1. Information We Collect

We collect information to make Chasi secure, personalized, and effective. The data we collect falls into three primary categories: information you provide, information we collect automatically, and information we obtain from third parties.

1.1 Information You Provide Directly

When you use Chasi, you may share information with us voluntarily. This includes:

Account information: When you create a Chasi account, we collect your name, email address, company name, password, and any other details you choose to provide (such as profile photo, contact role, or business segment).

Organizational data: When you use Chasi to manage your equipment fleet, rentals or leads, we process the information you upload — including project data, customer and vendor records, pricing, utilization rates, and internal documentation. This data belongs to you or your organization; Chasi processes it solely to deliver the Service.

Payment information: If you subscribe to a paid plan, we collect billing details and transaction data through secure third-party payment processors. We never store full credit card numbers.

Communications: If you contact us by email, live chat, or support request, we collect your message and related metadata (such as timestamps and email headers). We use this to assist you and improve support quality.

Feedback and survey responses: When you provide feedback, participate in research, or engage in beta testing, we collect insights you share to improve the platform.

1.2 Information We Collect Automatically

When you interact with Chasi, certain data is collected automatically to maintain functionality and security.

Usage data: We track feature usage, click patterns, and workflow interactions to understand how users engage with our platform. This helps us identify bottlenecks and improve experience.

Device and connection data: This includes IP address, browser type, device type, operating system, and access timestamps.

Cookies and local storage: We use cookies and similar technologies to authenticate sessions, remember preferences, and perform analytics. Some cookies are essential to ensure the platform functions properly.

Telemetry and diagnostic data: To improve reliability and detect technical issues, Chasi may collect system logs and performance metrics in anonymized form.

1.3 Information from Third Parties

We may obtain information from external sources to enhance or integrate our Services:

Integration partners: When you connect Chasi with third-party tools (like CRMs, ERPs, or DMS systems), we may receive limited data from those systems—only what’s needed to synchronize information between platforms.

Service providers: We may receive insights from analytics, authentication, or support platforms that help us understand user engagement and maintain quality of service.

Public or professional sources: For example, publicly available business information or LinkedIn data (if shared under your consent) to verify company details or enrich your profile.

2. How We Use Information

We use collected information to operate safely, improve features, and provide meaningful value to users and partners.

We use information to:

• Provide, maintain, and improve the Chasi platform and related services.

• Authenticate your identity and manage access permissions.

• Personalize your experience, such as remembering preferences and tailoring recommendations.

• Analyse usage trends and optimize performance.

• Process transactions, manage billing, and deliver invoices.

• Communicate important updates, such as policy changes, system notices, or product improvements.

• Respond to your questions and support requests.

• Detect, investigate, and prevent security threats, fraud, or abuse.

• Ensure compliance with applicable laws, regulations, and contractual obligations.

• Conduct internal research, analytics, and feature development.

We may also use anonymized or aggregated data for benchmarking, performance insights, or business intelligence, but such data does not personally identify you or your organization.

We do not sell or rent your personal data to anyone.

3. How We Share Information

Chasi shares information only when it is necessary and under strict safeguards.

Service providers and sub-processors: We use trusted third parties to host infrastructure, process payments, analyse performance, send communications, and provide support. These partners are contractually bound to handle your data securely and only for authorized purposes.

Integration partners: When you connect Chasi to third-party systems, we share data as required for interoperability—always under your control and consent.

Corporate transactions: In the event of a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction. You will be notified if such changes materially affect your privacy rights.

Legal obligations: We may disclose data where required to comply with law, respond to valid legal process, or protect the rights, property, or safety of Chasi, our users, or others.

Anonymized insights: We may publish aggregated data (for example, platform usage trends) that does not identify individuals or companies.

4. Data Retention

We retain your personal data for as long as it’s needed to provide the Services, fulfil legal obligations, resolve disputes, or enforce agreements.
Retention periods depend on the type of data and the context in which it was collected.

If you close your account, we delete or anonymize your personal data within a reasonable timeframe, except where retention is required by law (e.g., for accounting or tax purposes).

5. Data Security

Protecting your data is one of our highest priorities.
We use modern security technologies and organizational measures, including:

• Encryption of data in transit (TLS) and at rest (AES-256 or equivalent)

• Strict access control and role-based permissions

• Periodic audits, vulnerability scanning, and monitoring

• Secure development practices and minimal privilege principles

• Regular backups and disaster recovery mechanisms

Despite our efforts, no system is completely immune to breaches. In the unlikely event of a security incident, we will notify affected users in accordance with applicable laws.

6. Your Rights and Choices

Depending on your location, you may have the following rights with respect to your personal data:

• Access and portability: You can request a copy of your personal information and details about how it’s processed.

• Correction: You can update or correct inaccurate information within your account or by contacting support.

• Deletion: You can request deletion of your personal data where legally permissible.

• Restriction and objection: You may request to limit or object to certain processing activities.

• Withdrawal of consent: If we process your data based on consent, you can withdraw it at any time.

You can manage most of your account data directly from your Chasi dashboard. For any additional requests, contact us at security@chasi.co.

We may verify your identity before fulfilling requests to protect your data from unauthorized access.

7. Cookies and Analytics

Chasi uses cookies and analytics tools to understand how users interact with our Services and to improve usability.
We use:

• Essential cookies for authentication and security.

• Performance cookies to analyse platform behaviour and optimize performance.

• Preference cookies to remember your language, theme, or session settings.

You can manage or disable cookies through your browser settings. Note that disabling cookies may affect functionality, such as login persistence.

We may use analytics providers (e.g., Google Analytics, PostHog, or similar) under strict privacy commitments.

8. International Data Transfers

Chasi AI operates globally. Your data may be stored and processed in countries other than your own, including regions where data protection laws may differ.
When transferring personal data internationally, we rely on appropriate legal safeguards, such as:

• Standard Contractual Clauses approved by the European Commission;

• Adequacy decisions for recognized jurisdictions; or

• Binding contractual commitments with our sub-processors.

We ensure that all transfers are conducted securely and in compliance with applicable privacy laws.

9. Children’s Privacy

Chasi’s Services are designed for professional and business use. We do not knowingly collect or process personal data from individuals under 16 years of age.
If we learn that we have inadvertently collected such data, we will delete it immediately.

10. Updates to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, or legal requirements.
When changes are made, we will update the “Last Updated” date and, where appropriate, provide notice by email or within the Service.

We encourage you to review this page regularly to stay informed about how we protect your information.

11. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, contact us at:

Chasi AI Inc.
Email: security@chasi.co
Website: https://chasi.co
Attn: Privacy Officer

We aim to respond to all inquiries promptly and transparently.