Privacy Policy

1. Data We Collect

1.1 Non-Personal Data (Cookies & Analytics)

• We use web cookies to collect non-personal data, such as IP address, browser type, and site usage analytics.
• This data is used solely for improving our services and website analytics.

1.2 Account Data

• When you create an account, we collect your email address, name, and other profile information.
• This information is used to provide, maintain, and improve the Service.

1.3 Payment Data

• If you purchase our service, we process payments through Stripe.
• We do not store payment details—all transactions are securely processed through Stripe.
• Stripe's privacy policy governs their handling of payment data.

1.4 API Usage Data

• If you connect third-party API keys (OpenAI, Anthropic, etc.), we store them securely and encrypted.
• You are solely responsible for managing your API usage and associated costs.
• We do not access or use your API keys beyond providing the Service.

1.5 AI Agent Data

• We store AI agent configurations, prompts, and conversation logs created with Roki to provide the Service.
• This data is used to enable agent functionality, debugging, and service improvements.
• Data is stored securely and encrypted both in transit and at rest.

1.6 Integration Data

• When you connect integrations (Gmail, Slack, GitHub, etc.) via Composio, we store connection credentials securely.
• This data is used solely to enable integration functionality.
• We do not access your third-party accounts beyond what is necessary to provide the Service.

2. How We Use Your Data

We use collected data to:

• • Process payments and fulfill orders
• • Provide, maintain, and improve the Service
• • Enable AI agent functionality and integrations
• • Analyze traffic and prevent fraudulent activity
• • Comply with legal obligations
• • Send service-related communications
• • Respond to support requests

2.1 Legal Basis for Processing (GDPR Compliance)

We process your data based on:

• • Contractual necessity (to provide the Service)
• • Legitimate interests (to improve security and optimize user experience)
• • User consent (for analytics and cookies)
• • Legal compliance (to comply with applicable laws)

3. Data Sharing & Third-Party Services

We do not sell your personal data. However, we may share data with:

• Payment processors (Stripe) to process transactions. Stripe's privacy policy governs their data handling.
• Analytics providers (Google Analytics, Posthog) to track website performance.
• Cloud hosting providers (AWS, Vercel) to operate our service.
• AI Service Providers (OpenAI, Anthropic) to generate AI responses. We only transmit data necessary to perform the requested task. Users are encouraged to review their respective privacy policies.
• Integration providers (Composio) to enable third-party app connections. Composio acts as a data processor and complies with data protection regulations.

All third-party providers are required to comply with strict data protection policies.

4. Data Security

We implement industry-standard security measures to protect your data:

• • Encryption in transit (TLS/SSL) and at rest
• • Secure cloud infrastructure (AWS, MongoDB Atlas)
• • Access controls and authentication
• • Regular security audits and updates
• • SOC 2-certified service providers

However, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

5. Data Retention

• We retain personal data for as long as your account is active or as needed to provide the Service.
• Upon account deletion, personal data is deleted within 30 days.
• Anonymized data may be retained indefinitely for analytics and service improvement.
• We may retain data longer if required by law or for legitimate business purposes (e.g., fraud prevention).

6. Your Rights (GDPR & CCPA)

You have the right to:

• • Access your personal data
• • Rectify inaccurate data
• • Delete your personal data
• • Export your data in a portable format
• • Object to processing of your data
• • Restrict processing of your data
• • Withdraw consent at any time

To exercise these rights, contact us at shipagents.labs@gmail.com. We will respond within 30 days.

7. Cookies

We use cookies to:

• • Maintain user sessions
• • Remember preferences
• • Analyze site traffic and usage
• • Improve user experience

You can disable cookies in your browser settings, but this may affect functionality.

8. International Data Transfers

The Service is operated from the United States. If you access the Service from outside the U.S., your data may be transferred to and stored in the U.S. By using the Service, you consent to such transfers.

9. Children's Privacy

The Service is not intended for users under 18 years of age. We do not knowingly collect data from children. If we become aware that we have collected data from a child, we will delete it promptly.

10. Third-Party Links

The Service may contain links to third-party websites. We are not responsible for the privacy practices of these sites. We encourage you to review their privacy policies.

11. California Privacy Rights (CCPA)

California residents have additional rights:

• • Right to know what personal data is collected
• • Right to know if personal data is sold or shared
• • Right to opt-out of sale of personal data
• • Right to delete personal data
• • Right to non-discrimination for exercising CCPA rights

We do not sell personal data. To exercise your CCPA rights, contact us at shipagents.labs@gmail.com.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through the Service. Continued use after changes constitutes acceptance of the updated policy.

13. Contact Us

For any questions about this Privacy Policy or our data practices:

SIA Group LLC
Email: shipagents.labs@gmail.com
Website: shipagents.io