Privacy Policy

Species-Agnostic Intelligence Platform

GDPR Compliant
CCPA Ready
Last Updated: December 2025 | Version 1.0

Table of Contents

1. Introduction

Centrigon Inc. ("Centrigon," "we," "us," or "our") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our species-agnostic intelligence platform (the "Service").

This Privacy Policy complies with the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other applicable data protection laws. By using our Service, you consent to the data practices described in this policy.

1.1 Controller Information

Centrigon Inc. is the data controller responsible for your personal information processed through the Service. Our contact information is provided in Section 13 of this Policy.

2. Definitions

"Personal Data" means any information relating to an identified or identifiable natural person as defined under applicable data protection laws.

"Processing" means any operation performed on Personal Data, including collection, storage, use, transmission, or deletion.

"Cognitive Space" refers to your private, isolated instance of Centrigon intelligence that processes your interactions while maintaining data isolation.

"Abstracted Insights" means generalized patterns and concepts derived from user interactions, stripped of all personally identifiable information.

"Data Subject" means the individual to whom Personal Data relates, as defined under GDPR.

3. Information We Collect

3.1 Information You Provide Directly

We collect information that you voluntarily provide when using our Service, including:

  • Account Information: Name, email address, contact details
  • Profile Information: Preferences, settings, configuration data
  • Communication Data: Messages, feedback, support requests
  • Payment Information: Billing details, transaction history (processed by third-party payment processors)

3.2 Information Collected Automatically

When you use our Service, we automatically collect:

  • Usage Data: Interaction patterns, feature usage, session duration
  • Technical Data: IP address, device information, browser type, operating system
  • Cognitive Data: Abstracted learning patterns, conceptual development (anonymized)
  • Performance Data: System performance metrics, error logs

3.3 Information from Third Parties

We may receive information about you from:

  • Service providers and business partners
  • Social media platforms (when you connect your accounts)
  • Publicly available sources

We do not collect sensitive personal data (special categories under GDPR) unless required for specific services and with your explicit consent.

4. How We Use Your Information

4.1 Service Provision and Operation

We use your information to:

  • Provide, maintain, and improve the Service
  • Develop and personalize your Cognitive Space
  • Process transactions and send related information
  • Provide customer support and respond to inquiries
  • Send service-related announcements

4.2 Legal and Legitimate Business Purposes

We process your information for:

  • Compliance with legal obligations
  • Protection of our rights and property
  • Fraud prevention and security monitoring
  • Business analytics and service improvement
  • Research and development of new features

4.3 Marketing and Communications

With your consent where required, we may use your information to:

  • Send promotional communications
  • Personalize marketing content
  • Conduct surveys and gather feedback

We will always obtain your explicit consent before using your personal information for marketing purposes where required by law.

6. Data Sharing and Disclosure

6.1 Service Providers

We may share your information with trusted third-party service providers who assist us in operating our Service, including:

  • Cloud hosting providers
  • Payment processors
  • Analytics services
  • Customer support platforms

6.2 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities.

6.3 Business Transfers

In connection with any merger, sale of company assets, or acquisition, your information may be transferred to the acquiring entity.

6.4 Aggregate and Anonymized Data

We may share aggregated, anonymized data that does not identify you personally for research, analytics, and business purposes.

All third-party service providers are contractually bound to protect your information and may only process it for specified purposes in compliance with this Privacy Policy.

7. Data Security

7.1 Security Measures

We implement appropriate technical and organizational security measures designed to protect your Personal Data, including:

  • Encryption of data in transit and at rest
  • Access controls and authentication mechanisms
  • Regular security assessments and penetration testing
  • Employee training on data protection
  • Incident response procedures

7.2 Security Certifications

Our security practices are aligned with industry standards and we maintain relevant security certifications where applicable.

7.3 Data Breach Notification

In the event of a personal data breach, we will notify you and the relevant supervisory authorities as required by applicable law.

While we implement robust security measures, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security of your information.

8. Data Retention

8.1 Retention Periods

We retain your Personal Data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

8.2 Retention Criteria

Our retention periods are determined based on:

  • The purpose for which we collected the data
  • Legal and regulatory requirements
  • Statutory limitation periods
  • Business needs and operational requirements

8.3 Data Deletion

Upon expiration of the applicable retention period, we will securely delete or anonymize your Personal Data in accordance with our data destruction policies.

9. Your Rights

9.1 Data Subject Rights (GDPR)

Under GDPR, you have the following rights regarding your Personal Data:

Right of Access

You may request access to the Personal Data we hold about you.

Right to Rectification

You may request correction of inaccurate or incomplete Personal Data.

Right to Erasure

You may request deletion of your Personal Data under certain circumstances.

Right to Restriction

You may request restriction of processing of your Personal Data.

Right to Data Portability

You may request receipt of your Personal Data in a structured, commonly used format.

Right to Object

You may object to certain types of processing of your Personal Data.

9.2 California Privacy Rights (CCPA)

California residents have additional rights under CCPA, including:

  • Right to know what Personal Data is collected and how it's used
  • Right to delete Personal Data
  • Right to opt-out of the sale of Personal Data
  • Right to non-discrimination for exercising privacy rights

9.3 Exercising Your Rights

To exercise your rights, please contact us using the information in Section 13. We will respond to your request within the timeframe required by applicable law.

10. International Data Transfers

10.1 Transfer Mechanisms

Your Personal Data may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place for such transfers, including:

  • EU Standard Contractual Clauses
  • Adequacy decisions
  • Binding Corporate Rules
  • Other approved transfer mechanisms

10.2 Privacy Shield

While Privacy Shield is no longer a valid transfer mechanism, we continue to honor Privacy Shield principles for data received from the EU and Switzerland.

By using our Service, you acknowledge that your Personal Data may be transferred to countries with different data protection laws than your country of residence.

11. Children's Privacy

11.1 Age Restrictions

Our Service is not intended for children under the age of 16. We do not knowingly collect Personal Data from children under 16.

11.2 Parental Consent

If we learn that we have collected Personal Data from a child under 16 without verification of parental consent, we will take steps to delete that information.

11.3 Parental Rights

Parents or guardians who believe we might have collected information from a child under 16 should contact us immediately.

12. Changes to This Privacy Policy

12.1 Policy Updates

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

12.2 Notification of Changes

If we make material changes, we will notify you through the Service, by email, or by posting a prominent notice on our website prior to the changes taking effect.

12.3 Continued Use

Your continued use of the Service after any modification to this Privacy Policy will constitute your acceptance of such modification.

13. Contact Information

13.1 General Inquiries

For questions about this Privacy Policy or our privacy practices, please contact us at:

Centrigon Inc.

Email: privacy@centrigon.com

Address: [Your Company Address]

13.2 Data Protection Officer

For GDPR-specific inquiries, you may contact our Data Protection Officer at:

Email: dpo@centrigon.com

13.3 Supervisory Authority

You have the right to lodge a complaint with a supervisory authority in the EU member state of your habitual residence, place of work, or place of the alleged infringement.

We are committed to working with you to obtain a fair resolution of any complaint or concern about privacy. If, however, you believe that we have not been able to assist with your complaint or concern, you have the right to make a complaint to the relevant data protection authority.