Last Updated: January 2025
1. Introduction
Conformal AI ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services, including the Stych API, Stych Agent, and related data processing services (collectively, the "Services").
Our Services are designed with privacy as a core principle. We use local AI processing to ensure your data remains under your control and is processed with the highest standards of privacy and security.
2. Information We Collect
2.1 Data You Provide
We collect information that you provide directly to us, including:
- Account Information: Email addresses, API keys, and authentication credentials when you register for or use our Services
- Dataset Files: Files you upload through our Services, including CSV, Excel, JSON, Parquet, and other supported formats
- API Requests: Data records, matching parameters, and configuration settings submitted through our API endpoints
- Conversation Data: Messages and queries submitted through Stych Agent for dataset operations
- Contact Information: Information provided when you contact us for support, including email addresses and phone numbers
2.2 Automatically Collected Information
When you use our Services, we automatically collect certain information, including:
- Usage Data: API request logs, job status, processing times, and service usage patterns
- Technical Data: IP addresses, browser type, device information, and access timestamps
- Job Metadata: Job IDs, request IDs, status information, and processing metrics
- Error Logs: Error messages and diagnostic information for service improvement
3. How We Use Your Information
We use the information we collect to:
- Provide Services: Process your datasets, perform record linkage, data cleaning, auditing, and entity recognition operations
- Maintain Services: Monitor service performance, troubleshoot issues, and ensure system reliability
- Improve Services: Analyze usage patterns to enhance our algorithms, improve accuracy, and develop new features
- Communicate: Respond to your inquiries, provide customer support, and send service-related notifications
- Security: Detect and prevent fraud, abuse, and security threats
- Compliance: Comply with legal obligations and enforce our Terms of Service
4. Local AI Processing and Data Privacy
A core feature of our Services is local AI processing, which means:
- On-Premises Processing: Your data is processed using local AI models that run on your infrastructure or our secure servers, minimizing data exposure
- No Third-Party AI Services: We do not send your data to external AI service providers for processing
- Data Minimization: We only process the data necessary to perform the requested operations
- Encryption: Data in transit and at rest is encrypted using industry-standard protocols
5. Data Storage and Retention
5.1 Storage
Your uploaded datasets and processing results are stored securely on our servers. We implement appropriate technical and organizational measures to protect your data against unauthorized access, alteration, disclosure, or destruction.
5.2 Retention
We retain your information for the following periods:
- Active Jobs: Job data and results are retained while the job is active and for a reasonable period thereafter for your access
- Completed Jobs: Completed job data may be retained for up to 90 days unless you request earlier deletion
- Account Information: Account data is retained for as long as your account is active and for a reasonable period after account closure
- Logs: Service logs and usage data are retained for up to 12 months for security and service improvement purposes
You may request deletion of your data at any time by contacting us at support@conformal.io.
6. Data Sharing and Disclosure
We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:
- Service Providers: With trusted third-party service providers who assist in operating our Services (e.g., cloud hosting, monitoring), subject to strict confidentiality obligations
- Legal Requirements: When required by law, court order, or governmental regulation
- Business Transfers: In connection with a merger, acquisition, or sale of assets, with notice to affected users
- Protection of Rights: To protect our rights, property, or safety, or that of our users or others
- With Your Consent: When you have explicitly consented to such sharing
7. Your Rights and Choices
You have the following rights regarding your personal information:
- Access: Request access to the personal information we hold about you
- Correction: Request correction of inaccurate or incomplete information
- Deletion: Request deletion of your personal information, subject to legal and operational requirements
- Data Portability: Request a copy of your data in a structured, machine-readable format
- Opt-Out: Opt out of certain data processing activities where applicable
- Account Management: Update or delete your account information through your account settings or by contacting us
To exercise these rights, please contact us at support@conformal.io. We will respond to your request within a reasonable timeframe.
8. Security Measures
We implement comprehensive security measures to protect your information:
- Encryption: All data in transit is encrypted using TLS/SSL protocols. Data at rest is encrypted using industry-standard encryption
- Access Controls: Strict access controls and authentication mechanisms to limit access to authorized personnel only
- API Security: API key authentication and rate limiting to prevent unauthorized access
- Monitoring: Continuous monitoring for security threats and vulnerabilities
- Regular Audits: Regular security audits and assessments to maintain high security standards
- Data Isolation: Your data is isolated from other users' data to prevent unauthorized access
9. International Data Transfers
Our Services may be accessed from various countries. If you are located outside the United States, please note that your information may be transferred to, stored, and processed in the United States. By using our Services, you consent to such transfers. We ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy.
10. Children's Privacy
Our Services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately, and we will take steps to delete such information.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. Your continued use of our Services after such changes constitutes acceptance of the updated Privacy Policy.
12. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: