This Privacy Policy ("Policy") describes how Taiki, Inc., a Delaware corporation ("Taiki," "we," "us," or "our") collects, uses, discloses, and protects information in connection with your use of the website at www.integuru.ai (the "Site"), the Integuru platform, and related services (collectively, the "Services"). In this Policy, "Personal Information" means any information relating to an identified or identifiable individual.

By using the Services, you agree to the collection and use of information in accordance with this Policy. If you do not agree, please do not use the Services.

1. PERSONAL INFORMATION WE COLLECT

We collect Personal Information from you directly, from third parties, and automatically through your use of the Services.

Information You Provide Directly

Account and Contact Information: When you register for an Account, we collect your name, email address, company name, job title, and other registration details.

Profile Data: Username, password, and other information you add to your profile or Account.

Payment Information: If you subscribe to a paid plan, we collect billing information through our third-party payment processor. We do not store complete payment card numbers.

Customer Content: Integration configurations, workflow specifications, and other materials you upload, submit, or provide to the Services.

Authentication Data: Credentials, cookies, session cookies, session tokens, access tokens, API keys, and other authentication or access artifacts relating to Connected Platform accounts that you provide to or use through the Services. See Section 3 for more detail on how we handle Authentication Data.

Communications: When you contact us via email, support channels, or other means, we collect your contact details and the content of your message.

Technical and Integration Data

API and Integration Data: Data passed into or returned from APIs and integrations, including records, payloads, requests, responses, and similar data flowing through the integrations or accessible through Connected Platform accounts.

Integration Configuration: Target platform URLs, platform identifiers, workflow and integration configuration information, and information about the websites and applications being integrated.

Information Collected Automatically

Usage and Log Data: We automatically collect technical information when you use the Services, including: IP address; browser type and version; operating system; device identifiers; pages visited; features used; time and date of access; and referring URLs.

Cookies and Tracking Technologies: We use cookies and similar technologies as described in Section 6 of this Policy.

Diagnostic Data: Performance data, error logs, and debugging information generated in connection with the Services.

Information from Third Parties

We may receive information about you, your company, or your business role from third-party sources, such as business data providers, lead-identification or enrichment providers, analytics providers, and other sales or marketing support partners. This may include business contact details, professional or employment-related information, company information, and inferences or identifiers used to help associate website activity with existing business records or profiles. We use this information to supplement account information, identify prospective business customers, enrich company or contact records, support sales and marketing activities, and improve our ability to provide the Services.

2. HOW WE USE PERSONAL INFORMATION

We use Personal Information for the following purposes:

Providing and Operating the Services

• Creating and managing Accounts;
• Processing transactions and sending related notices;
• Providing customer support and responding to inquiries;
• Building, deploying, maintaining, and operating Integrations as directed by Customer;
• Processing Authentication Data to enable and maintain programmatic access to Connected Platforms as directed by Customer; and
• Enabling integrations and workflows involving third-party platforms designated by Customer.

Improving and Developing the Services

• Analyzing usage trends and patterns to improve functionality and user experience;
• Developing new features and services;
• Using de-identified and aggregated data for service improvement (we do not use raw or identifiable Customer Content or Personal Information for AI model training without Customer consent); and
• Conducting internal research and analytics.

Communications

• Sending service-related communications, such as account notifications, technical updates, and security alerts; and
• Sending marketing communications about products, features, and events that may interest you (you can opt out at any time — see Section 7).

Safety, Security, and Compliance

• Detecting, preventing, and addressing fraud, abuse, security incidents, and technical issues;
• Enforcing our Terms of Service and other agreements; and
• Complying with legal obligations, legal process, and government requests.

3. AUTHENTICATION DATA AND ACCESS CREDENTIALS

Nature of Authentication Data. A key aspect of the Services is that Customers may provide, store, or use Authentication Data (including login credentials, passwords, cookies, session tokens, and access tokens) in connection with third-party platform accounts through the Services. This data is inherently sensitive.

Use of Authentication Data. We use Authentication Data solely to provide, operate, maintain, and support the relevant Integration as directed by Customer. We do not use Authentication Data to access Connected Platform accounts for any purpose other than performing the requested Integration services.

Security of Authentication Data. We store sensitive Authentication Data (including passwords, session tokens, and cookies) using commercially reasonable technical security measures, including encryption where technically practicable. We apply access controls to limit who within Taiki can access Authentication Data.

Customer Ownership and Responsibility. Customer retains sole ownership of and responsibility for all Authentication Data and the accounts to which it relates. Our use of Authentication Data does not grant us any independent right to access those accounts beyond what is necessary to provide the Services as directed by Customer.

Human Access. When Taiki Personnel access Authentication Data in connection with manual or managed service delivery (see Section 4), such access is limited to what is operationally necessary for service delivery, support, and troubleshooting. By engaging manual or managed services, Customer consents to this access for the stated purposes.

4. HUMAN ACCESS AND SUPPORT ACCESS

When Taiki provides managed services, custom engineering, debugging, maintenance, or other manual assistance, certain Taiki employees, contractors, or service providers (“Taiki Personnel”) may need to access Customer Content, including:

• Account credentials, including usernames and passwords;
• Cookies, tokens, and related authentication and access data;
• Information accessible through the relevant Connected Platform accounts;
• API and integration data, including payloads, requests, and responses;
• Logs, configuration data, and debugging materials.

We limit such human access to what is operationally necessary for service delivery, support, security, and troubleshooting. Access by Taiki Personnel is controlled on a need-to-know basis, and Taiki Personnel are subject to appropriate confidentiality obligations.

By engaging manual or managed services from Taiki, Customer consents to this access for the purposes described above.

5. HOW WE SHARE PERSONAL INFORMATION

We do not sell Personal Information for monetary consideration. However, certain disclosures involving cookies, similar technologies, and third-party lead-identification or marketing vendors may constitute a “sale,” “sharing,” or processing for targeted advertising or cross-context behavioral advertising under applicable privacy laws. We share Personal Information only in the following circumstances:

Service Providers. We share Personal Information with third-party service providers who perform services on our behalf, such as cloud hosting, payment processing, email delivery, customer support, security monitoring, and similar functions. These providers are contractually obligated to use Personal Information only as necessary to provide their services to us.

Analytics Providers. We use analytics tools, including Google Analytics and PostHog, to understand website and product usage. These tools may collect and process information about your use of the Services as described in Section 6. Their collection and use of data is subject to their own privacy policies.

Business Partners. We may share information with partners and vendors who help us market or deliver the Services, including lead-identification, enrichment, analytics, advertising, and related sales and marketing support providers. These partners and vendors may help us identify businesses and business professionals who interact with the Site, enrich company or contact records, measure campaign effectiveness, and support sales, marketing, or other business-to-business communications, subject to appropriate confidentiality and contractual obligations and applicable law.

Legal and Safety. We may disclose Personal Information if we reasonably believe disclosure is necessary to: (i) comply with applicable law, regulation, or legal process; (ii) protect the rights, property, or safety of Taiki, our customers, or others; (iii) detect, prevent, or address fraud, security, or technical issues; or (iv) enforce our agreements.

Business Transfers. In connection with a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, Personal Information may be transferred as part of such transaction. We will notify you of any such change in ownership or control of your Personal Information.

With Your Consent. We may share Personal Information with third parties when you have provided your consent to do so.

6. COOKIES AND TRACKING TECHNOLOGIES

We use cookies and similar technologies (including pixel tags, local storage, and web beacons) to operate the Services, remember your preferences, understand usage, support analytics, and support sales, marketing, lead-identification, attribution, and business-visitor recognition activities, as permitted by applicable law.

Essential Cookies. Required for the Services to function, including authentication, security, and access control. These cannot be disabled without affecting Service functionality.

Analytics Cookies. Help us understand how the Services are used so we can improve them. We use Google Analytics and PostHog for website and product analytics. You can opt out of Google Analytics at tools.google.com/dlpage/gaoptout. PostHog analytics can be managed through our cookie preferences interface.

Functional Cookies. Enable enhanced features and personalization, such as remembering your settings and preferences.

Lead Identification and Marketing Technologies. We may use cookies and similar technologies, and permit our online data partners, vendors, service providers, and data partners (including RB2B and similar lead-identification or enrichment providers) to use such technologies, to collect information about your interactions with the Site and associate those interactions with other personal information they or others have about you or your business, including by association with your email address, professional profile information, company information, or online profiles. We and our service providers may use this information to identify prospective business customers, recognize business visitors to the Site, enrich company or contact records, measure and attribute marketing performance, and send sales, marketing, or other business-to-business communications. You may opt out of receiving this advertising or related marketing outreach by visiting https://app.retention.com/optout. Where applicable, you may also opt out of certain collection relating to RB2B’s international company-level identification functionality by visiting https://www.rb2b.com/rb2b-gdpr-opt-out.

Cookie Choices. Most browsers allow you to manage cookie preferences through browser settings. Depending on your location and applicable law, our cookie preferences interface may present opt-in controls, opt-out controls, or both for non-essential cookies and similar technologies, and you may revisit and update your choices at any time through that interface. Disabling certain cookies may affect the functionality of the Services.

Do Not Track. We do not currently respond to “Do Not Track” signals from web browsers, but we honor Global Privacy Control (GPC) signals where applicable.

7. YOUR RIGHTS AND CHOICES

Depending on your location and applicable law, you may have some or all of the following rights regarding your Personal Information:

Access and Portability. Request confirmation of whether we process your Personal Information, obtain a copy of it, or receive it in a portable format.

Correction. Request correction of inaccurate or incomplete Personal Information.

Deletion. Request deletion of your Personal Information, subject to certain legal exceptions (for example, where we need to retain data to comply with a legal obligation or to resolve disputes).

Restriction and Objection. Request that we restrict processing of your Personal Information, or object to certain types of processing based on our legitimate interests.

Marketing Opt-Out. Unsubscribe from marketing emails using the link provided in each email. You will continue to receive transactional and service-related communications.

Global Privacy Control. We honor Opt-Out Preference Signals, including GPC signals, where applicable.

You will not be discriminated against for exercising your rights. To exercise any of these rights, contact us at [email protected]. We will verify your identity before processing your request and respond within the timeframes required by applicable law.

8. DATA RETENTION

We retain Personal Information for as long as your Account is active or as needed to provide the Services, and thereafter as necessary to comply with legal obligations, resolve disputes, and enforce our agreements.

Account Information. Retained for the duration of your Account and for a reasonable period thereafter for legal, tax, and audit purposes.

Customer Content (including Authentication Data). Retained while your Account is active. Upon Account deletion, Customer Content is deleted in accordance with our data retention practices. Backup copies may persist for up to ninety (90) days before permanent deletion.

Usage and Log Data. Retained for up to twelve (12) months, unless a longer retention period is required for security, fraud prevention, legal compliance, or to investigate misuse of the Services.

De-Identified and Aggregated Data. May be retained indefinitely, as it can no longer be associated with any individual.

Customers may request data export for up to thirty (30) days following account termination by contacting [email protected].

9. INFORMATION SECURITY

We maintain commercially reasonable administrative, technical, and organizational safeguards designed to protect Personal Information and Customer Content (including Authentication Data) from unauthorized access, disclosure, alteration, and destruction. These include:

• Encryption of sensitive Authentication Data (including passwords, session tokens, and cookies) where technically practicable;
• Encryption of data in transit using TLS/SSL;
• Role-based access controls limiting who can access Customer Content and Authentication Data; and
• Security monitoring and incident response processes.

No system is completely secure, and we cannot guarantee absolute security. Security measures evolve over time, and we do not represent that our current measures will remain unchanged. To the fullest extent permitted by applicable law, we do not accept liability for unintentional disclosure resulting from circumstances beyond our reasonable control. You are responsible for maintaining the security of your own Account credentials and systems.

10. INTERNATIONAL DATA TRANSFERS

The Services are hosted in the United States. If you are located outside the United States, your Personal Information may be transferred to and processed in the United States or other countries where Taiki or its service providers operate. These jurisdictions may have different data protection laws than your own.

Where required by applicable law, we implement appropriate safeguards for cross-border transfers of Personal Information, such as Standard Contractual Clauses adopted by the European Commission. For more information about the safeguards we use, please contact us at [email protected].

11. LEGAL BASES FOR PROCESSING (EEA/UK/SWITZERLAND)

Where we act as a controller of Personal Information of individuals in the European Economic Area, United Kingdom, or Switzerland, we process Personal Information under the following legal bases:

Contract. Where processing is necessary to perform a contract with you, or to take steps at your request before entering into a contract.

Legitimate Interests. Where processing is necessary for our legitimate interests (or those of a third party), including improving the Services, analytics, fraud prevention, and security, and where those interests are not overridden by your rights and freedoms.

Consent. Where you have given us specific, informed consent to process your Personal Information for particular purposes (e.g., marketing communications, analytics cookies, and certain lead-identification or marketing technologies).

Legal Obligation. Where processing is necessary to comply with a legal obligation.

12. SPECIAL CATEGORY DATA

We do not intend to collect Special Category Data as defined under the GDPR, which includes data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data for identification purposes, or data concerning health, sex life, or sexual orientation. Please refrain from submitting any such data through the Services.

With respect to health-related data: absent a fully executed Business Associate Agreement, Customer agrees not to submit Protected Health Information through the Services. See the Healthcare and HIPAA section of our Terms of Service for more information.

13. CHILDREN'S PRIVACY

The Services are not directed to children under the age of 18. We do not knowingly collect Personal Information from children. If we become aware that we have collected Personal Information from a child under the age of 18, we will take steps to delete such information and terminate the associated Account. If you believe a child has provided us with Personal Information, please contact us at [email protected].

14. CALIFORNIA PRIVACY RIGHTS

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), as amended. You can exercise these rights by contacting us at [email protected].

Right to Know. The right to know what categories and specific pieces of Personal Information we have collected about you, the sources, the business or commercial purposes, and the categories of third parties with whom we share it.

Right to Delete. The right to request deletion of your Personal Information, subject to certain exceptions.

Right to Correct. The right to request correction of inaccurate Personal Information.

Right to Opt-Out. We do not sell Personal Information for monetary consideration. However, certain disclosures involving cookies, similar technologies, and third-party lead-identification, enrichment, analytics, advertising, or marketing vendors may constitute a “sale,” “sharing,” or processing for targeted advertising or cross-context behavioral advertising under applicable law. Where applicable, you may opt out by using the opt-out mechanisms described in Section 6 or by contacting us at [email protected].

Right to Non-Discrimination. You have the right not to be discriminated against for exercising your privacy rights.

Sensitive Personal Information. We collect Authentication Data (including credentials and session tokens), which may constitute “sensitive personal information” under CCPA/CPRA. We use such information solely to provide the Services as directed by Customer and do not use or disclose it for purposes that would require an opt-out under CCPA/CPRA.

Categories of Personal Information Collected (Past 12 Months): Identifiers (name, email, IP address); commercial information (purchase history, billing data); internet or electronic network activity information (usage logs, features accessed); professional or employment-related information; authentication and access data (credentials, cookies, session tokens); API and integration data; and inferences drawn from the above.

15. EUROPEAN PRIVACY RIGHTS (GDPR / UK GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under the GDPR or equivalent local law, including those described in Section 7. In addition:

Data Controller. Taiki, Inc. is the data controller for Personal Information processed in connection with the Services. Privacy inquiries should be directed to [email protected].

Supervisory Authority. If you believe our processing of your Personal Information violates applicable law, you have the right to lodge a complaint with your local supervisory authority. We encourage you to contact us first at [email protected] so we can address your concerns directly.

16. THIRD-PARTY SERVICES

The Services may contain links to or integrate with third-party websites and services. Any information you provide to third-party services is subject to their own privacy policies. We encourage you to review the privacy policies of any third-party services before providing them with information. We are not responsible for the privacy practices of third parties, including the operators of any Connected Platform that Customer designates as a target for integration.

17. CHANGES TO THIS PRIVACY POLICY

We may update this Policy from time to time. For material changes, we will notify you by posting the updated policy on our website and, where required, by email or through the Services. The “Last Updated” date at the top of this Policy indicates when it was most recently revised. Your continued use of the Services after any changes take effect constitutes your acceptance of the updated Policy.

18. CONTACT US

If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact us at:

Taiki, Inc.

13750 Beaumont Ave

Saratoga, CA 95070

Email: [email protected]

Website: www.integuru.ai/privacy

Please allow a reasonable time for us to respond to your inquiry. We will respond to verifiable data subject requests within the timeframes required by applicable law.