Privacy and Cookie Policy

1. Introduction

Hyper Automata Inc. ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you access our SaaS platform, website, and mobile application (the "Service," which is branded as Liftigo AI).

We are based in Toronto, Ontario, Canada, and this policy is drafted to comply with the Personal Information Protection and Electronic Documents Act (PIPEDA), as well as applicable international standards.

By using the Service, you consent to the data practices described in this policy.

2. Information We Collect

2.1 Personal Information

We collect information that identifies you personally when you register for an account or contact support:

• Identity Data: Full Name, Job Title, Employer/Company Name.
• Contact Data: Email Address, Phone Number (optional).
• Authentication Data: Secure login credentials (handled via third-party identity providers).

2.2 Payment Information

We use a third-party payment processor to handle payments. Hyper Automata Inc. does not store or collect your payment card details (PAN or CVC). That information is provided directly to the payment processor, whose use of your personal information is governed by their own Privacy Policy. We only retain limited metadata (e.g., Last 4 digits, Expiry Date, Card Brand) for display and billing history purposes.

2.3 User Content (The "Elevator Data")

We collect the data you upload or input into the system to provide the AI diagnostic service:

• Technical Documents: PDF Manuals, Wiring Diagrams, Error Code sheets.
• Operational Logs: Chat history, troubleshooting queries, image uploads of machinery, and audio recordings.
• Asset Records: Equipment details you register in the system, including serial numbers, locations, installation dates, and service notes.

2.4 Usage Data

We automatically collect data on how the Service is accessed and used, including IP Address, Browser Type, Operating System, and Mobile Device identifiers, to analyze performance and security.

2.5 Consent Records

When you create an account and accept our Terms of Service and Privacy Policy, we record and store:

• IP Address at the time of consent.
• Browser/User Agent information.
• Timestamp of acceptance.
• Email address associated with the account.

This data is retained as an immutable audit trail to demonstrate your agreement to our Terms in accordance with applicable consent laws.

2.6 Device Permissions Data

If you use the image diagnostics or voice input features, the Service may access your device camera and microphone with your explicit browser-level permission. Images and audio captured through the Service are transmitted to third-party AI providers for processing and are stored as part of your chat history.

3. How We Use Your Information

We use the collected data for the following "Legitimate Business Purposes":

• To Provide the Service: Authenticating users, indexing manuals, and generating AI diagnostic responses.
• To Improve the AI: Using aggregated, anonymized error patterns to improve diagnostic accuracy (e.g., identifying that "Error 504" matches "Door Faults" statistically), without exposing your specific proprietary text.
• To Process Payments: Facilitating subscriptions and generating tax invoices via our payment processor.
• To Communicate: Sending billing invoices, security alerts, and feature updates.

4. AI Data Processing & Proprietary Rights

This is critical for our B2B customers.

• Data Isolation: Your proprietary uploads (Manuals/Diagrams) are stored in logically isolated database environments.
• No Public Training: We DO NOT use your proprietary uploaded documents to train our public-facing foundation models. Your trade secrets remain yours.
• Third-Party Processing: Text and images are processed by enterprise-grade AI providers solely for the purpose of generating a response to your specific query.

5. Cookie Policy

We use cookies and similar tracking technologies to track the activity on our Service and hold certain information.

5.1 Types of Cookies and Local Storage We Use

• Essential Cookies: Required for the app to function. These are httpOnly authentication session cookies that keep you securely logged in. You cannot opt-out of these.
• Security Cookies: Used by our payment processor to detect fraud and secure transactions.
• Local Storage: We use your browser's local storage (not cookies) to remember UI preferences such as theme (light/dark mode) and layout settings. This data never leaves your device.

5.2 Managing Cookies

You can instruct your browser to refuse all cookies. However, if you do not accept Essential Cookies, you may not be able to use the Login functionality of our Service.

6. Data Sharing and Service Providers

We do not sell your Personal Data. To operate the Service, we engage trusted third-party entities ("Sub-processors"). We may update these providers to improve security or performance without prior notice, provided they adhere to equivalent data protection standards.

We categorize our Sub-processors as follows:

• Cloud Infrastructure & Hosting: We use industry-standard cloud providers to host our application, databases, and file storage.
• Payment Processing: We use a third-party payment processor to securely handle payments. Hyper Automata Inc. does not store or have access to your full credit card information.
• Artificial Intelligence: We utilize enterprise-grade large language models and vector processing services to generate diagnostic responses.
• Authentication: We use a third-party authentication service to manage secure user login and session management.
• Email Delivery: We use a third-party email service to deliver transactional emails (account verification, password resets, team invitations, usage alerts, and similar service communications).

7. Data Retention

• Active Accounts: We retain User Content (Chat History and Logs) for the lifetime of your subscription to provide historical diagnostic context.
• Cancelled Accounts: Upon cancellation, we retain data for a grace period of 90 days to allow for reactivation. After this period, data may be permanently deleted.
• Legal Requirement: We may retain billing records for up to 7 years as required by the Canada Revenue Agency (CRA) for tax purposes.

8. International Data Transfers

Your information, including Personal Data, may be transferred to—and maintained on—secure servers located outside of Canada, primarily in the United States (where most AI and Cloud infrastructure is located). By using the Service, you consent to this transfer.

9. Your Data Rights

Under PIPEDA and applicable laws, you have the right to:

• Access: Request a copy of the personal data we hold about you.
• Correction: Request that we correct inaccurate data.
• Deletion: Request deletion of your Personal Data (subject to legal tax retention obligations).

To exercise these rights, please contact our Privacy Officer at support@liftigo.com.

10. Security

We use industry-standard security measures, including encryption in transit (TLS 1.2+) and encryption at rest, to protect your data. However, no method of transmission over the Internet is 100% secure.

11. Changes to This Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date.

12. Contact Us

If you have questions about this Privacy Policy, please contact us: