Privacy Policy
Your privacy and data protection are our top priorities
Our Commitment
somaa.ai is committed to protecting your privacy and ensuring the security of your personal information. This policy explains how we collect, use, and protect your data.
1. Information We Collect
Personal Information
- Account Information: Name, email address, organization name
- Authentication Data: Login credentials, Google OAuth tokens
- Payment Information: Billing details processed through Razorpay (we do not store card details)
- Profile Data: User preferences, settings, and configurations
Usage Information
- AI Interactions: Queries submitted to our AI service and generated responses
- Persona Data: Custom AI personas you create, including names, descriptions, and preferences
- Platform Usage: Features used, interaction frequency, session duration
- Technical Data: IP address, browser type, device information, access logs
Automatically Collected Data
- Cookies and similar tracking technologies
- Error logs and diagnostic information
- Performance metrics and analytics data
- Security monitoring and fraud prevention data
2. How We Use Your Information
Service Provision
- Provide AI-powered services and generate responses
- Manage your account and authenticate users
- Process payments and maintain transaction records
- Store and manage your personas and interaction history
- Provide customer support and technical assistance
Platform Improvement
- Analyze usage patterns to improve our services
- Develop new features and functionalities
- Monitor platform performance and reliability
- Conduct security monitoring and fraud prevention
Communication
- Send service-related notifications and updates
- Provide customer support responses
- Share important policy or service changes
- Send marketing communications (with consent)
3. Data Sharing and Disclosure
Third-Party Service Providers
We share limited data with trusted partners to provide our services:
- OpenAI: AI queries are processed through OpenAI's GPT-3.5 Turbo API
- Razorpay: Payment processing and transaction management
- Google: OAuth authentication services
- Email Services: Transactional email delivery
- Hosting Providers: Secure cloud infrastructure services
Organization Data Sharing
- Admin users can access data for users within their organization
- Data is strictly isolated between organizations
- No cross-organization data sharing occurs
Legal Requirements
We may disclose information when required by law or to:
- Comply with legal processes or government requests
- Protect our rights, property, or safety
- Prevent fraud or security threats
- Enforce our terms of service
We Never:
- Sell your personal information to third parties
- Share your data for advertising purposes
- Provide unauthorized access to your AI interactions
4. Data Security
Security Measures
- Encryption: All data transmission uses SSL/TLS encryption
- Access Controls: Multi-factor authentication and role-based access
- Data Isolation: Organization-specific data segregation
- Regular Audits: Security assessments and vulnerability testing
- Secure Infrastructure: Industry-standard cloud security practices
Data Breach Response
In the unlikely event of a data breach:
- Immediate containment and assessment
- Notification to affected users within 72 hours
- Cooperation with regulatory authorities
- Implementation of additional safeguards
5. Data Retention
Retention Periods
| Data Type | Retention Period | Purpose |
|---|---|---|
| Account Information | Until account deletion | Service provision |
| AI Interactions | Until account deletion | History and analytics |
| Payment Records | 7 years | Legal compliance |
| Security Logs | 1 year | Security monitoring |
| Analytics Data | 2 years | Service improvement |
Data Deletion
- You can request account deletion at any time
- Personal data is deleted within 30 days of request
- Some data may be retained for legal compliance
- Anonymized analytics data may be retained indefinitely
6. Your Rights and Choices
Data Subject Rights
- Access: Request a copy of your personal data
- Correction: Update inaccurate information
- Deletion: Request data removal
- Portability: Export your data
- Restriction: Limit data processing
- Objection: Oppose certain data uses
- Withdrawal: Revoke consent
- Complaint: Contact regulatory authorities
Exercise Your Rights
To exercise any of these rights, contact us at:
- Email: privacy@somaa.ai
- Subject line: "Data Rights Request"
- Include: Your name, email, and specific request
- Response time: Within 30 days
7. Cookies and Tracking
Types of Cookies We Use
| Cookie Type | Purpose | Duration |
|---|---|---|
| Essential | Authentication, security, basic functionality | Session/1 year |
| Analytics | Usage statistics, performance monitoring | 2 years |
| Preferences | User settings, language, themes | 1 year |
| Marketing | Campaign tracking (with consent) | 1 year |
Managing Cookies
You can control cookies through:
- Browser settings (block, delete, or manage cookies)
- Our cookie preferences center
- Opt-out tools for analytics services
Note: Disabling essential cookies may affect platform functionality.
8. International Data Transfers
Data Location
- Primary data storage: India-based servers
- Backup systems: Secure international cloud providers
- Third-party services: May process data globally
Transfer Safeguards
- Standard contractual clauses for international transfers
- Adequacy decisions where available
- Additional security measures for sensitive data
- Regular review of transfer mechanisms
9. Children's Privacy
Age Restriction
Our services are not intended for children under 18 years of age. We do not knowingly collect personal information from children.
If we discover that a child under 18 has provided personal information:
- We will delete the information immediately
- We will terminate the account
- We will notify the user if possible
If you believe a child has provided information, contact us immediately at privacy@somaa.ai.
10. Updates to This Policy
Policy Changes
- We may update this policy to reflect service changes or legal requirements
- Material changes will be communicated via email or platform notifications
- Continued use after changes constitutes acceptance
- Previous versions are archived and available upon request
Notification Methods
- Email notification to registered users
- In-platform announcements
- Website banner notifications
- 30-day advance notice for significant changes
11. Contact Information
Privacy Questions
Email:
Privacy Officer: accounts@sileadership.in
General Support: akash@sileadership.in
Legal Inquiries: accounts@sileadership.in
Privacy Officer: accounts@sileadership.in
General Support: akash@sileadership.in
Legal Inquiries: accounts@sileadership.in
Mailing Address:
somaa.ai - Privacy Team
Office no. 205 A
Regent Plaza Mall, Baner - Pashan Link Rd,
Baner, Pune, Maharashtra 411045
India
somaa.ai - Privacy Team
Office no. 205 A
Regent Plaza Mall, Baner - Pashan Link Rd,
Baner, Pune, Maharashtra 411045
India
Response Times
- Privacy inquiries: Within 30 days
- Data breach reports: Within 72 hours
- General questions: Within 2 business days
- Urgent matters: Within 24 hours
Effective Date
This Privacy Policy is effective as of January 15, 2025. We review and update our privacy practices regularly to ensure compliance with applicable laws and best practices.
Last Updated: January 15, 2025
Version: 1.0