Welcome to Infuzu! We value your privacy and believe in being transparent about how we collect, use, and protect your data. This policy explains everything you need to know about your data and your rights.

1. What Information We Collect and Why

Personal Information (Account Settings)

When you create an account, we collect personal information like your name, email address, and preferences.

Why we collect this: To manage your account, provide support, and communicate with you.

How it works:

• This information is securely encrypted at rest using AES-256 encryption.

• We do not share or sell your personal information to anyone.

• This information does not include payment details, which are handled by Stripe.

Chat History

We store all chat history for your convenience.

Why we collect this: So you can review your past conversations.

How it works:

• Chat history is securely encrypted and stored for 90 days of inactivity (or longer if you change the setting).

• You can delete your chat history at any time, and it will be permanently removed.

User Decision Data

We collect data about the choices you make when comparing AI-generated responses.

Why we collect this: To improve our models and understand which responses work best.

How it works:

• We save the chat history leading up to your decision.

• We do not save the AI’s final response immediately before your decision.

• This data is anonymized and cannot be deleted, even if it includes personal details you provided.

• This feature is only active if data collection is enabled (it may be enabled by default).

General Analytics (Thumbs Up/Down Data)

We collect data when you rate AI responses using thumbs-up or thumbs-down buttons.

Why we collect this: To measure and improve model performance.

How it works:

• This data doesn’t include chat history or personal details.

• It’s always collected and cannot be disabled or deleted.

General Usage Data

We collect information about how you use our platform.

• Why we collect this: For billing, rate limiting, and improving our services.

• How it works:

  • Data includes input/output lengths, token counts, and response times.

  • It does not include personal information or chat history.

API Data

We collect basic information when you interact with our API.

• Why we collect this: To monitor performance, improve functionality, and ensure smooth usage.

• How it works:

  • Collected data includes input/output lengths, token counts, and response times.

  • No personal information or chat history is collected.

2. Cookies and Tracking

We use cookies to manage sessions and improve your experience.

• What cookies do:

  • Keep you logged in.

  • Track usage for smoother functionality.

• How we protect cookies:

  • All cookies are encrypted using AES-256 and rotated daily.

We also use Google Analytics for anonymized usage tracking.

• How to opt out:

  • Install the Google Analytics opt-out browser add-on.

3. How We Protect Your Data

We take data security seriously.

• Encryption: All data at rest is encrypted using AES-256 with daily rotated keys.

• Secure traffic: We use HTTPS and advanced encryption standards like ECC 521.

• Regular audits: We conduct regular security checks and risk assessments.

• Access control: Only authorized staff can access your data when absolutely necessary (e.g., for debugging).

4. Your Privacy Rights

GDPR (EU Users)

If you’re in the EU, you have these rights:

• Access: Request a copy of your personal data.

• Correction: Fix inaccuracies in your data.

• Erasure: Delete your data (“Right to be Forgotten”).

• Restriction: Limit how your data is processed.

• Portability: Get your data in a portable format.

• Objection: Stop certain types of data processing.

To exercise your rights, email us at privacy@infuzu.com.

CCPA/CPRA (California Users)

If you’re in California, you have these rights:

• Know: Find out what data we collect and how we use it.

• Delete: Request deletion of your data.

• Opt-Out: Prevent your data from being sold (we don’t sell your data).

• Correct: Fix any errors in your data.

• Limit Use of Sensitive Data: Restrict sensitive data processing.

To exercise your rights, email us at privacy@infuzu.com.

5. HIPAA Compliance

We’re committed to protecting healthcare data.

• Business Associate Agreements (BAAs):

  • We offer BAAs to clients who need HIPAA compliance.

  • Decision data collection is disabled by default for HIPAA-compliant accounts.

• Healthcare data security: We follow strict guidelines to protect all Protected Health Information (PHI).

Contact us at hipaa@infuzu.com for more information.

6. Data Retention

• Chat history: Stored for 90 days of inactivity (default) but can be configured in settings.

• Decision data and analytics: Stored indefinitely to improve our services.

• Personal information: Stored securely and only for as long as needed to provide services or comply with legal requirements.

7. Accessibility

We strive to make our services accessible to everyone. If you need assistance accessing this Privacy Policy, email us at accessibility@infuzu.com.

8. Data Breach Notifications

If there’s a data breach, we’ll notify:

• Affected users as soon as possible.

• Regulatory authorities (e.g., EU regulators) within 72 hours if required.

9. Children’s Privacy

Our services are not intended for users under 13. If we find out we’ve collected data from someone under 13, we’ll delete it immediately.

10. Updates to This Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. Significant updates will be announced through the platform or email.

11. Contact Us

Have questions? We’re here to help:

• Privacy questions: privacy@infuzu.com

• HIPAA inquiries: hipaa@infuzu.com

• Accessibility support: accessibility@infuzu.com