most browsers allow you to refuse cookies or alert you when a cookie is being sent. However, blocking cookies may impact your ability to use certain features of our website.

Changes to This Privacy Policy

BastionAI may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, and other factors. When we make material changes, we will notify you by:

• Posting the updated policy on our website
• Updating the "Last Updated" date at the top of this policy
• Sending you an email notification for significant changes

Your continued use of our services after any modifications indicates your acceptance of the updated Privacy Policy. We encourage you to review this policy regularly to stay informed about how we protect your information.

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

• Email: privacy@bastionai.io
• Website: www.bastionai.io

We are committed to working with you to resolve any privacy concerns. For GDPR-related inquiries, we will respond within 30 days. For CCPA requests, we will respond within 45 days as required by law.