Privacy Policy

1. Introduction

Delios AI, Inc. ("Delios," "we," "us," or "our") is committed to protecting the privacy of our users. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you visit our website (delios.ai), use our products, or interact with our services.

By using our services, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use our services.

2. Information We Collect

2.1 Information You Provide

• Account Information: Name, email address, company name, job title, and phone number when you request a demo, create an account, or contact us.
• Payment Information: Billing details processed through our third-party payment processors. We do not store credit card numbers on our servers.
• Communications: Messages you send us via email, contact forms, or support channels.

2.2 Information Collected Automatically

• Usage Data: Pages visited, features used, actions taken within our platform, timestamps, and session duration.
• Device Information: Browser type, operating system, device identifiers, IP address, and general location (city/region level).
• Cookies and Tracking: We use essential cookies for site functionality and optional analytics cookies to improve our services. See Section 7 for details.

2.3 Biometric and Voice Data (Enterprise Product)

For customers using our enterprise identity verification products, we may process voice recordings and biometric data solely for the purpose of identity verification and threat detection. This data is:

• Processed in real time and not permanently stored unless explicitly configured by the enterprise administrator
• Encrypted at rest (AES-256) and in transit (TLS 1.3)
• Never sold, shared with third parties, or used for advertising purposes
• Subject to the enterprise customer's data processing agreement and retention policies

3. How We Use Your Information

We use collected information to:

• Provide, maintain, and improve our products and services
• Process transactions and manage your account
• Detect and prevent identity threats, deepfakes, voice clones, and fraudulent activity
• Send service-related communications (security alerts, product updates, billing notices)
• Respond to your inquiries and provide customer support
• Analyze usage patterns to improve user experience and product performance
• Comply with legal obligations and enforce our terms

We do not sell your personal information. We do not use your data for targeted advertising.

4. How We Share Your Information

We may share information with:

• Service Providers: Third-party vendors who help us operate our business (hosting, analytics, payment processing, customer support) under strict data processing agreements.
• Enterprise Customers: If you are an employee covered by an enterprise Delios deployment, your employer (as data controller) may access threat detection logs and security events related to your work communications.
• Legal Requirements: When required by law, subpoena, or government request, or to protect the rights, safety, or property of Delios, our users, or the public.
• Business Transfers: In connection with a merger, acquisition, or sale of assets, with notice provided to affected users.

5. Data Security

We implement industry-standard security measures including:

• AES-256 encryption at rest for all stored data
• TLS 1.3 encryption for all data in transit
• SOC 2 Type II audited infrastructure
• Role-based access controls with multi-factor authentication
• Regular penetration testing and vulnerability assessments
• Incident response procedures with 24-hour notification commitment

While we strive to protect your information, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.

6. Data Retention

We retain personal information for as long as necessary to provide our services and fulfill the purposes described in this policy. Specifically:

• Account data: Retained while your account is active, plus 30 days after deletion request
• Threat detection logs: Retained per enterprise customer configuration (default: 90 days)
• Biometric data: Processed in real time; stored only if configured by enterprise admin with defined retention period
• Marketing data: Until you unsubscribe or request deletion

7. Cookies

We use the following types of cookies:

• Essential Cookies: Required for site functionality (authentication, security, preferences). Cannot be disabled.
• Analytics Cookies: Help us understand how visitors interact with our site. Can be opted out of.

We do not use advertising or tracking cookies. You can manage cookie preferences through your browser settings.

8. Your Rights

Depending on your location, you may have the following rights:

• Access: Request a copy of the personal data we hold about you
• Correction: Request correction of inaccurate or incomplete data
• Deletion: Request deletion of your personal data
• Portability: Request your data in a structured, machine-readable format
• Objection: Object to certain processing of your data
• Restriction: Request restriction of processing in certain circumstances

To exercise these rights, contact us at privacy@delios.ai. We will respond within 30 days.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) for transfers outside the European Economic Area.

10. Children's Privacy

Our services are not directed to children under 13 (or 16 in the EEA). We do not knowingly collect information from children. The Delios Family plan protects minors through parental/guardian accounts only — children do not create accounts or provide data directly.

11. California Privacy Rights (CCPA/CPRA)

California residents have additional rights under the CCPA/CPRA, including the right to know what personal information is collected, the right to delete, and the right to opt out of the sale of personal information. We do not sell personal information. To make a request, contact privacy@delios.ai.

12. European Privacy Rights (GDPR)

If you are in the European Economic Area, our legal bases for processing include: contract performance, legitimate interests, consent, and legal obligations. Our Data Protection Officer can be reached at privacy@delios.ai.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. Continued use of our services after changes constitutes acceptance of the updated policy.

14. Contact Us

If you have questions about this Privacy Policy or our data practices:

Delios AI, Inc.
Email: privacy@delios.ai
Website: delios.ai