Enterprise Data Usage Policy

Introduction

At Pairenthesis ("we," "us," or "our"), we understand that your data is valuable and sensitive. This Enterprise Data Usage Policy outlines our commitments to you regarding the handling, processing, and protection of your data when you use our AI-native, no-code data insights platform (the "Service"). By using the Service, you agree to the terms outlined in this Policy.

Definitions

• Customer Data: Any data, information, or material uploaded to or processed through the Service by you or on your behalf.
• Personal Data: Any information relating to an identified or identifiable natural person, as defined under applicable data protection laws.
• Processing: Any operation performed on Customer Data, including collection, storage, use, transfer, or deletion.

Data Ownership

You retain all rights, title, and interest in and to your Customer Data. We acknowledge that we do not own any Customer Data.

Data Usage

a. Purpose of Data Processing

We process Customer Data solely for the purpose of providing and improving the Service, including:

• Delivering data insights and analytics as requested by you.
• Enhancing our algorithms and models to improve Service performance.
• Providing customer support and troubleshooting issues.

b. Use of Customer Data for AI Model Training

• Internal Use Only: Customer Data may be used to train and improve our AI models internally to enhance the Service for you.
• No Sharing with Third Parties: We do not use your Customer Data to train AI models that are shared with or sold to third parties.
• Anonymization and Aggregation: When possible, we anonymize and aggregate data to protect your privacy and confidentiality.

c. Consent

By uploading Customer Data to the Service, you consent to our processing of your data as described in this Policy.

Data Security

We implement robust technical and organizational measures to protect Customer Data against unauthorized access, disclosure, alteration, or destruction, including:

• Encryption: Data is encrypted at rest and in transit using industry-standard encryption protocols.
• Access Controls: Strict access controls are in place to limit access to Customer Data to authorized personnel only.
• Monitoring and Logging: Continuous monitoring of systems and logging of access to detect and respond to security incidents promptly.
• Security Assessments: Regular security audits and penetration testing to identify and mitigate vulnerabilities.
• Compliance Standards: Adherence to industry best practices and compliance with relevant security standards.

Confidentiality

a. Definition

"Confidential Information" means any non-public information disclosed by one party ("Disclosing Party") to the other party ("Receiving Party") that is designated as confidential or that reasonably should be considered confidential given the nature of the information and the circumstances of disclosure.

b. Obligations

The Receiving Party shall:

• Use Restrictions: Use the Confidential Information solely for the purpose of fulfilling its obligations under these Terms.
• Non-Disclosure: Not disclose the Confidential Information to any third party without the Disclosing Party's prior written consent.
• Protection: Protect the Confidential Information with at least the same degree of care as it uses to protect its own confidential information.

c. Exceptions

Confidential Information does not include information that:

• Public Domain: Is or becomes publicly available without breach of these Terms.
• Prior Knowledge: Was known to the Receiving Party before receipt from the Disclosing Party.
• Third-Party Disclosure: Is received from a third party without restriction.
• Independent Development: Is independently developed by the Receiving Party without use of the Confidential Information.

Data Sharing and Disclosure

We do not sell or rent Customer Data to third parties. We may share Customer Data only in the following circumstances:

• Service Providers: With trusted third-party service providers who assist us in operating the Service, subject to strict confidentiality obligations.
• Legal Requirements: To comply with applicable laws, regulations, legal processes, or governmental requests.
• Protection of Rights: To protect the rights, property, or safety of Pairenthesis, our users, or others, including enforcing agreements or policies.

Data Retention and Deletion

a. Data Retention

We retain Customer Data for as long as necessary to fulfill the purposes outlined in this Policy or as required by law.

b. Data Deletion

• Upon Request: You may request the deletion of your Customer Data at any time by contacting us at privacy@pairenthesis.com.
• Upon Termination: Upon termination of the Service, we will delete or anonymize your Customer Data within [Insert Timeframe], unless retention is required by law.

c. Backup and Recovery

Deleted data may remain in backups for a limited period but will not be restored except as required for system recovery or legal obligations.

Data Processing Agreement (DPA)

For customers subject to data protection laws like GDPR, we offer a Data Processing Agreement that outlines our obligations as a data processor. The DPA is incorporated into this Policy by reference and is available upon request.

Compliance with Laws

We comply with all applicable data protection and privacy laws, including but not limited to:

• General Data Protection Regulation (GDPR)
• California Consumer Privacy Act (CCPA)
• Other regional data protection laws as applicable

Updates to This Policy

We may update this Enterprise Data Usage Policy from time to time. If we make material changes, we will notify you by email or through the Service. The updated Policy will be effective as of the date we notify you.