1. Introduction
Welcome to DatumFuse.AI™. This Privacy Policy explains how **Datum Fuse LLC** ("we," "us," or "our") collects, uses, and protects your information when you use our website and services, marketed as DatumFuse.AI (the "Service"). Our services include Ainclude AI-powered tools for data visualization, keyword research, text summarization, interactive chat (RAG), and document analysis. By using our Service, you agree to the collection and use of information in accordance with this policy.
2. Information We Collect
A. Information You Provide to Us
Account Information: When you register (e.g., via Auth0 or social logins), we collect your name, email, and user ID to create and manage your account.
User Content: We process the files (CSVs, etc.), data, documents, and text prompts you upload or submit to our AI tools solely to provide you with the requested output (e.g., a chart or a summary).
B. Information We Collect Automatically
Log and Usage Data: To operate and secure the Service, we automatically collect technical information when you interact with our platform. This includes your IP address, browser type, operating system, pages visited, and the dates and times of your requests. This data helps us diagnose problems, prevent fraud, and understand usage patterns to improve our Service.
Cookies: We use essential cookies for core functionalities like keeping you logged in. We use a Consent Management Platform for any non-essential cookies.
C. Data Accessed from Third-Party Services (e.g., Google Sheets)
Our Service allows you to connect to third-party applications, like Google Sheets, to import data for analysis. This process is user-initiated and requires your explicit consent.
Google Sheets Integration:
If you choose to connect a Google Sheet as a data source, we will initiate Google's secure OAuth 2.0 authorization flow. This process will ask for your explicit consent to grant Datum Fuse AI specific, read-only permissions. We will never ask for permission to edit, create, or delete your files.
Permissions Requested: We request spreadsheets.readonly to read the content of the specific spreadsheet you provide, and drive.file to ensure we only have access to files you explicitly open with our service. We do not have permission to browse all files in your Google Drive.
Data Access and Usage: When you provide a Google Sheet URL, our secure backend server uses the permission you granted to read the data from that single sheet. This data is then processed by our services (e.g., for harmonization, augmentation, or visualization) and may be temporarily stored in our secure cloud infrastructure as a processed file associated with your job. We do not use this data for any purpose other than providing our services to you.
Token Storage: To maintain this connection without requiring you to log in to Google each time, we securely store the authorization (access_token) and refresh (refresh_token) tokens provided by Google. These tokens are encrypted at rest and are used solely for accessing the data you have authorized.
Google API Services User Data Policy: Our use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
You can revoke our access to your Google Account at any time through your Google Account's security settings page. Revoking access will delete our ability to access your data, and we will remove the stored tokens.
3. How We Use Your Information
To Provide the Service: Your User Content is sent to our AI service providers (like AWS Bedrock) only to generate the output you requested. It is not stored long-term by us for this purpose.
To Improve and Secure our Platform: We analyze anonymized Usage Data to fix bugs, enhance features, and protect against fraud and abuse.
Our AI Model Promise
We will **never** use your User Content (your files, your data, your prompts) to train or fine-tune any third-party AI models. The data you provide is for your eyes and your outputs only.
4. Sharing Your Information
We do not sell your personal information. We may share your information with third-party service providers who perform services for us or on our behalf. These providers are contractually obligated to protect your data. Key service providers include:
Service Providers: We share information with essential vendors like our cloud host (AWS), AI model providers (AWS Bedrock), and authentication services (Auth0). They are contractually obligated to protect your data and only use it to provide their service to us.
Authentication Providers: Auth0 to facilitate secure account login and management.
Legal Compliance: We may disclose information if required by law or to protect the rights, property, and safety of Datum Fuse LLC, our users, or the public.
5. Cookies & Tracking
We use strictly necessary cookies to make our site work, for example, to keep you logged in. For any analytics or performance cookies, we will ask for your explicit consent via our Consent Management Platform. You can manage your preferences at any time.
6. Data Retention & Security
Data Retention
We retain your data only as long as necessary. Here is a summary:
| Data Type | Retention Period |
|---|
| Account Information | Retained for the lifetime of your account, or until you request deletion. |
| User Content (Your Uploaded Files) | Your uploaded files are handled in two stages for your security and our compliance: - Operational Storage: Files are held in our secure, operational data bucket only for the duration of the data processing job. Immediately upon job completion (success or failure), files are removed from this active storage.
- Compliance Archive: For legal and compliance purposes, a copy of the input file is moved to a separate, highly restricted archive bucket where it is retained for a period of **90 days** before being permanently deleted by an automated lifecycle policy.
|
| Generated Content (Charts & Merged Files) | Generated artifacts like charts and merged data files are made available for download via a secure link that expires after **1 hour**. We do not retain these generated files long-term. |
| Log & Usage Data | Anonymized and aggregated for up to 90 days for system monitoring, security, and analytics. |
| Third-Party Auth Tokens (e.g., Google) | Authorization and refresh tokens are retained while the connection to the third-party service is active. They are deleted when you disconnect the service from your account or when you request account deletion. |
Data Security
We implement industry-standard administrative, technical, and physical security measures (including encryption in transit and at rest) to protect your information. However, no system is 100% secure, and we cannot guarantee absolute security.
7. Your Data Rights
Depending on your location, you have rights over your personal data. These may include the right to access, correct, delete, or restrict the processing of your data. To exercise your rights, please contact us at the email below. You can manage your account information directly in your account settings.
8. Children's Policy
Our Service is not intended for individuals under the age of 13. We do not knowingly collect personal information from children. If you believe we have, please contact us immediately.
