Privacy Policy

A. Objective

Exei - AI Agent Platform, as the Data Controller, is committed to maintaining the highest standards of data privacy and ensuring compliance with applicable laws, including the Information Technology Act, 2000 (and its Rules), the Digital Personal Data Protection Act, 2023, the General Data Protection Regulation (GDPR), and the California Consumer Privacy Act (CCPA). Protecting Personal Data and Sensitive Personal Data or Information is essential to building trust with our Users and preserving Exei - AI Agent Platform's reputation. This Policy establishes a robust framework for managing and safeguarding Personal Data, ensuring lawful, secure, and transparent Processing Personal Data to reinforce confidence in our business practices.

B. Definitions

Data Controller / Company

Exei - AI Agent Platform, the entity that determines the purposes and means of Processing Personal Data through the Software, including deciding what types of Personal Data are collected and for what purposes.

Data Processor

A contracted Third Party that conducts Processing Personal Data on behalf of the Data Controller, under strict contractual agreements.

Personal Data

Any information relating to an identified or identifiable User, including but not limited to name, email address, contact number, payment information, billing details, IP address, device information, usage data, location data, chat logs, and queries submitted via chatbots.

Sensitive Personal Data or Information

Data requiring heightened protection submitted via chatbots, such as:

• Political affiliations
• Religious beliefs
• Philosophical beliefs
• Race or ethnicity
• Sexual orientation
• Health data
• Biometric data
• Criminal history
• Credit or financial data
• Trade union and membership information

Consent

A freely given, specific, informed, and unambiguous indication of the User's agreement to the retention and Processing Personal Data, expressed through a clear affirmative action, such as clicking "I Agree" to the Terms & Conditions.

Processing Personal Data

Any operation or set of operations performed on Personal Data, such as collection, recording, organization, storage, use, disclosure, analysis, restriction, erasure, or destruction.

Software

The software product 'Exei' provided by the Exei - AI Agent Platform under a subscription model to Website Owners and accessible to End Users via chatbot interactions.

Third Party / Parties

Any individual or entity other than the User, Data Controller, or Data Processor.

User

An individual whose Personal Data is subject to Processing Personal Data, including Website Owners and End Users.

C. Data Controller and Processor Roles

Exei - AI Agent Platform acts as the Data Controller when determining the purposes and means of Processing Personal Data, such as providing the Software, improving AI models, or conducting analytics. When conducting Processing Personal Data on behalf of Website Owners, Exei - AI Agent Platform acts as a Data Processor, following the Website Owner's instructions under strict contractual agreements. Third Parties engaged by Exei - AI Agent Platform as Data Processors are bound by contractual obligations to ensure compliance with this Policy and applicable laws.

D. Data Collection

The Data Controller collects the following Personal Data when Users subscribe to or use the Software:

D.1 Website Owners

• Account Information: Name, email address, billing details, credit/debit card number, billing address - includes Sensitive Personal Data.
• Website Data: Domain name, chatbot configurations, website content provided for integration.
• Usage Data: Login frequency, feature usage, analytics related to Software performance on your website.

D.2 End Users

• Interaction Data: Chat logs, queries submitted via chatbots, timestamps of interactions.
• Technical Data: IP address, browser type, device information, usage data, approximate location data.
• Personal Data Provided: Name, email address, payment information, contact number, or other details voluntarily submitted during chatbot interactions - may include Sensitive Personal Data or Information if submitted.

If you choose not to provide the above Personal Data that is mandatory to process your request, we may not be able to provide the corresponding service.

D.3 How Data Is Collected

• Directly from Users: When Website Owners sign up for an account with their Consent or End Users provide Personal Data.
• Automatically: Through cookies, log files, or similar technologies during Software use.
• From Website Owners: End User Personal Data collected, processed by Exei - AI Agent Platform as a Data Processor on behalf of the Website Owner Data Controller.

D.4 Cookies and Tracking Technologies

Exei - AI Agent Platform uses cookies and similar technologies to enhance User experience, remember preferences, and analyze usage patterns as part of Processing Personal Data. Users provide Consent via a cookie banner on first use of the Software and can manage preferences via browser settings or the Software's settings page.

E. Purposes and Lawful Basis of Collection

Exei - AI Agent Platform conducts Processing Personal Data for the following purposes and lawful bases:

• To provide access to the Software: Contractual necessity.
• To process payments and manage subscriptions: Contractual necessity.
• To communicate with Users: Legitimate interests (Eg. service updates, support) or Consent (Eg. marketing).
• To improve our services and AI functionalities: Legitimate interests (Eg. anonymized data for AI training).
• To ensure security and prevent fraud: Legitimate interests and legal obligation.
• To comply with legal obligations: Legal obligation (Eg. IT Act, DPDP Act, GDPR, CCPA).
• To share with Data Processors: Contractual necessity and legitimate interests, under strict agreements.
• For analytics or marketing purposes: Explicit User Consent where required by law.

F. Data Processing Activities

Exei - AI Agent Platform performs the following Processing Personal Data activities in relation to the Software:

• User Registration and Account Management: Collecting and storing Website Owners' Personal Data (e.g., name, email, billing details) to create and manage accounts.
• Payment Processing: Conducting Processing Personal Data on payment information and billing details (i.e., Sensitive Personal Data or Information) to process subscriptions and renewals for Website Owners.
• Service Delivery and Improvement: Using Website Owners' website data and End Users' interaction/technical Personal Data to deliver chatbot functionality, monitor performance, and enhance AI models (anonymized where possible).
• Communication: Utilizing Personal Data (Eg., email addresses, contact numbers) to send service-related notifications to Users and marketing messages (with Consent).
• Compliance and Security: Analyzing usage data and IP addresses to ensure security, and disclosing Personal Data to legal authorities when required by law.

G. Data Usage

Exei - AI Agent Platform uses Personal Data to:

• Provide and maintain the Software and related services for Users, sharing with Data Processors as necessary under strict contractual agreements.
• Process subscriptions, payments, and renewals for Website Owners, involving Sensitive Personal Data or Information.
• Communicate with Users about service updates, support, or marketing (with Consent where required).
• Monitor and analyze usage to enhance functionality, security, and User experience.
• Comply with legal obligations under applicable laws.

H. Data Sharing

Exei - AI Agent Platform does not sell Personal Data. We may share Personal Data with:

• Data Processors: Parties that conduct Processing Personal Data on our behalf, bound by contractual safeguards ensuring compliance with this Policy and applicable laws.
• Website Owners: End User Personal Data collected via chatbots is shared with the respective Website Owner as their Data Controller, per their instructions.
• Legal Authorities: When required by law, regulation, or legal process.
• Business Transfers: In the event of a merger, acquisition, or asset sale, with appropriate safeguards, involving potential Third Parties.

Details are available upon request at sales@exei.ai

I. International Data Transfers

Personal Data may be transferred outside India for Processing Personal Data. Exei - AI Agent Platform ensures compliance with applicable laws implementing safeguards such as encryption and contractual agreements to protect Personal Data. Details are available upon request at Exei.

J. Data Security

Exei - AI Agent Platform implements the following security measures to protect Personal Data and Sensitive Personal Data or Information, in line with the Information Technology Act, 2000 (and its Rules), the Digital Personal Data Protection Act, 2023, the General Data Protection Regulation (GDPR), and the California Consumer Privacy Act (CCPA):

• Encryption of Personal Data using industry-standard protocols.
• Access controls limiting Personal Data access to authorized personnel only.
• Regular security audits and vulnerability assessments to mitigate risks.

Data Breach Procedures

In the event of a data breach affecting Personal Data, the Data Controller will notify affected Users and relevant authorities within 48 hours where feasible, and take immediate steps to mitigate risks.

K. Automated Decision-Making and Profiling

Exei - AI Agent Platform uses AI to generate chatbot responses, which may involve automated decision-making. This does not produce legal or similarly significant effects on Users. If profiling occurs for analytics or marketing, it is based on User Consent. Users may object to such Processing Personal Data by contacting Exei.

L. User Rights

Users have the following rights under applicable laws:

• Access: Request a copy of their Personal Data.
• Correction: Correct inaccurate or incomplete Personal Data.
• Deletion: Request deletion of their Personal Data, subject to legal obligations.
• Restriction/Object: Restrict or object to Processing Personal Data.
• Data Portability: Request transfer of their Personal Data to another entity.
• Withdraw Consent: Withdraw Consent at any time where Processing Personal Data is based on Consent, without affecting prior lawful processing.

To exercise these rights, contact Exei - AI Agent Platform's Internal Data Protection Officer at sales@exei.ai. We will respond within 3-4 days, subject to identity verification.

M. Data Retention

Exei - AI Agent Platform retains Personal Data only as long as necessary for the purposes outlined in Section E or as required by law or for other essential purposes such as complying with our legal obligations, resolving disputes and enforcing our agreements. Because these needs can vary for different data types and purposes, actual retention periods can vary significantly.

N. Children's Privacy

Exei - AI Agent Platform does not intentionally request or gather personally identifiable information online from children under 13 without first obtaining verifiable parental approval. Should Exei - AI Agent Platform discover that a child under 13 has provided such information online without parental permission, we will promptly undertake all appropriate efforts to remove that information from our records and will abstain from using it for any reason, except as needed to ensure the child's safety or comply with legal requirements or permissions. If you find out that we have obtained personally identifiable information from a child under 13, please reach out to us by phone at +91 81784 97981 and via email at sales@exei.ai.

Individuals under 18 years of age can request the erasure of their personal information submitted to us by emailing Exei with a deletion request. While we strive to fulfill these requests diligently, please be aware that removing your personal information may not guarantee its total and absolute elimination from all our systems.

O. Changes to This Policy

Be aware that this Privacy Policy might be updated periodically. Any modified version will be posted on this page accordingly. We will not diminish your rights under this Privacy Policy without obtaining your clear agreement. We encourage you to review this Privacy Policy frequently to stay informed about the most recent changes related to it.