Privacy Policy

Last updated: February 10, 2025

At Paraglide AI ("Paraglide," "we," "us," or "our"), we are committed to protecting your privacy and handling your personal data with care and transparency. This Privacy Policy explains how we collect, use, share, and protect your information when you use our services.

1. Introduction

Paraglide provides AI-powered accounts receivable and debt collection automation services. We process personal data on behalf of our clients (data controllers) and as a data processor, we are committed to compliance with applicable data protection laws, including:

  • General Data Protection Regulation (GDPR) - European Union
  • UK GDPR - United Kingdom
  • Other applicable privacy laws where our services are used

2. Information We Collect

The types of personal data we process depend on how you interact with our services:

Information from Our Clients

When our clients use our services, they may provide us with personal data about their customers, including:

  • Contact information (name, email address, phone number, business address)
  • Financial information (invoice details, payment history, account balances)
  • Communication records (emails, messages, call logs related to payment collection)

Information from Website Visitors

When you visit our website, we may collect:

  • Technical information (IP address, browser type, device information, operating system)
  • Usage data (pages visited, time spent, referring URLs)
  • Information you provide through contact forms or demo requests

Information from Service Users

If you are a user of our client's account (e.g., an employee accessing our platform):

  • Account credentials (email address, encrypted password)
  • Profile information (name, role, organization)
  • Activity logs (login times, actions performed within the platform)

3. How We Use Your Information

We process personal data only for specific, legitimate purposes:

Service Delivery

  • To provide AI-powered accounts receivable and debt collection services to our clients
  • To automate payment reminders, dunning workflows, and customer communications
  • To maintain and improve our platform's functionality and performance

Communication

  • To respond to inquiries, support requests, and demo requests
  • To send service-related notifications and updates
  • To provide customer support and technical assistance

Security & Compliance

  • To detect, prevent, and respond to security incidents and fraud
  • To comply with legal obligations and regulatory requirements
  • To maintain audit logs and monitoring for system integrity

Analytics & Improvement

  • To analyze usage patterns and improve our services
  • To develop new features and enhance user experience
  • To conduct research and development for AI model improvements

4. How We Share Your Information

We do not sell your personal data. We may share your information only in the following circumstances:

With Our Clients

When we process data on behalf of our clients, they remain the data controllers and have access to the data they provide to us through our platform.

With Service Providers

We work with trusted third-party service providers (sub-processors) who help us deliver our services:

  • Cloud infrastructure providers (e.g., Amazon Web Services)
  • Email and communication service providers
  • Analytics and monitoring tools

All sub-processors are contractually bound to protect your data and comply with applicable data protection laws.

For Legal Reasons

We may disclose personal data when required by law or to:

  • Comply with legal obligations or court orders
  • Protect our rights, property, or safety, or that of our users
  • Investigate and prevent fraud, security threats, or illegal activity

5. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required by law:

  • Client data: Retained for the duration of our service agreement and as required by our clients
  • System logs: Retained for 90 days for security and operational purposes
  • Backups: Automated daily backups are retained according to our backup retention policy
  • Marketing data: Retained until you withdraw consent or request deletion

When data is no longer needed, we securely delete or anonymize it in accordance with our data retention and deletion procedures.

6. Data Security

We implement comprehensive technical and organizational security measures to protect your personal data from unauthorized access, loss, misuse, or disclosure:

  • Encryption: All data in transit is encrypted using TLS 1.2/1.3, and data at rest is encrypted using AWS KMS
  • Access controls: Role-based access control (RBAC) and multi-factor authentication (MFA) for all production access
  • Monitoring: Continuous security monitoring and logging of all administrative access
  • Environment separation: Production and non-production environments are isolated in separate AWS accounts
  • Incident response: Documented procedures for detecting, responding to, and mitigating security incidents

For more details about our security practices, please visit our Security & Data Protection page.

7. Your Privacy Rights

Depending on your location and applicable laws, you may have the following rights regarding your personal data:

GDPR & UK GDPR Rights

  • Right of access: Request a copy of the personal data we hold about you
  • Right to rectification: Request correction of inaccurate or incomplete data
  • Right to erasure: Request deletion of your personal data (subject to legal obligations)
  • Right to restriction: Request limitation of how we process your data
  • Right to data portability: Request a copy of your data in a structured, machine-readable format
  • Right to object: Object to processing based on legitimate interests or for direct marketing
  • Right to withdraw consent: Withdraw consent at any time where processing is based on consent

How to Exercise Your Rights

To exercise any of these rights, please contact us at:

We will respond to your request within the timeframes required by applicable law (typically within 30 days for GDPR requests).

Note: If you are a customer of one of our clients, please contact them directly to exercise your rights, as they are the data controller for your information.

8. International Data Transfers

Your personal data may be transferred to and processed in countries outside of your country of residence, including countries that may not provide the same level of data protection as your home country.

When we transfer personal data internationally, we ensure appropriate safeguards are in place:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Data Processing Agreements (DPAs) with all sub-processors
  • Compliance with applicable data protection frameworks

Our primary infrastructure is hosted on Amazon Web Services (AWS) in regions that comply with GDPR and UK GDPR requirements.

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to improve your experience on our website and understand how our services are used.

Types of Cookies We Use

  • Essential cookies: Required for the website to function properly (e.g., session management, security)
  • Analytics cookies: Help us understand how visitors use our website (e.g., page views, traffic sources)
  • Functional cookies: Remember your preferences and settings

You can control cookies through your browser settings. However, disabling certain cookies may affect the functionality of our website.

10. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal data from children. If you believe we have inadvertently collected information from a child, please contact us immediately so we can delete it.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will:

  • Update the "Last updated" date at the top
  • Notify you via email or through our platform (for registered users)
  • Post a notice on our website for a reasonable period

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Paraglide AI

Email: privacy@paraglide.ai

Website: https://paraglide.ai

You also have the right to lodge a complaint with your local data protection authority if you believe your privacy rights have been violated.