Behest AI Logo
    Behest AI

    Privacy Policy

    Last Updated: January 15, 2025
    Effective Date: January 15, 2025

    At Behest Inc., doing business as Behest AI ("Behest AI," "Company," "we," "us," or "our"), a corporation incorporated under the laws of the State of Delaware and registered to do business in the State of California, we are steadfast in our conviction that Private AI is the only AI for enterprises. As pioneers in self-hosted, enterprise-grade AI solutions, we are dedicated to delivering the power of AI while ensuring uncompromising privacy, security, and control over your data.

    Table of Contents

    1. Definitions
    2. Scope and Applicability
    3. Personal Information We Collect
    4. How We Collect Personal Information
    5. How We Use Your Personal Information
    6. Legal Bases for Processing Personal Information
    7. Disclosure and Sharing of Personal Information
    8. Cookies and Similar Tracking Technologies
    9. Data Retention
    10. Data Security Measures
    11. Data Breach Notification
    12. Your Privacy Rights and Choices
    13. Controls for Do-Not-Track Features
    14. Specific Rights for California Residents
    15. Specific Rights for EU/EEA and UK Data Subjects
    16. Rights Under Other Jurisdictions
    17. International Data Transfers
    18. Third-Party Websites and Services
    19. Children's Privacy
    20. Changes to This Policy
    21. Governing Law and Dispute Resolution
    22. Contact Us
    23. How to Review, Update, or Delete Your Personal Information

    1. Definitions

    For purposes of this Policy, the following terms shall have the meanings ascribed below, unless otherwise required by applicable law:

    • Personal Information: Any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual or household.
    • Sensitive Personal Information: Personal Information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data for unique identification, health data, or data concerning sex life or sexual orientation.
    • Services: Our Website, self-hosted AI platform, and any related products, features, tools, or interactions provided by Behest AI.
    • Processing: Any operation or set of operations performed on Personal Information, whether automated or not.
    • Controller: The entity that determines the purposes and means of Processing Personal Information.
    • Processor: An entity that Processes Personal Information on behalf of a controller.
    • Data Subject: An identified or identifiable natural person to whom Personal Information relates.

    2. Scope and Applicability

    This Policy applies globally to all Personal Information we collect and process. In the event of a conflict between this Policy and applicable law, the more stringent requirement shall prevail to the extent of the conflict.

    As a proponent of Private AI, we design our Services with privacy by design and by default principles, ensuring data minimization, pseudonymization where feasible, and end-to-end encryption for transmissions.

    3. Personal Information We Collect

    We collect only the Personal Information necessary to provide our Services, respond to inquiries, and comply with legal obligations.

    a. Personal Information You Provide to Us

    • Identifiers: Real name, postal address, email address, full IP address (Internet Protocol address), or other similar identifiers.
    • Customer Records Information: Name, address, telephone number, education, employment, financial information.
    • Professional or Employment-Related Information: Company name, job title, industry, business needs.
    • Commercial Information: Records of products or services considered or purchased.
    • Other Provided Information: Any additional data you voluntarily submit.

    b. Personal Information Collected Automatically

    • Internet Activity Information: Browsing history, search history, interactions with our Website.
    • IP Address Information: Full IP addresses are collected automatically when you visit our Website. We use IP addresses for analytics, security, fraud prevention, and to derive approximate geolocation data (country, region, city).
    • Geolocation Data: Approximate location derived from IP address, including country, region, and city-level data.
    • Inferences: Drawn to create profiles reflecting preferences or behavior.

    c. Personal Information from Third Parties

    From business partners, public databases, or professional networks to enhance client understanding.

    4. How We Collect Personal Information

    • Directly from You: Via Website forms, emails, phone calls, events.
    • Automatically: Through cookies, web beacons, pixels.
    • From Third Parties: As noted above, in compliance with applicable laws.
    • Passive Collection: Log files and server logs capture usage data.

    5. How We Use Your Personal Information

    We Process Personal Information solely for the following legitimate business purposes:

    • To provide, maintain, and improve our Services.
    • To communicate with you, including administrative notices and marketing.
    • For internal analytics, research, and development.
    • To detect, prevent, and address security incidents or fraud.
    • To comply with legal obligations and enforce our terms.
    • For other purposes disclosed at collection or with your consent.

    7. Disclosure and Sharing of Personal Information

    We do not sell, rent, or trade Personal Information. Disclosures are limited to:

    • Service Providers and Processors: Trusted vendors under binding contracts.
    • Affiliates and Subsidiaries: For internal operations.
    • Business Partners: With consent, for joint offerings.
    • In Business Transfers: During mergers or acquisitions.
    • Legal Requirements: To comply with laws, subpoenas, or government requests.
    • With Consent: For any other disclosed purpose.

    8. Cookies and Similar Tracking Technologies

    We use cookies, pixels, and similar technologies for essential functionality, performance analytics, and targeted marketing. You may manage preferences via browser settings or our cookie banner. We honor opt-out signals and do not track across third-party sites without consent.

    Google Analytics: When you accept analytics cookies, we use Google Analytics 4 (GA4) to collect and analyze website usage data. Google Analytics collects full IP addresses along with other information such as page views, user interactions, device information, and approximate geolocation data derived from IP addresses. This data helps us understand how visitors use our Website and improve user experience. Google Analytics may also collect information through cookies and similar technologies. For more information about how Google uses data, please visit Google's Privacy Policy.

    9. Data Retention

    We retain Personal Information only as long as necessary. Specific periods:

    • Marketing and inquiry data: Up to 2 years from last interaction.
    • Account or contract data: Duration of relationship plus 7 years for legal/tax purposes.
    • Log data: Up to 1 year for security.

    10. Data Security Measures

    We implement robust technical, administrative, and organizational measures to protect Personal Information:

    • Encryption: Data in transit (TLS/HTTPS) and at rest.
    • Access Controls: Role-based access, multi-factor authentication.
    • Network Security: Firewalls, intrusion detection/prevention systems.
    • Physical Security: Secure data centers with access restrictions.
    • Employee Training: Mandatory privacy and security awareness programs.
    • Incident Response: Comprehensive plan for detecting and mitigating breaches.
    • Audits: Regular internal and third-party audits.

    11. Data Breach Notification

    In the event of a Personal Information breach, we shall notify affected individuals and relevant authorities without undue delay, typically within 72 hours of awareness. Notifications will include breach details, impacted data, mitigation steps, and protective advice.

    12. Your Privacy Rights and Choices

    You have rights over your Personal Information, exercisable by contacting us at info@behest.ai. Rights include:

    • Access/Know: Obtain details of your Personal Information.
    • Correction/Rectification: Amend inaccuracies.
    • Deletion/Erasure: Request deletion, subject to exceptions.
    • Restriction: Limit Processing in certain cases.
    • Portability: Receive data in a structured format.
    • Objection: Object to Processing based on legitimate interests.
    • Withdraw Consent: At any time.

    13. Controls for Do-Not-Track Features and Global Privacy Signals

    We honor Do-Not-Track ("DNT") signals, Global Privacy Control ("GPC"), and other universal opt-out mechanisms. Enabling these signals will opt you out of any potential sale/sharing or targeted advertising.

    14. Specific Rights for California Residents Under CCPA/CPRA

    As a Delaware-incorporated entity doing business in California, we comply fully with CCPA/CPRA. Rights include:

    • Know what Personal Information is collected
    • Delete Personal Information
    • Correct inaccurate Personal Information
    • Opt-out of sale/sharing (not applicable - we don't sell)
    • Non-discrimination for exercising rights

    15. Specific Rights for EU/EEA and UK Data Subjects Under GDPR/UK GDPR

    We process as controller for Website data. Rights include all those listed in Section 12, plus:

    • Lodge complaints with supervisory authorities (e.g., ICO in UK)
    • Right to human intervention in automated decisions

    Our Data Protection Officer is reachable at info@behest.ai.

    16. Rights Under Other Jurisdictions

    For users in the Middle East (e.g., UAE) or Asia (e.g., Singapore), we comply with local laws, providing equivalent rights to access, correction, and withdrawal. Contact us for jurisdiction-specific details.

    17. International Data Transfers

    Personal Information is primarily processed in the United States. For transfers from EU/EEA, UK, or other regions, we use approved mechanisms:

    • Standard Contractual Clauses (SCCs)
    • UK International Data Transfer Agreements
    • Binding Corporate Rules (if applicable)
    • Consent or other derogations where necessary

    18. Third-Party Websites and Services

    Our Website may link to third-party sites. We are not responsible for their privacy practices; review their policies independently.

    19. Children's Privacy

    Our Services are intended for business professionals and do not target individuals under 16. We do not knowingly collect Personal Information from minors. If discovered, we will promptly delete it.

    20. Changes to This Policy

    We may amend this Policy to reflect changes in practices, technology, or law. Material changes will be notified via email or Website posting, with a revised "Last Updated" date. Continued use post-update constitutes acceptance.

    21. Governing Law and Dispute Resolution

    This Policy is governed by Delaware law. Disputes arising hereunder shall be resolved through binding arbitration in Delaware under American Arbitration Association rules.

    22. Contact Us

    Behest Inc. d/b/a Behest AI

    Email: info@behest.ai

    23. How to Review, Update, or Delete Your Personal Information

    As detailed in Section 12, email info@behest.ai to exercise rights. We facilitate prompt compliance.

    At Behest AI, Private AI is not merely a commitment—it is the cornerstone of enterprise innovation, ensuring your data remains yours, your AI yours, and control unequivocally in your hands.