Privacy Policy

1. Introduction

Aptibit Technologies ("Aptibit", "we", "us", or "our") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, retain, and safeguard your information when you:

• Visit our website at aptibit.com and any associated subdomains
• Use our products, including the Visylix AI video intelligence platform
• Engage with our services, including custom AI/ML development, consulting, and software engineering
• Communicate with us via email, contact forms, or other channels
• Subscribe to our newsletter or marketing communications

This policy applies to all individuals who interact with Aptibit Technologies, including website visitors, prospective clients, existing clients, and partners. By using our website or services, you acknowledge that you have read and understood this Privacy Policy.

2. Information We Collect

We collect information in the following categories:

2.1 Personal Information You Provide

When you voluntarily interact with us, we may collect:

• Contact details: Full name, email address, phone number, company name, and job title
• Inquiry information: The content of messages you send through our contact forms, including project requirements and budget range
• Newsletter preferences: Email address and communication preferences when you subscribe to our newsletter via Kit (formerly ConvertKit)
• Feedback and correspondence: Any information you provide when communicating with us directly

2.2 Information Collected Automatically

When you visit our website, we automatically collect:

• Device information: Browser type and version, operating system, device type (desktop/mobile/tablet), and screen resolution
• Usage data: Pages visited, time spent on pages, navigation paths, referring URLs, and exit pages
• Network information: IP address (anonymized where required by law), approximate geographic location (city/country level), and internet service provider
• Performance data: Page load times, errors encountered, and interaction events

2.3 Information from Third Parties

We may receive information about you from third-party services we integrate with, such as Google Analytics (website analytics), Kit (email marketing), and Chatwoot (live chat). We do not purchase personal data from data brokers or third-party data vendors.

3. How We Use Your Information

We process your personal information for the following purposes and legal bases:

• To respond to inquiries and provide support (Legal basis: Legitimate interest / Contract performance). When you contact us through our website, we use your information to respond to your questions and provide relevant information about our services.
• To deliver our services (Legal basis: Contract performance). When you engage us for AI development, consulting, or other services, we process information necessary to fulfill our obligations.
• To send marketing communications (Legal basis: Consent). With your explicit opt-in consent, we send newsletters, product updates, and promotional content. You can unsubscribe at any time.
• To analyze and improve our website (Legal basis: Legitimate interest). We use analytics data to understand how visitors interact with our website, identify areas for improvement, and optimize the user experience.
• To ensure security and prevent fraud (Legal basis: Legitimate interest). We monitor for suspicious activity, unauthorized access attempts, and other security threats.
• To comply with legal obligations (Legal basis: Legal obligation). We may process your information to comply with applicable laws, regulations, and legal proceedings.

4. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to enhance your experience. In compliance with GDPR and ePrivacy regulations, we use Google Consent Mode v2, which defaults all non-essential cookies to "denied" until you provide explicit consent through our cookie banner.

4.1 Types of Cookies We Use

• Essential cookies: Required for basic website functionality, including session management, security, and cookie preference storage. These cannot be disabled.
• Analytics cookies: Used via Google Analytics (GA4) to understand website usage patterns, measure performance, and generate aggregated statistical reports. These are only activated with your consent.
• Functional cookies: Enable enhanced functionality such as theme preferences (dark/light mode) and previously submitted form data. These are only activated with your consent.
• Marketing cookies: Used to track visitors across websites to display relevant advertisements and measure ad campaign effectiveness. These are only activated with your consent.

4.2 Managing Your Cookie Preferences

You can manage your cookie preferences at any time by:

• Clicking the cookie settings button (shield icon) at the bottom-left of any page
• Adjusting your browser settings to block or delete cookies
• Using browser extensions that manage cookie consent

Please note that disabling certain cookies may affect the functionality of our website.

5. Data Sharing and Disclosure

We do not sell, rent, or trade your personal information to third parties for their marketing purposes. We may share your information in the following limited circumstances:

• Service providers: We share data with trusted third-party providers who assist us in operating our website and delivering our services. These include Google Analytics (analytics), Kit (email marketing), Chatwoot (live chat support), and Vercel (website hosting). All service providers are contractually obligated to protect your data and use it only for the purposes we specify.
• Legal requirements: We may disclose your information if required by law, regulation, legal process, or governmental request, or to protect our rights, property, or safety.
• Business transfers: In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of the transaction. We will notify you of any such change and the choices you have regarding your information.
• With your consent: We may share your information with third parties when you have given us explicit consent to do so.

6. International Data Transfers

Aptibit Technologies is headquartered in Kolkata, India, and serves clients globally across India, the United States, United Kingdom, United Arab Emirates, Singapore, Australia, Canada, and Germany. Your information may be transferred to and processed in countries other than your country of residence.

When we transfer personal data internationally, we ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses (SCCs) approved by the European Commission for transfers from the EEA
• Adequacy decisions where applicable
• Binding corporate rules or similar approved transfer mechanisms
• Compliance with India's Digital Personal Data Protection (DPDP) Act, 2023 for data originating in India

7. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

• Contact form submissions: Retained for up to 2 years from the date of submission, or until the related business inquiry is resolved, whichever is longer.
• Newsletter subscriptions: Retained until you unsubscribe. Upon unsubscription, your email is removed from our mailing lists within 30 days.
• Analytics data: Google Analytics data is retained for 14 months, after which it is automatically deleted or anonymized.
• Client project data: Retained for the duration of the business relationship and for up to 5 years after project completion for legal and contractual purposes.
• Cookie data: Cookie consent preferences are stored for 12 months. Analytics cookies expire according to Google's cookie policies.

When your data is no longer required, we securely delete or anonymize it using industry-standard methods.

8. Data Security

We take the security of your personal information seriously and implement appropriate technical and organizational measures to protect it against unauthorized access, alteration, disclosure, or destruction. Our security measures include:

Technical Measures

• HTTPS encryption (TLS 1.3) for all data in transit
• Strict Content Security Policy (CSP) headers to prevent cross-site scripting
• HTTP Strict Transport Security (HSTS) with preloading
• Cross-Origin-Opener-Policy (COOP) for browsing context isolation
• Regular security audits and vulnerability assessments
• Access controls and authentication for all internal systems

Organizational Measures

• Employee training on data protection and privacy best practices
• Data access limited to authorized personnel on a need-to-know basis
• Incident response procedures for data breaches
• Regular review and update of security policies

While we strive to protect your personal information, no method of transmission over the Internet or method of electronic storage is 100% secure. We cannot guarantee absolute security, but we continuously work to improve our security posture.

9. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal data:

9.1 Rights Under GDPR (EU/EEA/UK)

• Right of access: Request a copy of the personal data we hold about you
• Right to rectification: Request correction of inaccurate or incomplete data
• Right to erasure: Request deletion of your personal data ("right to be forgotten")
• Right to restrict processing: Request limitation of how we process your data
• Right to data portability: Request a copy of your data in a structured, machine-readable format
• Right to object: Object to processing based on legitimate interests or for direct marketing
• Right to withdraw consent: Withdraw previously given consent at any time

9.2 Rights Under India's DPDP Act

• Right to access information about your personal data being processed
• Right to correction and erasure of personal data
• Right to grievance redressal
• Right to nominate a representative to exercise your rights

9.3 Rights Under CCPA (California, USA)

• Right to know what personal information is collected, used, and shared
• Right to delete personal information
• Right to opt out of the sale of personal information (we do not sell personal data)
• Right to non-discrimination for exercising your privacy rights

To exercise any of these rights, please contact us at info@aptibit.com. We will respond to your request within 30 days (or sooner if required by applicable law). We may ask you to verify your identity before processing your request.

10. Children's Privacy

Our website and services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have inadvertently collected personal data from a child under 18, we will take steps to delete such information as promptly as possible. If you believe that a child has provided us with personal information, please contact us immediately at info@aptibit.com.

11. Third-Party Links and Services

Our website may contain links to third-party websites, products, or services that are not owned or controlled by Aptibit Technologies. We are not responsible for the privacy practices, content, or security of these third-party sites.

We currently use the following third-party services:

• Google Analytics (GA4): Website analytics and usage tracking
• Vercel: Website hosting and deployment
• Kit (ConvertKit): Email newsletter management
• Chatwoot: Live chat and customer support

We encourage you to review the privacy policies of any third-party services before providing them with your personal information.

12. AI and Machine Learning Data Practices

As an AI company, we want to be transparent about how we handle data in relation to our AI and machine learning technologies:

• Website visitor data: We do not use personal data collected from website visitors to train any AI models or machine learning systems.
• Visylix platform: The Visylix video intelligence platform processes video data on behalf of our clients. Data processed by Visylix belongs to the respective client and is governed by separate data processing agreements. Aptibit does not access, retain, or use client video data for any purpose other than providing the contracted service.
• Custom AI development: When we build custom AI/ML solutions for clients, all training data and models belong to the client unless otherwise specified in the service agreement. We maintain strict data isolation between client projects.
• AI model development: Our proprietary AI models are trained using publicly available datasets, licensed datasets, and synthetic data. We do not use customer data or website visitor data to train our commercial AI models.

13. Do Not Track Signals

Some web browsers transmit "Do Not Track" (DNT) signals to websites. Our website respects your privacy preferences. When analytics cookies are not consented to via our cookie banner, no tracking occurs regardless of DNT signals. We recommend using our cookie consent mechanism as the primary way to manage your tracking preferences on our website.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will update the "Last updated" date at the top of this page. For significant changes that materially affect your rights, we will make reasonable efforts to provide notice, such as displaying a prominent notification on our website or sending an email to registered users. We encourage you to review this policy periodically to stay informed about how we protect your information.

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: