Privacy Policy

Jaiyn AI, Inc., a Delaware corporation (File No. 10464457) ("Jaiyn," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered sales assistant and discoverability platform and related services (collectively, the "Service").

By accessing or using the Service, you agree to this Privacy Policy. If you do not agree, please do not access the Service. This Privacy Policy should be read alongside our Terms of Service, available at jaiyn.ai/terms.

1. Information We Collect

1.1 Information You Provide

We collect information that you voluntarily provide when using our Service:

• Account Information: Name, email address, company name, phone number, billing and payment information, and taxpayer identification information (if participating in the Partner Referral Programme) when you register for an account.
• Company Profile: Business name, description, location, contact details, industry category, service offerings, and other business information you provide during onboarding.
• Knowledge Store Data: Product information, pricing data, FAQs, business documentation, and other content you upload to train your AI Agent. This data is used for retrieval-augmented generation (RAG) to power your AI Agent's responses.
• AI Discovery File Data: Business information you provide for the generation of AI Discovery Files.
• Communications: Messages, emails, support requests, feedback, and other communications you send to us.
• Partner Referral Programme Data: Referral activity, commission preferences, and Stripe Connect onboarding information (processed by Stripe, not stored by Jaiyn).

1.2 Information Collected Automatically

When you access our Service, we automatically collect:

• Usage Data: Pages visited, features used, time spent, interaction patterns, clicks, and navigation paths.
• Device Information: Browser type and version, operating system, device identifiers, screen resolution, and language preferences.
• Log Data: IP address, access times, referring URLs, and error logs.
• Cookies and Tracking Technologies: We use cookies and similar technologies to maintain sessions, remember preferences, and analyze usage. See Section 10 for details.

1.3 Lead Data (Collected on Your Behalf)

When visitors interact with your Jaiyn-powered AI Agent (chat widget), we collect the following on your behalf:

• Contact information voluntarily provided by the visitor (name, email, phone number);
• Conversation transcripts and interaction history;
• Lead qualification scores and buying intent signals; and
• Device and session information related to the chat interaction.

1.4 Information from Third Parties

We may receive information about you from third-party sources, including: Stripe (payment and identity verification data for Stripe Connect onboarding), analytics providers, and publicly available business information. We use this information only for the purposes described in this Privacy Policy.

2. How We Use Your Information

We use the information we collect for the following business and commercial purposes:

• Providing the Service: To operate, maintain, and deliver the features of the Service, including the AI Agent, Knowledge Store, AI Discovery Files, analytics, and Partner Referral Programme.
• AI Agent Operation: To process your Knowledge Store data through our AI models (including third-party AI providers such as Anthropic and OpenAI) to generate AI Agent responses to your website visitors.
• Search, Discovery, and Matching: To index your Company Profile and business information in the Jaiyn Network, enabling other users and visitors to find, match with, and connect with your business.
• Billing and Payments: To process Subscription fees, Credit top-ups, and Partner commission payments.
• Communications: To send administrative messages, service updates, security alerts, and respond to your inquiries.
• Analytics and Improvement: To analyze usage patterns, improve the Service, develop new features, and enhance user experience. This may include using aggregated, de-identified, or anonymized data.
• AI Model Improvement: To use aggregated and anonymized data (not your identifiable Knowledge Store content) to improve Jaiyn's algorithms, search, matching, and platform quality.
• Security and Fraud Prevention: To detect, prevent, and address technical issues, fraud, abuse, and violations of our Terms of Service.
• Legal Compliance: To comply with applicable laws, regulations, legal processes, or government requests.

3. AI-Specific Data Practices

3.1 How the AI Agent Processes Data

Your AI Agent uses retrieval-augmented generation (RAG) to answer visitor queries. When a visitor asks a question, the system retrieves relevant content from your Knowledge Store and sends it, along with the visitor's query, to a large language model (LLM) to generate a response. This means:

• Your Knowledge Store content is processed by our AI infrastructure each time the AI Agent responds to a query;
• Conversation transcripts between the AI Agent and your website visitors are stored and accessible through your dashboard; and
• Visitor queries and AI responses are logged for analytics, quality monitoring, and service improvement.

3.2 Third-Party AI Providers

Jaiyn uses third-party AI model providers, including Anthropic and OpenAI, to power the AI Agent's language generation capabilities. When the AI Agent processes a query:

• The visitor's query and relevant Knowledge Store content are sent to the third-party AI provider's API;
• These providers process the data to generate a response and return it to Jaiyn; and
• We have data processing agreements with these providers that restrict their use of your data.

3.3 Training and Model Improvement

Jaiyn may use aggregated, de-identified, and anonymized data derived from platform usage (such as query patterns, response quality metrics, and engagement statistics) to improve the Jaiyn Service. We do not use your identifiable Knowledge Store content or conversation transcripts to train general-purpose AI models. Any data used for improvement purposes is stripped of identifying information such that it cannot reasonably be linked back to you or your business.

4. Information Sharing and Disclosure

4.1 We Do Not Sell Your Personal Information

4.2 When We May Share Information

We may disclose your information in the following limited circumstances:

• Service Providers: With third-party vendors who perform services on our behalf, including cloud hosting (AWS), payment processing (Stripe), AI model providers (Anthropic, OpenAI), email delivery (Postmark), and analytics. These providers are contractually obligated to use your information only to provide services to Jaiyn and are bound by data processing agreements.
• Jaiyn Network and Directory: Your Company Profile, business name, description, category, and location may be displayed in Jaiyn's public-facing directory, search results, and partner tools as described in the Terms of Service (Section 8.3). This is a core function of the Service and is authorized by your acceptance of these Terms.
• Legal Requirements: When required by law, subpoena, court order, or governmental authority; or when we reasonably believe disclosure is necessary to protect the rights, property, or safety of Jaiyn, our users, or the public.
• Law Enforcement: In response to lawful requests by public authorities, including to meet national security or law enforcement requirements, or where we reasonably believe an Account is being used for fraudulent, illegal, or harmful purposes.
• Business Transfers: In connection with a merger, acquisition, reorganization, bankruptcy, or sale of all or substantially all of Jaiyn's assets. If such a transaction occurs, we will notify you and ensure the successor entity is bound by this Privacy Policy.
• With Your Consent: When you have given us explicit permission to share your information for a specific purpose.

4.3 Aggregated and De-Identified Data

We may share aggregated, de-identified, or anonymized data that cannot reasonably be used to identify you for any purpose, including industry analysis, research, benchmarking, and marketing.

5. Categories of Personal Information (CCPA Disclosure)

The following table describes the categories of personal information we have collected in the preceding twelve (12) months, as defined by the California Consumer Privacy Act:

The business and commercial purposes for collecting each category are described in Section 2. We do not sell or share (for cross-context behavioral advertising) any category of personal information.

6. Your Privacy Rights

6.1 California Residents (CCPA/CPRA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act, as amended by the California Privacy Rights Act:

• Right to Know: You have the right to request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources, the business purposes for collection, and the categories of third parties with whom we share it.
• Right to Delete: You have the right to request that we delete the personal information we have collected about you, subject to certain exceptions (e.g., legal obligations, security, completing a transaction).
• Right to Correct: You have the right to request that we correct inaccurate personal information.
• Right to Opt-Out of Sale/Sharing: Jaiyn does not sell or share your personal information. If this practice changes, we will provide a "Do Not Sell or Share My Personal Information" link.
• Right to Limit Use of Sensitive Personal Information: We use sensitive personal information (account credentials) only for purposes authorized by the CCPA/CPRA.
• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights. You will not receive different pricing or quality of service for exercising your rights.

How to exercise your rights: Submit a verifiable consumer request by emailing hello@jaiyn.ai. We will verify your identity before processing your request. We will respond within forty-five (45) days, which may be extended by an additional forty-five (45) days if reasonably necessary (with notice). You may also designate an authorized agent to submit requests on your behalf.

6.2 Virginia Residents (VCDPA)

If you are a Virginia resident, you have the right to: access your personal data, correct inaccuracies, delete your personal data, obtain a portable copy of your data, and opt out of targeted advertising, the sale of personal data, and profiling. To exercise these rights, contact us at hello@jaiyn.ai. You may appeal a denial by contacting us; if unsatisfied with our response, you may contact the Virginia Attorney General.

6.3 Colorado Residents (CPA)

If you are a Colorado resident, you have the right to: access, correct, delete, and obtain a portable copy of your personal data, and to opt out of targeted advertising, the sale of personal data, and profiling. To exercise these rights, contact us at hello@jaiyn.ai. You may appeal a denial by contacting us; if unsatisfied, you may contact the Colorado Attorney General.

6.4 Connecticut Residents (CTDPA)

If you are a Connecticut resident, you have the right to: access, correct, delete, and obtain a portable copy of your personal data, and to opt out of targeted advertising, the sale of personal data, and profiling. To exercise these rights, contact us at hello@jaiyn.ai. You may appeal a denial by contacting us; if unsatisfied, you may contact the Connecticut Attorney General.

6.5 Other U.S. State Privacy Laws

Additional states, including Texas, Oregon, Montana, and others, have enacted or may enact consumer privacy laws. If you are a resident of a state with an applicable privacy law, you may have similar rights to those described above. To exercise your rights under any applicable state privacy law, contact us at hello@jaiyn.ai. We will process your request in accordance with the applicable law.

6.6 California "Shine the Light" (Cal. Civ. Code §1798.83)

California residents may request information about our disclosure of personal information to third parties for their direct marketing purposes. Jaiyn does not disclose personal information to third parties for their direct marketing purposes.

6.7 Nevada Residents (SB 220)

Nevada residents have the right to opt out of the sale of certain "covered information." Jaiyn does not sell covered information as defined by Nevada SB 220. If you are a Nevada resident and wish to submit an opt-out request, contact us at hello@jaiyn.ai.

7. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including:

• Encryption of data in transit (TLS/SSL) and at rest;
• Regular security assessments and monitoring;
• Role-based access controls and multi-factor authentication;
• Employee training on data protection and security practices;
• Incident response procedures; and
• Third-party vendor security assessments.

While we strive to protect your information, no method of transmission over the Internet or method of electronic storage is 100% secure. We cannot guarantee absolute security.

8. Data Breach Notification

In the event of a data breach involving your personal information, Jaiyn will:

• Promptly investigate the scope and impact of the breach;
• Take reasonable steps to contain and remediate the breach;
• Notify affected individuals in accordance with applicable state data breach notification laws (all 50 U.S. states have breach notification requirements); and
• Notify relevant regulatory authorities as required by law.

Notification timelines vary by state. We will comply with the most stringent applicable deadline. Where state law does not specify a deadline, we will notify affected individuals without unreasonable delay.

9. Data Retention

We retain your personal information for as long as necessary to provide the Service and fulfill the purposes described in this Privacy Policy, unless a longer retention period is required by law. Specifically:

• Account and Subscription Data: Retained for the duration of your Subscription and for up to ninety (90) days after Account closure.
• Knowledge Store Data: Retained for the duration of your Subscription. You may delete Knowledge Store content at any time. After Account termination, we will delete Knowledge Store data within ninety (90) days.
• Conversation and Lead Data: Retained for the duration of your Subscription and accessible through your dashboard. After Account termination, deleted within ninety (90) days.
• Billing and Transaction Records: Retained for as long as required by applicable tax and financial reporting laws (typically seven years).
• Partner Referral Programme Data: Commission records retained for as long as required by applicable tax laws.
• Aggregated/Anonymized Data: May be retained indefinitely as it cannot be used to identify you.

10. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to operate and improve the Service. The types of cookies we use include:

• Essential Cookies: Required for the Service to function properly, including session management and authentication. These cannot be disabled.
• Analytics Cookies: Help us understand how visitors use our Service, which pages are most popular, and how users navigate the platform. We use this information to improve the Service.
• Preference Cookies: Remember your settings, preferences, and choices (such as language or region).

You can instruct your browser to refuse all cookies or indicate when a cookie is being sent. However, some features of the Service may not function properly without essential cookies.

11. Data Hosting and International Transfers

11.1 U.S. Data Hosting

If you select the United States as your hosting region, your Account data, Knowledge Store content, conversation data, and Company Profile are stored and processed on servers located in the United States (AWS us-east-1 region).

11.2 Regional Separation

Jaiyn operates separate regional infrastructure. U.S. user data is stored in U.S. infrastructure and UK user data is stored in UK infrastructure. Data is not commingled across regions. You are responsible for selecting the appropriate hosting region as described in the Terms of Service.

11.3 Third-Party Provider Locations

Some third-party service providers (such as AI model providers, email delivery, and payment processing) may process data in locations outside your selected hosting region. We ensure appropriate contractual safeguards are in place with these providers, including data processing agreements that restrict the use, retention, and onward transfer of your data.

12. Children's Privacy

Our Service is designed for businesses and is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children under the age of 13 (or 16, where required by applicable state law). In accordance with the Children's Online Privacy Protection Act (COPPA, 15 U.S.C. §6501 et seq.), if we become aware that we have collected personal information from a child under 13, we will take steps to delete such information promptly. If you believe a child has provided us with personal information, please contact us at hello@jaiyn.ai.

13. Third-Party Services and Links

The Service integrates with third-party services and may contain links to third-party websites. The key third-party services we use include:

• Stripe: Payment processing and identity verification (Stripe Connect for Partners). Stripe's privacy policy: stripe.com/privacy.
• AWS (Amazon Web Services): Cloud infrastructure and hosting.
• Anthropic / OpenAI: AI model providers for language generation.
• Postmark: Transactional email delivery.

We are not responsible for the privacy practices of third-party services. We encourage you to review their privacy policies. Our integration with these services is governed by data processing agreements that limit how they may use your information.

14. Do Not Track Signals

Some web browsers transmit "Do Not Track" (DNT) signals. There is currently no uniform standard for how companies should respond to DNT signals. At this time, Jaiyn does not respond to DNT signals. However, as noted in Section 10, we do not use advertising or behavioral tracking cookies, so the practical impact of DNT on our Service is minimal.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. We will notify you of material changes by: (a) posting the updated Privacy Policy on our website with a revised "Last updated" date; and (b) sending an email notification to the address associated with your Account at least thirty (30) days before the changes take effect. We encourage you to review this Privacy Policy periodically. Your continued use of the Service after the effective date of the revised Privacy Policy constitutes your acceptance of the changes.

16. Contact Information and Regulatory Authorities

16.1 Contact Us

If you have questions about this Privacy Policy, wish to exercise your privacy rights, or have concerns about our data practices, please contact us:

16.2 Regulatory Authorities

If you believe your privacy rights have been violated, you have the right to file a complaint with the appropriate regulatory authority:

• Federal Trade Commission (FTC): ftc.gov/complaint — for complaints about unfair or deceptive data practices.
• California Attorney General: oag.ca.gov/privacy — for CCPA/CPRA complaints.
• Your State Attorney General: For complaints under applicable state privacy laws (Virginia, Colorado, Connecticut, Texas, Oregon, and others).

We encourage you to contact us first so we can attempt to resolve your concern directly.