Privacy Policy

Privacy Policy

Effective Date: August 18, 2025

1. Introduction and Company Information

Welcome to Tenbyte AI, an AI-powered document intelligence platform. This Privacy Policy explains how Noxie Innovation (OPC) Private Limited ("Company," "we," "us," or "our") collects, uses, protects, and shares your information when you use our services.

Company Information: - Legal Entity: Noxie Innovation (OPC) Private Limited - Product Name: Tenbyte AI - Registration: Company incorporated in India - CIN: U72900GJ2022OPC135927 - Registered Office: D-203, Arjun Green, Near Vardan Tower, Naranpura, Ahmedabad, Gujarat, India - 380013

By using our AI-powered document review system, you acknowledge that you have read, understood, and consent to the collection and use of your information as described in this Privacy Policy.

2. Information We Collect

2.1 Account Information

When you create an account with Tenbyte AI, we collect: - Full name - Email address - Company/organization name - Job title or role - Contact phone number - Billing address and payment information

2.2 Document Processing Information

When you use our services, we temporarily process: - Uploaded Documents: Master documents and regulatory reference materials submitted for analysis - Document Metadata: File names, upload timestamps, document types, and processing preferences - Processing Results: Generated compliance reports, discrepancy analyses, SOP drafts, and COA examinations

2.3 Technical Information

We automatically collect: - IP address and geolocation data - Browser type and version - Operating system information - Device identifiers - Session duration and usage patterns - System performance metrics during document processing

2.4 Usage Analytics

To improve our services, we collect: - Feature usage patterns - Processing completion rates - Error logs and diagnostic information - User interface interactions - Service performance metrics

3. How We Use Your Information

3.1 Service Provision

We use your information to: - Process and analyze your submitted documents - Generate compliance reports, discrepancy analyses, and SOP recommendations - Provide Certificate of Analysis (COA) examination services - Deliver processing results and recommendations - Maintain your account and service preferences

3.2 Service Improvement

Your information helps us: - Enhance AI model performance and accuracy - Optimize system processing speed and reliability - Develop new features and capabilities - Improve user interface and experience - Conduct quality assurance and system monitoring

3.3 Communication

We may use your contact information to: - Send service-related notifications and updates - Provide technical support and customer service - Share important security or policy updates - Deliver system maintenance announcements - Respond to your inquiries and feedback

3.4 Legal and Compliance

We process information as necessary to: - Comply with applicable laws and regulations - Respond to legal requests and court orders - Protect our rights and interests - Investigate potential violations of our Terms of Service - Ensure platform security and prevent fraud

4. Zero-Retention Policy for Documents

4.1 Comprehensive Document Protection

Your Documents Are Completely Safe: We have enterprise-grade agreements that ensure zero data retention: - When we finish processing your document, both we and our AI technology partners delete it immediately - No copies of your documents are stored anywhere in our systems or our partners' systems - We never use your documents to improve our system or train AI models - Our technology partners are contractually bound to the same zero-retention standards - Document deletion happens automatically without any action needed from you

4.2 What Zero-Retention Covers

Our zero-retention policy applies to: - All document content you upload (PDFs, text files, etc.) - Document analysis and processing results - Any temporary data created during processing - All conversations and interactions related to your documents

4.3 Enterprise-Grade Privacy Protection

• We maintain enterprise agreements with our AI technology partners specifically for zero data retention
• These agreements go beyond standard privacy policies to ensure maximum protection
• Our partners are prohibited from storing, learning from, or using your data in any way
• All processing happens in secure, temporary environments that are completely cleared after use

4.4 Processing Environment Security

• Documents are processed in secure, isolated environments with enterprise-grade encryption
• Processing happens in temporary computer memory that gets completely wiped after each session
• No document content is accessible to our team, technology partners, or any third parties during or after processing
• All processing records and metadata are automatically deleted
• Safety and security monitoring occurs without storing document content

4.5 Legal and Compliance Protections

Our zero-retention agreements include: - Legal protections that prevent any data storage beyond processing - Compliance with international privacy laws (GDPR, CCPA, Indian data protection laws) - Contractual obligations that exceed standard privacy requirements - Regular audits to ensure compliance with zero-retention commitments

5. AI Technology and Data Processing

5.1 AI Technology and Zero-Retention Integration

• Our system uses enterprise-grade AI technology partners with contractual zero data retention agreements
• AI processing happens within secure environments that automatically delete all document content
• Document content is processed only to create your requested analysis, then immediately deleted
• Neither we nor our technology partners store, learn from, or use your document content for any purpose
• All parties involved are legally bound to zero-retention policies that exceed standard privacy protections
• Safety monitoring occurs without storing or accessing your actual document content

5.2 Proprietary Components

Our service includes proprietary intellectual property: - Specialized algorithms for document analysis - Custom prompt engineering techniques - Proprietary workflow optimization systems - Advanced system architecture for secure processing - Enhanced user interface design

5.3 Processing Accuracy and Limitations

• Our AI technology provides 99.9% accuracy for discrepancy detection
• Results require human verification and qualified professional review
• System outputs are recommendations requiring validation before implementation
• AI capabilities may vary based on document complexity and technical factors

6. Information Sharing and Disclosure

6.1 Third-Party Service Providers and Zero-Retention

We may share limited account information (never document content) with trusted service providers: - Payment processing and billing services - for subscription management - Cloud infrastructure and hosting services - for platform operations
- Enterprise AI technology services - for document processing under zero-retention agreements - Technical support and system maintenance - for service optimization - Security monitoring and threat detection - for platform protection

Critical Protection: Your document content is never shared with any third parties because: - We have enterprise zero-retention agreements with our AI technology partners - Both we and our partners are contractually required to delete documents immediately after processing - Document content never leaves the secure, temporary processing environment - Only safety and security classifications may be retained (without document content) to ensure platform security

6.2 Legal Requirements

We may disclose information when required by law: - In response to valid legal process or court orders - To comply with applicable regulations and government requests - To protect our rights, property, or safety - To investigate potential legal violations - In connection with business transfers or acquisitions

6.3 No Data Sales or Marketing

We do not: - Sell your personal information to third parties - Share your data for marketing purposes - Use your information for advertising or promotional activities - Provide your data to data brokers or aggregators

7. Data Security Measures

7.1 Technical Safeguards

We implement comprehensive security measures: - End-to-End Encryption: All documents are encrypted during transmission and processing - Secure Processing Environment: Isolated systems with restricted access controls - Multi-Factor Authentication: Enhanced account security for user access - Regular Security Audits: Ongoing assessment of system vulnerabilities - Intrusion Detection: Real-time monitoring for unauthorized access attempts

7.2 Administrative Controls

Our security framework includes: - Strict employee access controls and background checks - Comprehensive security training for all personnel - Regular security policy updates and compliance reviews - Incident response procedures for potential security breaches - Continuous monitoring of system access and activities

7.3 Physical Security

Our infrastructure is protected by: - Secure data center facilities with restricted physical access - Environmental controls and monitoring systems - Backup power systems and disaster recovery capabilities - Secure hardware disposal and data destruction procedures

8. Data Breach Notification

8.1 Breach Response Commitment

In the event of a confirmed data breach: - We will notify affected users within 72 business hours of verification - Notifications will include details about the nature and scope of the breach - We will provide information about steps taken to address the incident - Guidance will be provided on protective measures users can take

8.2 Limited Breach Impact Due to Zero-Retention

Due to our enterprise zero-retention agreements: - Document content breaches are prevented since documents are never stored by us or our partners - Historical document data is not at risk because it doesn't exist in any systems - Personal account information has limited exposure since document content is never retained - Processing history cannot be compromised because it's automatically deleted - Maximum privacy protection is maintained even in worst-case scenarios

8.3 Incident Investigation

We commit to: - Thorough investigation of all suspected security incidents - Cooperation with law enforcement and regulatory authorities as required - Implementation of additional security measures to prevent future incidents - Transparent communication about lessons learned and improvements made

9. International Data Transfers

9.1 Data Processing Location

• Primary data processing occurs within secure facilities in India
• Some processing may occur in other jurisdictions for technical optimization
• All international transfers comply with applicable data protection laws
• Appropriate safeguards are implemented for cross-border data transfers

9.2 Compliance with International Standards

We ensure compliance with: - General Data Protection Regulation (GDPR) for European users - California Consumer Privacy Act (CCPA) for California residents - Other applicable privacy laws in jurisdictions where we operate - International data transfer frameworks and adequacy decisions

10. Your Privacy Rights

10.1 Access and Correction Rights

You have the right to: - Access your personal information in our systems - Request correction of inaccurate or incomplete data - Update your account information and preferences - Download your account data in a portable format

10.2 Deletion and Erasure Rights

You may request: - Deletion of your account and associated personal information - Erasure of specific data categories where legally permissible - Cessation of data processing for specific purposes

Note: Document deletion is automatic under our Zero-Retention Policy.

10.3 Control and Consent Rights

You can: - Withdraw consent for data processing where consent is the legal basis - Object to processing for direct marketing purposes - Restrict processing in certain circumstances - Opt out of non-essential communications

10.4 Exercising Your Rights

To exercise your privacy rights: - Email us at privacy@tenbyteai.com with your request - Include your account information and specific request details - We will respond within 30 days for most requests - Some requests may require identity verification for security purposes

11. Data Retention Periods

11.1 Account Information

• Personal account information is retained while your account remains active
• Information is deleted within 90 days of account closure
• Some information may be retained longer if required by law

11.2 Technical Logs

• System logs and analytics data are retained for 12 months maximum
• Processing logs are automatically purged after 30 days
• Security logs may be retained longer for compliance purposes

11.3 Document Processing Records

• Zero retention for document content - deleted immediately after processing
• Processing metadata (file names, timestamps) retained for 30 days maximum
• Compliance reports remain accessible in your account until deletion

12. Cookies and Tracking Technologies

12.1 Essential Cookies

We use necessary cookies for: - User authentication and session management - Security features and fraud prevention - Basic website functionality and navigation - System performance optimization

12.2 Analytics Cookies

With your consent, we use analytics cookies to: - Understand user behavior and service usage patterns - Improve website performance and user experience - Identify technical issues and system improvements - Measure the effectiveness of our services

12.3 Cookie Management

You can: - Control cookie preferences through your browser settings - Opt out of non-essential cookies through our cookie consent interface - Delete existing cookies through your browser tools - Contact us for assistance with cookie-related questions

13. Children's Privacy

13.1 Age Restrictions

• Our services are not intended for individuals under 18 years of age
• We do not knowingly collect personal information from children
• If we become aware of child data collection, we will delete it promptly
• Parents or guardians may contact us regarding potential child data issues

13.2 Educational Use

• Educational institutions using our services must ensure appropriate consent
• Student data, if any, receives enhanced protection under applicable laws
• Special procedures apply for processing educational records

14. Business Transfers

14.1 Merger and Acquisition Scenarios

In the event of: - Business sale, merger, or acquisition - Asset transfer or reorganization - Bankruptcy or similar proceedings

Your personal information may be transferred as part of business assets, subject to: - Continued protection under this Privacy Policy or equivalent terms - Notice to affected users about the transfer - Opportunity to delete account information before transfer

15. Updates to This Privacy Policy

15.1 Policy Modifications

• We may update this Privacy Policy to reflect changes in our practices
• Material changes will be communicated via email or platform notification
• Updated policies will be posted with new effective dates
• Continued use of services constitutes acceptance of changes

15.2 Change Notification Timeline

• Major changes: 30 days advance notice
• Minor updates: Notice at time of change
• Legal requirement changes: As soon as reasonably possible

16. Regulatory Compliance

16.1 Indian Privacy Laws

We comply with: - Information Technology Act, 2000 and associated rules - Digital Personal Data Protection Act, 2023 - Other applicable Indian privacy and data protection regulations

16.2 International Compliance

For users in other jurisdictions, we comply with: - GDPR (European Union) - CCPA (California) - PIPEDA (Canada) - Other applicable regional privacy laws

17. Contact Information

17.1 Privacy Inquiries

For privacy-related questions or concerns: - Email: privacy@tenbyteai.com - General Contact: sunil@tenbyteai.com - Response Time: Within 5 business days

17.2 Data Protection Officer

For GDPR-related inquiries: - Contact: privacy@tenbyteai.com - Subject Line: "GDPR Inquiry - [Your Request]"

17.3 Company Address

Noxie Innovation (OPC) Private Limited
D-203, Arjun Green
Near Vardan Tower, Naranpura
Ahmedabad, Gujarat, India - 380013

17.4 Business Hours

• Support Hours: 9:00 AM to 5:00 PM IST, Monday through Friday
• Emergency Contact: Available for critical security issues
• Holidays: Recognized Indian holidays may affect response times

18. Definitions

For purposes of this Privacy Policy:

• "Document Processing" means the analysis, review, and generation of reports for uploaded documents using our AI technology
• "Personal Information" means any information that identifies or can be used to identify an individual
• "Processing" means any operation performed on personal information, including collection, use, storage, and deletion
• "Zero-Retention Policy" means our practice of automatically deleting all documents immediately after processing completion
• "User" means any individual or entity using our services
• "Services" means all features and capabilities provided by the Tenbyte AI platform

By using Tenbyte AI services, you acknowledge that you have read and understood this Privacy Policy and consent to the collection and use of your information as described herein.

Last Updated: August 18, 2025
Version: 1.0
Effective Date: August 18, 2025

Questions about this Privacy Policy?
Contact us at sunil@tenbyteai.com