1. Introduction

This Privacy Policy outlines how we collect, use, store, and protect data uploaded by users to our platform. We are committed to safeguarding user privacy and ensuring that all personal data is handled in compliance with relevant privacy laws and regulations.

2. Data Collection

• User-Uploaded Data: Our platform processes L&D data that users upload. This may include personal information and other relevant data necessary for L&D activities.

• Automatic Data Collection: In addition to user-uploaded data, we may automatically collect technical data such as IP addresses, browser type, and usage statistics to improve our services and ensure the proper functioning of the platform.

3. Use of Data

• Data Processing: The primary use of user-uploaded L&D data is to facilitate AI-driven data processing, providing insights, analytics, and recommendations that support learning and development goals.

• Improvement of Services: Data may be used to improve the functionality of our systems and overall platform, ensuring that we continue to meet user needs effectively. It may also be used for new product development.

4. Data Sharing

• Third-Party Service Providers: We may share user-uploaded data with third-party service providers who assist in data processing and platform operations. These providers are contractually obligated to protect user data and use it only for the purposes we specify.

• Legal Requirements: We may disclose user data if required to do so by law, or in response to valid requests by public authorities, including for the purpose of meeting national security or law enforcement requirements.

5. Data Security

• Encryption: We use industry-standard encryption technologies to protect user-uploaded data both in transit and at rest.

• Access Control: Access to user data is restricted to authorized personnel only. We implement strict access controls and regularly review access permissions to ensure data security. We employ a break-glass policy which requires review from a director to access any user data.

• Data Anonymization: Where possible, we anonymize uploaded data to further protect user privacy, particularly before it is used for AI-driven processing.

6. User Rights

• Access and Correction: Users have the right to access and request corrections to their uploaded data.

• Data Portability: Users can request a copy of their uploaded data in a commonly used format, allowing them to transfer their data to another service if they choose.

• Data Deletion: Users have the right to request the deletion of their uploaded data. Upon request, we will delete the data from our systems, subject to any legal obligations to retain certain information.

7. Data Retention

• Retention Period: We retain user-uploaded data for as long as necessary to fulfill the purposes for which it was collected, including any legal, accounting, or reporting requirements.

• Data Deletion: After the retention period ends, or upon user request, we will securely delete or anonymize user data.

8. Cookies and Tracking Technologies

• Cookies: Our platform may use cookies and similar tracking technologies to enhance user experience, track platform usage, and for analytics purposes. Users can manage cookie preferences through their browser settings.

9. International Data Transfers

• Cross-Border Data Transfers: If user-uploaded data is transferred outside of the user’s country of residence, we ensure that appropriate safeguards are in place to protect the data in accordance with this Privacy Policy and applicable laws.

10. Changes to This Policy

• Policy Updates: We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, or legal requirements. Users will be notified of significant changes, and the updated policy will be made available on our platform.

11. Contact Information

• Questions and Concerns: If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at support@getfathom.io