Enhance Your Models with RetineXAI

PRIVACY POLICY

Last updated: February 25, 2025

At RetineX AI Inc. (“we,” “us,” or “our“), we respect your privacy and are committed to protecting your personal data. This privacy notice explains how and why we may collect, store, use, and/or share (“process”) your information when you use our services (“Services“). This includes, but is not limited to, the following scenarios:

• Visiting our website at www.retinexai.com or any other website that links to this privacy notice.
• Engaging with us through sales, marketing, events, or other related activities.

We understand that your privacy is important. By reading this privacy notice, you will gain an understanding of your privacy rights and the choices you can make regarding your data. If you do not agree with our policies and practices, please refrain from using our Services.

If you have any questions or concerns, or would like more information, please feel free to contact us at team@retinexai.com.

1. Information Collection

Personal Information Provided by You

We collect personal information that you voluntarily provide to us.

When you use our Services, we may collect personal information that you provide to us directly. This includes when you register for our Services, express interest in our products or services, engage with features on our platform, or contact us for inquiries or support.

The personal information we collect depends on your interactions with us and the Services. The types of personal information we may collect include, but are not limited to:

• Names
• Email addresses
• Passwords
• Debit/credit card numbers (if applicable)
• Job titles
• Uploaded data

Sensitive Information: We do not intentionally collect or process sensitive personal information, and we strongly advise that you do not submit any sensitive information through our Services.

Payment Data: If you make purchases via our Services, we may collect payment-related data necessary for processing transactions (e.g., your payment instrument number and security code). However, all payment processing is handled by Stripe, and payment information is securely stored and processed by Stripe in accordance with their privacy policies. You can review Stripe’s privacy notice here: https://stripe.com/privacy.

Social Media Login Data: If you choose to register using a social media account (e.g., Facebook, X), we will collect certain information from your social media profile, as detailed in the section “How Do We Handle Your Social Logins?” below.

Please ensure that any personal information you provide is accurate, complete, and up to date. You are responsible for notifying us of any changes to your personal information.

Information Automatically Collected

Some information, such as your IP address and device details, is automatically collected when you use our Services.

When you access or use our Services, we automatically collect certain information, including device and usage data. This data does not directly identify you but may include details such as:

• Your IP address
• Browser and device characteristics
• Operating system
• Language preferences
• Referring URLs
• Device name and location
• Usage patterns and actions within the Services

This data is essential for ensuring the security and functionality of our Services and may be used for internal analytics and reporting purposes.

Cookies and Similar Technologies: We, like many businesses, use cookies and similar technologies to collect additional data. For more details about our use of cookies, please refer to our Cookie Policy.

Types of Information We Collect Automatically:

• Log and Usage Data: Our servers automatically collect service-related data when you access or use our Services. This includes diagnostic, usage, and performance data, such as IP addresses, device information, browser type, feature usage, and timestamps of actions you take. This data helps us monitor, maintain, and improve our Services.
• Location Data: We may collect location-based information from your device, which could be precise or imprecise. The extent of this data depends on your device’s settings. If you choose not to share your location data, you may opt out through your device’s location settings, though this may limit your ability to use certain features of our Services.

2. Processing Personal Information

We process your information to provide, enhance, and manage our administrative services, communicate with you, ensure security and fraud prevention, and comply with legal requirements. Additionally, we may process your information for other purposes with your consent.

We process your personal information for various purposes based on how you interact with our Services, including:

• Account Management and Authentication: We use your information to facilitate account creation and authentication and to ensure your account remains functional and secure.
• Service Delivery: Your information is processed to provide the services you request and ensure their smooth operation.
• User Support: We process your information to respond to inquiries, resolve issues, and provide support related to the services you use.
• Administrative Communication: We use your information to share important updates about our products, services, terms, policies, and other relevant details.
• User-to-User Communication: If you use features that enable interaction with other users, we process your information to support these communications.
• Feedback Requests: Your information may be processed to request feedback and learn about your experience with our Services.
• Marketing and Promotions: If permitted by your preferences, we process your information to send marketing and promotional materials. You can opt out of marketing emails at any time. For more details, refer to the “Your Privacy Rights” section below.
• Targeted Advertising: We may use your information to deliver personalized content and advertisements tailored to your interests and location. For more details, see our Cookie Notice: unitlab.ai/cookies.
• Protection of Vital Interests: In cases where it is necessary to prevent harm or protect an individual’s vital interests, we may process your information accordingly.

3. Data Transfer, Storage, and Security

Your personal information may be transferred and stored on computers located in jurisdictions outside your state, province, or country. Please note that the data protection laws in these locations may differ from those in your jurisdiction.

If you choose to share information with us, please note that we will transfer the data, including personal data, to https://aws.amazon.com/ for processing. To receive image data and provide annotated image files, we also utilize WeTransfer (https://wetransfer.com/), which is an internet-based file transfer service.

By giving your consent to this Privacy Policy and submitting your information, you agree to the transfer of your data.

Retinexai.com will take all reasonable steps to ensure that your data is handled securely and in accordance with this Privacy Policy. No transfer of your personal data will occur to any organization or country unless adequate controls are in place to protect your data and other personal information.

We take the security of your data very seriously. However, it is essential to acknowledge that no method of transmission over the internet or electronic storage can be considered entirely secure. While we are committed to implementing comprehensive measures to protect your personal data, we cannot provide an absolute guarantee of its security.

4. Data Sharing and Disclosure

We do not sell or rent personal data. However, we may share your information in the following situations:

• Service Providers: With third-party vendors assisting in service delivery (e.g., cloud storage, payment processors).
• Legal Compliance: If required by law, regulation, or legal proceedings.
• Business Transfers: In the event of a merger, acquisition, or asset sale.

5. Limitation of Liability

By using our Services, you acknowledge and agree that we are not liable for any risks associated with the use of the Services, including the processing of your personal information as described in this policy. While we take reasonable measures to secure your data, we cannot guarantee complete protection against unauthorized access or breaches. You are responsible for taking steps to protect your information as well, such as using strong passwords and monitoring your account activity.

We do not assume responsibility for any third-party actions, such as those of our payment processors or social media platforms, which may be governed by their own privacy policies. You agree to hold us harmless for any damages arising from the use of third-party services.

6. Legal Basis for Information Processing and Your Rights

We collect and process your personal information only when it is deemed essential and when we have a valid legal basis to support such actions under applicable law. This includes circumstances such as your consent, compliance with legal obligations, provision of services, fulfillment of contractual commitments, protection of your rights, and the pursuit of our legitimate business interests. We process personal data based on the following legal grounds:

• Consent: When you provide explicit consent for data processing.
• Contractual Necessity: When processing is required to fulfill our service agreement.
• Legal Obligation: When compliance with legal requirements is necessary.
• Legitimate Interest: When processing is necessary for business operations without overriding user rights.

We are committed to protecting your privacy and ensuring the security of your personal data. We comply with the California Consumer Privacy Act (CCPA), Virginia Consumer Data Protection Act (VCDPA), General Data Protection Regulation (GDPR) in the UK and EU, Personal Information Protection and Electronic Documents Act (PIPEDA) and other applicable data protection laws.

Data Collection and Processing Rights Under US Data Privacy Laws

For individuals located in the United States, this section is applicable to your circumstances.

As an internet-based service provider operating in the United States, we collect and process certain types of personal information in compliance with various state and federal data privacy laws, including the California Consumer Privacy Act (CCPA), Virginia Consumer Data Protection Act (VCDPA), and others. We have the right to collect personal information such as identifiers (e.g., name, email address, IP address), commercial information (e.g., transaction history), internet or network activity (e.g., browsing or search history), and other categories as permitted by applicable laws. The collection of this data is necessary to provide our services, ensure security, fulfill contractual obligations, and comply with legal and regulatory requirements. Users may have the right to access, correct, delete, or restrict the use of their data, depending on the specific laws applicable to their state of residence.

Under various US data privacy laws, including the California Consumer Privacy Act (CCPA), the Virginia Consumer Data Protection Act (VCDPA), and other state regulations, individuals have specific rights regarding their personal data:

• Right to Notice: The right to be informed about the collection, use, and sharing of personal data.
• Right to Access: The right to request and obtain a copy of the personal data collected about them.
• Right to Deletion: The right to request the deletion of personal data, subject to legal and contractual obligations.
• Right to Correction: The right to request correction of inaccurate personal data.
• Right to Opt-Out: The right to opt-out of the sale or sharing of personal data where applicable.
• Right to Data Portability: The right to obtain personal data in a structured, commonly used, and machine-readable format.
• Right to Non-Discrimination: The right to not be discriminated against for exercising data protection rights.

General Data Protection Regulation (GDPR)

For individuals located in the European Union or the United Kingdom, this section is applicable to your circumstances.

As an internet-based service provider, we have the right to collect and process certain types of personal information under GDPR to fulfill contractual obligations, provide necessary services, and comply with regulatory requirements. This includes collecting identifiers, usage data, and communication data essential for service functionality, security, fraud prevention, and improving user experience. We ensure that all data processing activities are conducted in accordance with the principles of lawfulness, fairness, transparency, and data minimization.

Under the General Data Protection Regulation (GDPR), individuals in the UK and EU have the following rights:

• Right to Access: You have the right to request access to your personal data and obtain a copy of the information we hold about you.
• Right to Rectification: You may request corrections to inaccurate or incomplete personal data.
• Right to Erasure (Right to Be Forgotten): You can request the deletion of your personal data under certain circumstances.
• Right to Restriction of Processing: You have the right to request limited processing of your data under specific conditions.
• Right to Object: You can object to the processing of your data when it is based on legitimate interests, direct marketing, or automated decision-making.
• Right to Data Portability: You can request to receive your personal data in a structured, commonly used, and machine-readable format.
• Right to Withdraw Consent: If processing is based on consent, you have the right to withdraw it at any time.
• Right to Lodge a Complaint: You can file a complaint with a supervisory authority if you believe your data rights have been violated.

Personal Information Protection and Electronic Documents Act (PIPEDA)

For individuals located in Canada, this section applies to your circumstances.

As a digital service provider, we are authorized under PIPEDA to collect and process specific personal information to deliver core services, enhance security, meet legal and regulatory obligations, and optimize service performance. This includes gathering identifiers, usage data, and communication records essential for fraud prevention, transaction verification, and overall service efficiency. We strictly adhere to principles of accountability, transparency, and data minimization to ensure responsible data management and protection.

Under the Personal Information Protection and Electronic Documents Act (PIPEDA) and other provincial privacy laws, individuals in Canada have the following rights:

• Right to Access: Request access to the personal data we hold about you.
• Right to Correction: Request corrections to any inaccurate or incomplete personal data.
• Right to Withdraw Consent: Withdraw consent for data collection and processing where applicable.
• Right to Data Portability: Request a copy of your personal data in a structured format where applicable.
• Right to Complain: Complain to the Office of the Privacy Commissioner of Canada (OPC) if you believe your data rights have been violated.
• Right to Be Informed: Be informed of the purposes for which your data is being collected, used, and shared.
• Right to Request Deletion: In certain circumstances, you have the right to request the deletion of personal data we hold about you.

For any inquiries or to exercise your rights under, contact us at team@retinexai.com .

7. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, and resolve disputes. Data is stored securely and deleted once it is no longer needed for these purposes. Retention periods may vary based on the type of data and applicable legal requirements. For instance, transaction records may be kept longer for financial and compliance reasons, while other data may be deleted within a shorter timeframe. Upon the expiration of the retention period, data will be securely deleted, anonymized, or archived under legal and regulatory requirements.

8. Service Providers

We may collaborate with various external organizations and individuals, referred to as “Service Providers,” to enhance and streamline the delivery of our services. These partners are engaged to perform specific services on our behalf, undertake service-related tasks, or assist us in thoroughly analyzing the usage patterns of our offerings.

The external parties entrusted with your personal data are granted access exclusively for the purpose of fulfilling these responsibilities. They are bound by contractual obligations to ensure that your information remains confidential and is not disclosed or utilized for any other reasons.

9. Connections to External Resources

Our service may include links to external websites that are not operated by our organization. If you choose to click on a third-party link, you will be directed to that external site. We strongly recommend that you review the privacy policies of each website you visit to understand their practices.

Please be aware that we do not have control over, nor do we assume responsibility for, the content, privacy policies, or practices of any third-party sites or services. Thank you for your attention to this matter.

10. Children’s Privacy

Our services are not designed for individuals under the age of 13.

We do not intentionally gather personally identifiable information from minors under 13. If you learn that a child has shared personal data with us, please contact us. Should we find out that we have obtained personal data from children without confirming parental consent, we will implement suitable actions to delete that information from our servers.

11. Updates to This Policy

We may update this Privacy Policy periodically. Any changes will be communicated through our website. Continued use of our services after updates constitutes acceptance of the revised policy.

12. Review, Update, or Delete Your Personal Information

Depending on the data protection laws applicable in your country or state of residence within the United States, you may have the right to request access to the personal information we have collected about you. This includes obtaining details on how your data has been processed, requesting corrections for inaccuracies, or requesting the deletion of your personal information. Additionally, you may have the right to withdraw your consent for data processing. However, these rights may be subject to limitations imposed by relevant laws. To request a review, update, or deletion of your personal information, please contact us at team@retinexai.com.

Where can I get further information?

If you have any questions or concerns about our use of cookies or this Cookie Policy, please contact us at: team@retinexai.com or by post to 100 N Central Expy, Ste 914, Richardson, TX