Privacy
Policy

Imperius AI ("Imperius," "we," "us," or "our") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, process, store, share, disclose, and safeguard your information when you use our AI-powered sales automation platform, including our website, mobile applications, browser extensions, and related services (collectively, the "Service").

This Privacy Policy should be read in conjunction with our Terms and Conditions, which are incorporated herein by reference. By accessing or using the Service, you unconditionally acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with the terms of this Privacy Policy, you must immediately cease all use of the Service.

This Privacy Policy is designed to comply with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), the California Privacy Rights Act (CPRA), and other applicable data protection laws.

For the purposes of UK and EU data protection legislation, the data controller is:

We act as a data controller for personal information about you (e.g., account details, billing information, usage data). We act as a data processor for personal data about prospects, candidates, and contacts that you upload, collect, or process using our Service. When acting as a data processor, we process such data solely on your instructions and in accordance with our Data Processing Agreement.

We collect several types of information from and about users of our Service:

3.1 Information You Provide Directly

Account Information: When you create an account, we collect your name, email address, company name, job title, phone number, password, and other registration details.

Billing Information: Payment card details, billing address, VAT numbers, and transaction history. Payment information is processed by our third-party payment processors and is subject to their privacy policies.

Profile Information: Information you provide in your user profile, including profile pictures, preferences, settings, and professional details.

Content and Communications: Information you provide when using the Service, including email content, campaign data, guidelines, knowledge base articles, templates, contact information, feedback, and communications with our support team.

Prospect and Contact Data: Information about prospects, candidates, and contacts that you upload, import, enrich, or collect through the Service, which may include names, email addresses, phone numbers, job titles, company information, social profiles, and other professional details.

3.2 Information We Collect Automatically

Usage Data: Comprehensive information about how you access and use the Service, including pages viewed, features used, actions taken, time spent, search queries, click patterns, navigation paths, and interaction data.

Device Information: Information about the devices you use to access the Service, including hardware model, operating system and version, browser type and version, unique device identifiers, screen resolution, and mobile network information.

Location Data: General location information based on your IP address (country, region, and city level). We do not collect precise GPS location.

Cookies and Similar Technologies: We use cookies, web beacons, pixels, local storage, and similar tracking technologies to collect information about your browsing activities. See Section 12 for more details.

Log Data: Server logs that record information about your use of the Service, including IP addresses, access times, pages viewed, error logs, referral URLs, and other diagnostic data.

3.3 Information from Third-Party Sources

Third-Party Integrations: If you connect third-party services (e.g., email providers, CRM systems, calendar applications, LinkedIn) to your account, we may receive information from those services in accordance with their authorization processes and privacy policies.

Data Enrichment Providers: We obtain prospect and contact data from third-party data providers and enrichment services to provide our prospect discovery and enrichment features.

Publicly Available Data: We may collect and maintain professional profile data compiled from publicly available sources, business directories, and data providers.

Business Partners: We may receive information about you from our business partners, resellers, affiliates, or referral sources.

3.4 AI and Machine Learning Data

AI Interaction Data: Information about how you interact with AI features, including prompts, inputs, queries, generated content, outputs, feedback, ratings, and preferences.

Training Data: We may use aggregated, anonymized, and de-identified data derived from your use of the Service to train, improve, develop, and enhance our AI models and algorithms. This data is processed so that it cannot be used to identify you or any individual.

Under UK GDPR and EU GDPR, we process your personal data on the following legal bases:

4.1 Contractual Necessity (Article 6(1)(b)): Processing is necessary to perform our contract with you (i.e., to provide the Service you have subscribed to). This includes account management, service delivery, billing, payment processing, and customer support.

4.2 Legitimate Interests (Article 6(1)(f)): Processing is necessary for our legitimate business interests, including:

• Improving, developing, and optimizing the Service and user experience
• Detecting, preventing, and addressing fraud, abuse, and security threats
• Conducting analytics, research, and business intelligence
• Marketing our services to existing customers (where permitted)
• Developing, training, and improving our AI models and capabilities
• Enforcing our terms and protecting our legal rights
• Operating and administering our business

We have balanced these interests against your rights and freedoms and believe the processing is proportionate and not overridden by your interests or fundamental rights.

4.3 Consent (Article 6(1)(a)): Where required by law, we obtain your explicit consent before processing your personal data, such as for marketing communications, non-essential cookies, or specific data processing activities. You may withdraw consent at any time without affecting the lawfulness of processing prior to withdrawal.

4.4 Legal Obligation (Article 6(1)(c)): Processing is necessary to comply with our legal obligations, such as tax reporting, responding to lawful legal requests, or enforcing our legal rights.

We use the information we collect for the following purposes:

5.1 Service Provision and Management

• Creating, managing, and maintaining your account
• Providing access to the Service and its features
• Processing payments, subscriptions, and billing
• Providing customer support and responding to inquiries
• Sending service-related communications, notifications, and updates
• Authenticating users and maintaining security
• Processing and fulfilling your requests

5.2 AI Development and Service Improvement

• Training, developing, improving, and enhancing our AI models and algorithms
• Developing new features, products, and functionality
• Analyzing usage patterns to optimize user experience
• Conducting research, analytics, and testing
• Monitoring Service performance, reliability, and quality
• Identifying and fixing bugs, errors, and issues

5.3 Personalization

• Customizing content, features, and recommendations
• Tailoring AI outputs to your preferences and usage patterns
• Remembering your preferences, settings, and configurations
• Providing personalized suggestions and insights

5.4 Security and Fraud Prevention

• Detecting, preventing, and addressing fraud, abuse, security threats, and illegal activity
• Monitoring for suspicious or unauthorized activity
• Enforcing our Terms and Conditions and Acceptable Use Policy
• Protecting the rights, property, safety, and security of Imperius AI, our users, and the public
• Investigating potential violations

5.5 Marketing and Communications

• Sending promotional communications about new features, products, and services (with your consent where required)
• Conducting surveys, research, and soliciting feedback
• Analyzing the effectiveness of our marketing campaigns
• Administering contests, promotions, or other marketing activities

5.6 Legal and Compliance

• Complying with applicable laws, regulations, and legal obligations
• Responding to legal requests, subpoenas, court orders, and government inquiries
• Enforcing our legal rights and defending against legal claims
• Participating in legal proceedings and investigations

5.7 Business Operations

• Operating, administering, and managing our business
• Conducting business analysis and planning
• Facilitating corporate transactions (mergers, acquisitions, etc.)
• Maintaining business records and archives

We do not sell your personal information to third parties. We may share your information in the following circumstances:

6.1 Service Providers and Vendors

We engage third-party service providers and vendors to perform functions on our behalf, including:

• Cloud hosting and infrastructure providers
• Payment processing services
• Email delivery and communication services
• Customer support and helpdesk tools
• Analytics, monitoring, and error tracking services
• Security, fraud prevention, and identity verification services
• AI and machine learning service providers
• Data enrichment providers
• Marketing and advertising platforms

These service providers have access to personal information only as necessary to perform their functions and are contractually obligated to maintain the confidentiality and security of such information and to process it only as instructed by us.

6.2 AI Model Providers

When you use AI features, your inputs may be processed by third-party AI service providers to generate outputs. These providers may process your inputs subject to their own privacy policies and terms. We select providers with appropriate privacy and security commitments.

6.3 Business Transfers

If Imperius AI is involved in a merger, acquisition, financing, reorganization, bankruptcy, receivership, asset sale, or similar transaction, your information may be sold, transferred, or otherwise shared as part of that transaction. We will provide notice before your personal information is transferred and becomes subject to a different privacy policy.

6.4 Legal Requirements and Protection of Rights

We may disclose your information if required to do so by law or if we believe in good faith that such disclosure is necessary to:

• Comply with applicable laws, regulations, legal processes, or governmental requests
• Enforce our Terms and Conditions, Privacy Policy, and other agreements
• Protect and defend our rights, property, or safety
• Prevent, detect, or investigate fraud, security breaches, or illegal activity
• Protect the rights, property, or safety of our users, customers, or the public
• Respond to legal claims, lawsuits, or disputes

6.5 Aggregated and De-identified Data

We may share aggregated, anonymized, or de-identified data that cannot reasonably be used to identify you with third parties for any purpose, including research, marketing, analytics, AI training, benchmarking, or other commercial purposes.

6.6 Affiliates

We may share your information with our parent company, subsidiaries, and affiliates for purposes consistent with this Privacy Policy.

6.7 With Your Consent

We may share your information with third parties when you explicitly consent to or direct such sharing.

Our primary servers and databases are located within the European Economic Area (EEA) and the United Kingdom. However, some of our service providers, AI model providers, and business partners may be located in countries outside the EEA/UK, including the United States.

When we transfer personal data outside the EEA/UK to countries that have not been deemed to provide an adequate level of data protection, we ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses (SCCs) approved by the European Commission or UK ICO
• UK International Data Transfer Agreement (IDTA) or Addendum
• Adequacy decisions by the UK government or European Commission
• Binding Corporate Rules (where applicable)
• Other legally recognized transfer mechanisms

By using the Service, you acknowledge and consent to the transfer of your information to countries outside your country of residence, which may have different data protection rules. You can obtain more information about our international data transfer safeguards by contacting us at [email protected].

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

8.1 Retention Periods

Account Data: We retain your account information for the duration of your subscription and for up to 30 days after termination to allow for account recovery or data retrieval, unless you request earlier deletion or we are required to retain it for legal purposes.

Billing and Financial Data: Financial and transaction records are retained for up to 7 years to comply with tax, accounting, and financial regulations.

User Content: Content you create (campaigns, contacts, guidelines, templates) is retained for up to 30 days after account termination. After this period, data is permanently deleted unless required for legal purposes.

Usage and Analytics Data: Usage data and analytics are typically retained for up to 36 months for analytical, improvement, and research purposes.

Support Communications: Customer support tickets and communications are retained for up to 5 years.

AI Training Data: Aggregated, anonymized data used for AI training may be retained indefinitely as it cannot identify individuals.

Legal Holds: Data may be retained longer if subject to a legal hold, ongoing investigation, or legal claim.

8.2 Deletion

After the applicable retention period, we securely delete or anonymize your personal information using industry-standard methods. You may request deletion of your personal data at any time, subject to legal retention obligations and our legitimate interests. Backup copies may persist for a reasonable period before being permanently deleted.

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

9.1 Technical Measures

• Encryption of data in transit (TLS 1.2+/SSL) and at rest (AES-256)
• Secure authentication, multi-factor authentication, and password hashing (bcrypt/Argon2)
• Regular security testing, penetration testing, and vulnerability assessments
• Intrusion detection and prevention systems
• Automated backup and disaster recovery procedures
• Network security, firewalls, and DDoS protection
• Secure development practices and code reviews

9.2 Organizational Measures

• Role-based access controls limiting personnel access to personal data
• Employee training on data protection, security, and privacy
• Confidentiality agreements and background checks for employees and contractors
• Security incident response procedures and breach notification processes
• Regular security audits, compliance reviews, and risk assessments
• Vendor security assessments and contractual protections

9.3 Security Limitations

While we use reasonable efforts to protect your personal information, no method of transmission over the internet or method of electronic storage is 100% secure. We cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your account credentials, using strong passwords, enabling multi-factor authentication, and for any activity on your account. You agree to notify us immediately of any unauthorized access.

9.4 Breach Notification

In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach, as required by UK GDPR and EU GDPR. We will also notify affected individuals without undue delay where the breach is likely to result in a high risk to their rights and freedoms.

If you are located in the UK or EEA, you have the following rights regarding your personal data under applicable data protection law:

10.1 Right of Access (Article 15): You have the right to request a copy of the personal information we hold about you. We will provide this information free of charge, subject to verification of your identity. We may charge a reasonable fee for manifestly unfounded or excessive requests.

10.2 Right to Rectification (Article 16): You have the right to request correction of inaccurate or incomplete personal data. You can update most information directly through your account settings.

10.3 Right to Erasure ("Right to be Forgotten") (Article 17): You have the right to request deletion of your personal data in certain circumstances, including when:

• The data is no longer necessary for the purpose it was collected
• You withdraw consent (where consent is the legal basis for processing)
• You object to processing and there are no overriding legitimate grounds
• The data has been unlawfully processed
• The data must be erased to comply with a legal obligation

This right is not absolute and may be limited by our legal obligations, legitimate interests, or the rights of others.

10.4 Right to Restriction of Processing (Article 18): You have the right to request that we restrict processing of your personal data in certain circumstances, such as when you contest the accuracy of the data, the processing is unlawful, or you have objected to processing.

10.5 Right to Data Portability (Article 20): You have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit that data to another controller, where technically feasible and where processing is based on consent or contract.

10.6 Right to Object (Article 21): You have the right to object to processing of your personal data based on legitimate interests or for direct marketing purposes. We will cease processing unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms, or for the establishment, exercise, or defense of legal claims.

10.7 Right to Withdraw Consent: Where processing is based on consent, you have the right to withdraw your consent at any time. This will not affect the lawfulness of processing prior to withdrawal.

10.8 Rights Related to Automated Decision-Making (Article 22): You have the right not to be subject to decisions based solely on automated processing, including profiling, which produce legal effects or similarly significantly affect you, except in limited circumstances. We do not currently make decisions solely based on automated processing that produce such effects.

10.9 Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority if you believe our processing of your personal data violates applicable law.

10.10 Exercising Your Rights

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within one month, though this may be extended by up to two months for complex or numerous requests. We may need to verify your identity before processing your request. We reserve the right to charge a reasonable fee or refuse requests that are manifestly unfounded, excessive, or repetitive.

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

11.1 Right to Know: You have the right to request information about the categories and specific pieces of personal information we have collected about you, the sources from which we collected it, our purposes for collecting it, and the categories of third parties with whom we share it.

11.2 Right to Delete: You have the right to request deletion of your personal information, subject to certain exceptions.

11.3 Right to Correct: You have the right to request correction of inaccurate personal information.

11.4 Right to Opt-Out of Sale/Sharing: We do not sell personal information in the traditional sense. We do not share personal information for cross-context behavioral advertising. You have the right to opt out of any such activities if we engage in them in the future.

11.5 Right to Limit Use of Sensitive Personal Information: You have the right to limit the use and disclosure of sensitive personal information to what is necessary to perform the services you request.

11.6 Right to Non-Discrimination: We will not discriminate against you for exercising any of your California privacy rights.

11.7 Authorized Agents: You may designate an authorized agent to make requests on your behalf. We may require verification of the agent's authority.

11.8 Shine the Light: California's "Shine the Light" law permits California residents to request information about our disclosure of personal information to third parties for their direct marketing purposes. We do not disclose personal information to third parties for their direct marketing purposes.

To exercise your California privacy rights, contact us at [email protected] or use the contact information provided in Section 18.

We use cookies and similar tracking technologies to enhance your experience, analyze usage, personalize content, and deliver targeted advertising.

12.1 Types of Cookies We Use

Strictly Necessary Cookies: Essential for the Service to function properly, including authentication, security features, and load balancing. These cookies cannot be disabled.

Performance and Analytics Cookies: Collect information about how you use the Service to help us improve functionality, performance, and user experience.

Functional Cookies: Remember your preferences, settings, and choices to provide enhanced, personalized features.

Marketing and Advertising Cookies: Track your browsing activity to deliver targeted advertising and measure campaign effectiveness. These cookies require your consent where required by law.

12.2 Third-Party Cookies

We may use third-party services that set their own cookies, including analytics providers, advertising networks, and social media platforms. These third parties have their own privacy policies governing their use of cookies and your information.

12.3 Managing Cookies

You can manage your cookie preferences through your browser settings or our cookie consent tool. Please note that disabling certain cookies may affect the functionality of the Service. Most browsers allow you to refuse, delete, or block cookies. You can also opt out of certain third-party cookies through industry opt-out tools.

12.4 Do Not Track

Our Service does not currently respond to "Do Not Track" (DNT) browser signals. We will update this policy if our practices change.

13.1 AI Model Training

We use aggregated, anonymized, and de-identified data from your use of the Service to train, improve, develop, and enhance our AI models, including Sania AI. This process involves:

• Analyzing patterns in how users interact with AI features
• Using aggregated data to improve content generation quality, accuracy, and relevance
• Testing, validating, and benchmarking AI model performance
• Developing new AI capabilities and features
• Conducting research and analysis

Important: Data used for AI training is anonymized and aggregated so that it cannot reasonably be traced back to you or any individual. We implement technical and organizational measures to ensure de-identification.

13.2 AI Data Processing

When you use AI features, your inputs may be processed by us and our AI service providers to generate outputs. These inputs are:

• Processed in real-time to generate responses and outputs
• May be temporarily logged for quality assurance, debugging, and abuse prevention
• Protected by encryption and access controls
• May be shared with third-party AI providers for processing

13.3 Automated Decision-Making

Our AI features may provide automated recommendations, content suggestions, and prospect scoring. These AI outputs are designed to assist, not replace, human decision-making. You retain full control over how you use AI-generated content and recommendations.

We do not use AI for fully automated decision-making that produces legal effects or similarly significantly affects you without human oversight. All significant decisions are subject to human review.

13.4 Your AI Data Rights

You may contact us to request information about how your data is used in connection with AI features. Where technically feasible and legally required, you may request that your identifiable data not be used for AI training, though this may limit certain features.

Our Service is not intended for individuals under the age of 18. We do not knowingly collect, solicit, or maintain personal information from children under 18. If we become aware that we have collected personal data from a child under 18 without parental consent or other lawful basis, we will take steps to delete that information as quickly as possible.

If you are a parent or guardian and believe we have collected information from a child under 18, please contact us immediately at [email protected]. We will investigate and take appropriate action.

We may send you marketing communications about our products, services, features, promotions, and events if you have consented to receive such communications or where permitted by law (e.g., based on our legitimate interests for existing customers or soft opt-in).

Opting Out: You can opt out of marketing communications at any time by:

• Clicking the "unsubscribe" link in any marketing email
• Updating your communication preferences in your account settings
• Contacting us at [email protected]

Please note that even if you opt out of marketing communications, we will still send you transactional and service-related communications necessary for the operation of your account (e.g., billing notices, security alerts, service updates).

The Service may contain links to third-party websites, applications, or services that are not operated or controlled by us. We are not responsible for the privacy practices, content, or security of these third parties. We encourage you to review the privacy policies of any third-party services before providing them with your personal information.

When you integrate third-party services with our Platform (e.g., email providers, CRM systems, calendars), those services may collect and process your data according to their own privacy policies. You are responsible for reviewing those policies and for your use of third-party services.

We disclaim all responsibility and liability for any damages arising from your use of third-party services or reliance on their privacy practices.

We may update this Privacy Policy from time to time in our sole discretion to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

• Update the "Last Updated" date at the top of this policy
• Notify you by email or through a prominent notice on the Service
• Obtain your consent where required by law

We encourage you to review this Privacy Policy periodically to stay informed about our data practices. Your continued use of the Service after any changes constitutes your acceptance of the updated Privacy Policy. If you do not agree to the updated Privacy Policy, you must stop using the Service.

If you have any questions, concerns, complaints, or requests regarding this Privacy Policy or our data practices, please contact us:

We will respond to your inquiry within 30 days. For data subject rights requests under GDPR, we will respond within one month as required (or up to three months for complex requests).