Privacy Policy

1. Definitions

• Personal Information: Data identifying or reasonably linkable to an individual or household.
• Sensitive Personal Information: Information revealing race, ethnicity, political beliefs, religion, union membership, genetic/biometric data, health information, or sexual orientation.
• Services: The website, managed AI backend platform, and related products.
• Processing: Operations performed on Personal Information.
• Controller: Entity determining processing purposes and means.
• Processor: Entity processing data on behalf of a controller.
• Data Subject: Person to whom Personal Information relates.

2. Scope and Applicability

This policy applies globally. When conflicts arise between this policy and applicable law, the more stringent requirement shall prevail. We design our services using privacy-by-design principles, including data minimization, pseudonymization, and end-to-end encryption.

3. Personal Information Collected

User-Provided: Names, addresses, emails, IP addresses, professional information, employment details, financial data, and commercial records.

Automatically Collected: Browsing history, full IP addresses, geolocation (country/region/city-level), internet activity, and behavioral inferences.

From Third Parties: Information from business partners, public databases, and professional networks.

4. Collection Methods

• Direct submission via forms, email, calls, events
• Automatic collection through cookies, pixels, beacons
• Third-party sources (compliant with applicable laws)
• Passive collection via logs and server data

5. Personal Information Uses

• Providing and improving Services
• Customer communications and marketing
• Analytics, research, and development
• Security incident and fraud detection
• Legal compliance and terms enforcement
• Other disclosed or consent-based purposes

6. Legal Bases for Processing

• Explicit consent
• Contract performance
• Legitimate interests (balanced against user rights)
• Legal obligations
• Vital interests (life/safety protection)

7. Disclosure and Sharing

We do not sell, rent, or trade Personal Information. Sharing occurs with:

• Service providers under binding contracts
• Affiliates for internal operations
• Business partners (with consent)
• During business transfers
• When legally required
• With explicit user consent

8. Cookies and Tracking Technologies

We use cookies, pixels, and similar technologies for functionality, analytics, and marketing. You can manage preferences through browser settings or cookie banners. We honor opt-out signals and respect Do-Not-Track requests.

Google Analytics: When users accept analytics cookies, GA4 collects full IP addresses, page views, user interactions, device data, and approximate geolocation. Please review Google's privacy policy for additional details.

9. Data Retention

• Marketing/inquiry data: Up to 2 years from last interaction
• Account/contract data: Relationship duration plus 7 years (legal/tax purposes)
• Log data: Up to 1 year for security

10. Data Security Measures

• Encryption (TLS/HTTPS for transit; encryption at rest)
• Role-based access controls and multi-factor authentication
• Firewalls and intrusion detection/prevention systems
• Secure data center physical security
• Mandatory employee privacy and security training
• Comprehensive incident response plans
• Regular internal and third-party audits

11. Data Breach Notification

Following a breach, we notify affected individuals and authorities without undue delay, typically within 72 hours of awareness, including breach details, impacted data, mitigation steps, and protective guidance.

12. Privacy Rights and Choices

You may contact info@behest.ai to exercise rights including:

• Access/Know personal information details
• Correction/Rectification of inaccuracies
• Deletion/Erasure (subject to exceptions)
• Restriction of processing
• Data Portability in structured format
• Objection to processing based on legitimate interests
• Consent withdrawal

13. Do-Not-Track Controls

We honor DNT signals, Global Privacy Control (GPC), and universal opt-out mechanisms. Enabling these opts you out of potential data sharing and targeted advertising.

14. California Resident Rights (CCPA/CPRA)

As a Delaware entity operating in California, Behest AI complies fully with CCPA/CPRA, providing rights to:

• Know collected Personal Information
• Delete Personal Information
• Correct inaccuracies
• Opt-out of sale/sharing (note: we do not sell data)
• Protection against discrimination for exercising rights

15. EU/EEA and UK Rights (GDPR/UK GDPR)

We process as controller for website data. You receive all Section 12 rights plus:

• Filing complaints with supervisory authorities (e.g., UK ICO)
• Right to human intervention in automated decisions

The Data Protection Officer is reachable at info@behest.ai.

16. Other Jurisdictions

For Middle Eastern (UAE) and Asian (Singapore) users, equivalent access, correction, and withdrawal rights apply under local laws. Contact us for jurisdiction-specific details.

17. International Data Transfers

Personal Information is processed primarily in the United States. EU/EEA, UK, and other region transfers use:

• Standard Contractual Clauses (SCCs)
• UK International Data Transfer Agreements
• Binding Corporate Rules (where applicable)
• Consent or other legal derogations

18. Third-Party Sites and Services

We are not responsible for third-party site privacy practices. We recommend independent review of their policies.

19. Children's Privacy

Our Services target business professionals, not minors under 16. We do not knowingly collect child data and delete it upon discovery.

20. Policy Changes

We may amend this policy to reflect practice, technology, or legal changes. Material modifications receive email or website notification with updated “Last Updated” dates. Continued service use post-update indicates acceptance.

21. Governing Law and Dispute Resolution

Delaware law governs this policy. Disputes resolve through binding arbitration in Delaware under American Arbitration Association rules.

22. Contact Information

Behest Inc. d/b/a Behest AI
Email: info@behest.ai

23. Reviewing, Updating, or Deleting Information

Per Section 12, email info@behest.ai to exercise your rights. We will comply promptly.