top of page

Privacy Policy

Effective Date: 5/31/24 

​

XcelerateAI ("we," "us," or "our") is committed to protecting the privacy and security of the data we collect and process. This Data Privacy Policy outlines our practices regarding the collection, use, and disclosure of personal and sensitive information while providing artificial intelligence solutions to fintech, healthcare, legal, and other industries. 

​

1. Information We Collect 

We collect and process personal information to improve our products and services, which in turn allows us to provide you with enhanced user experiences. This data processing is based on our legitimate interests to develop and improve our offerings, as well as to fulfill our contractual obligations to you. 

  • Data Provided by Clients: We receive information directly from our clients which may include personal data, financial records, health information, and legal documents. 

  • Interaction Data: We gather data from our clients’ interactions with our AI tools, which includes usage patterns and preferences. 

  • Automated Technologies: We use technologies like cookies and web beacons to collect information which helps us understand how our services are being used and to tailor our offerings. 
     

2. Use of Information 

Your data is only used to improve your product experience. Specifically: 

  • To provide, maintain, and improve our AI services, ensuring you receive enhanced and more personalized experiences 

  • To develop new tools and functionalities that better meet your needs and preferences 

  • To respond promptly to inquiries, address support needs, and provide necessary assistance, resulting in more efficient and effective service delivery. 
     

3. Sharing of Information 

We share information to comply with legal requirements, to provide you with services, to protect your rights, to fulfill our business obligations, and/or with your consent or at your direction. 

  • With service providers and partners who assist us in meeting business operations needs and deliver our services. See this list of Third-Party Data Subprocessors:  here

  • With legal or regulatory authorities as required by applicable law or in response to legal processes, such as to protect against or deter fraudulent, illegal, or harmful actions 
     

4. Deletion of Data 

If you choose to delete your account, we commit to deleting all data associated with that account, except as required to comply with our legal obligations, resolve disputes, or enforce our agreements. This includes all personal, financial, health, and legal information collected while providing our services. We will execute the deletion process to ensure that removal of data is secure and comprehensive. 
 

5. International Data Transfers 

Information we collect may be stored and processed in any country where we have operations or where we engage service providers. By using our services, you consent to the transfer of information to countries outside of your country of residence, which may have different data protection rules than in your country. 
 

6. Payment Processing 

We do not store or process your Payment Data, including your credit card information. Instead, utilize Stripe to store, manage, and process your payments. Here is their privacy policy: https://stripe.com/en-in/privacy
 

7. Data Security 

We implement industry-standard security measures to protect the information we collect and maintain.  

  • All communications are secured through HTTPS with TLS 1.2 or higher encryption 

  • Our cloud service provider is Amazon Web Services (AWS), which adheres to key industry standards including PCI DSS Level 1, FIPS 140-2, HIPAA, IRAP, and ITAR. 

  • We ensure that data at rest is encrypted using AES-256, and data in transit is protected via HTTPS with TLS 1.2 encryption 

  • Passwords are hashed using PBKDF2 

  • We conduct annual penetration testing to identify and address security vulnerabilities. 

  • We use MFA (multi-factor authentication) and adhere to SOC 2 and HIPAA standards of password complexity 
     

8. Data Retention 

We retain personal information only for as long as necessary to fulfill the purposes for which it was collected, including as described in this Privacy Policy, or as required by law. 
 

9. California Privacy Rights 

Pursuant to California Civil Code Section 1798.83, residents of California have the right to request from us, once per calendar year, at no cost, information regarding the disclosure of their personal information to third parties for direct marketing purposes. This includes obtaining details about the specific types of personal information shared with these third parties in the preceding calendar year. 

 

10. Changes to This Privacy Policy 

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page. 

​

11. Contact Us 

If you have any questions about this Privacy Policy, please contact us at: 

support@xcelerateai.com 

We encourage you to review our Privacy Policy whenever you access our services to stay informed about our information practices and the ways you can help protect your privacy. 

bottom of page