Privacy Policy

Effective Date: March 9, 2026

This Privacy Policy explains how SHRD Cloud, Inc. ("DAT.ai," "DAT", "we," "us," or "our") collects, uses, discloses, and otherwise processes information in connection with the DAT.ai website, platform, APIs, SDKs, documentation, dashboard, playground, and related services (collectively, the "Services").

This Privacy Policy does not apply to information we process solely on behalf of customers as a service provider or processor where the customer controls the purposes and means of processing. In those cases, the relevant customer is responsible for providing any required privacy notices and obtaining any necessary rights and permissions.

By accessing or using the Services, you acknowledge the practices described in this Privacy Policy.

1. Information We Collect

We may collect the following categories of information:

a. Information You Provide to Us

We collect information you provide directly to us, such as when you:

• create an account;

• contact us;

• subscribe to a paid plan;

• request support;

• join a waitlist or newsletter;

• use the dashboard, APIs, SDKs, or playground; or

• otherwise communicate with us.

This information may include:

• name;

• email address;

• company name;

• billing information;

• account credentials;

• payment and transaction information;

• communications you send to us; and

• any other information you choose to provide.

b. Information We Collect Automatically

When you access or use the Services, we may automatically collect certain technical and usage information, including:

• IP address;

• device information;

• browser type and settings;

• operating system;

• referring URLs;

• pages viewed and interactions;

• timestamps;

• usage logs;

• API requests and metadata;

• performance and diagnostic data; and

• approximate location derived from IP address.

c. Customer Data and Service Inputs

We may process data, prompts, requests, URLs, configurations, browser instructions, files, outputs, logs, and other content submitted through the Services (collectively, "Customer Data"). The extent and nature of that data depends on how you use the Services.

d. Information From Third Parties

We may receive information from third parties, such as:

• payment processors;

• infrastructure providers;

• analytics providers;

• authentication providers;

• business partners; and

• publicly available sources.

2. How We Use Information

We may use the information we collect to:

• provide, operate, maintain, and improve the Services;

• authenticate users and secure accounts;

• process payments and manage subscriptions;

• respond to support requests and communicate with you;

• monitor usage, debug issues, and prevent abuse;

• detect, investigate, and prevent fraud, unauthorized access, and illegal activity;

• personalize and improve user experience;

• develop new products and features;

• comply with legal obligations;

• enforce our Terms of Service and other policies; and

• send administrative, service-related, or marketing communications, subject to applicable law.

3. Legal Bases for Processing

If and to the extent applicable data protection laws require a legal basis for processing personal data, we may rely on the following legal bases:

• performance of a contract, such as providing the Services you request;

• legitimate interests, such as securing, improving, and operating the Services;

• compliance with legal obligations; and

• consent, where required by law.

4. How We Disclose Information

We may disclose information in the following circumstances:

a. Service Providers and Vendors

We may disclose information to vendors, contractors, and service providers that perform services on our behalf, such as hosting, analytics, payment processing, customer support, authentication, communications, monitoring, and security services.

b. Affiliates and Corporate Transactions

We may disclose information to our affiliates and in connection with an actual or proposed merger, acquisition, financing, reorganization, sale of assets, bankruptcy, or other corporate transaction.

c. Legal and Compliance Purposes

We may disclose information if we believe doing so is necessary or appropriate to:

• comply with applicable law, regulation, legal process, or government request;

• enforce our agreements and policies;

• protect the rights, property, or safety of DAT.ai, our users, or others; or

• detect, prevent, or address fraud, security, or technical issues.

d. With Your Direction or Consent

We may disclose information where you direct us to do so or otherwise consent.

e. Aggregated and De-Identified Information

We may use and disclose aggregated or de-identified information that does not reasonably identify you.

5. Cookies and Similar Technologies

We and our service providers may use cookies, SDKs, pixels, local storage, and similar technologies to operate the Services, remember preferences, understand usage, analyze traffic, improve performance, and support security.

For more details, please see the Cookie Policy below.

6. Data Retention

We retain information for as long as reasonably necessary to provide the Services, comply with legal obligations, resolve disputes, enforce agreements, maintain security, and support legitimate business operations.

Retention periods vary depending on the type of information, the nature of the relationship, and legal or operational requirements. We may retain logs, billing records, support records, and security data for appropriate periods even after an account is closed.

7. Data Security

We use reasonable administrative, technical, and organizational measures designed to protect personal data and other information we process. However, no method of transmission over the internet or method of storage is completely secure, and we cannot guarantee absolute security.

You are responsible for maintaining the security of your account credentials and for implementing safeguards appropriate to your own use of the Services.

8. International Data Transfers

We may process and store information in the United States and other countries where we or our service providers operate. Those countries may have data protection laws that differ from the laws of your jurisdiction.

Where required by applicable law, we will take appropriate steps to provide adequate safeguards for cross-border transfers of personal data.

9. Your Rights and Choices

Depending on your location and applicable law, you may have certain rights regarding your personal data, such as the right to:

• access personal data;

• correct inaccurate personal data;

• delete personal data;

• object to or restrict certain processing;

• withdraw consent where processing is based on consent; and

• request data portability.

You may also opt out of marketing emails by using the unsubscribe link in those messages. You may still receive transactional or service-related communications.

To exercise applicable privacy rights, contact us at es@dat.ai. We may need to verify your identity before responding.

10. Children

The Services are not directed to children under 13, and we do not knowingly collect personal data from children under 13. If you believe a child has provided personal data to us, contact us and we will take appropriate steps.

11. Third-Party Services and Links

The Services may contain links to or integrations with third-party websites, tools, or services. We are not responsible for the privacy, security, or content practices of third parties. Your interactions with third-party services are governed by their own terms and policies.

12. California and Other U.S. Privacy Disclosures

If applicable law requires additional disclosures or rights, including under California privacy law, we will honor such rights as required. Depending on your jurisdiction, you may have rights to know, access, correct, delete, or limit certain uses of personal information.

We do not sell personal information in the traditional sense for money. We also do not knowingly share personal information for cross-context behavioral advertising unless and until such practices are clearly described in this Privacy Policy.

13. European Privacy Disclosures

If you are located in the European Economic Area, the United Kingdom, or Switzerland, you may have rights under applicable data protection law. You may also have the right to lodge a complaint with your local supervisory authority.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we may provide notice by posting the updated version on our website, through the Services, or by other reasonable means. The updated Privacy Policy will become effective on the stated effective date.

15. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us at:

SHRD Cloud, Inc.
1004 Orange Street
Wilmington, New Castle
DE 19801
es@dat.ai