PRIVACY POLICY

Table of Contents

• 1. Introduction and Scope
• 2. Data Controller Information
• 3. Categories of Personal Data We Collect
• 4. How We Collect Personal Data
• 5. Purposes and Legal Bases for Processing
• 6. Data Retention
• 7. International Data Transfers
• 8. Data Security Measures
• 9. Your Rights by Region
• 10. Cookies and Tracking Technologies
• 11. Third-Party Services and Links
• 12. Children's Privacy
• 13. Changes to This Policy
• 14. Contact Information
• 15. Region-Specific Provisions

1. Introduction and Scope

ZEKNEO Ai Inc. ("ZEKNEO," "we," "us," or "our") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website (https://www.zekneo.com), use our ZEKNEO Enterprise Translator devices, or interact with our services.

This Policy applies to:

• Visitors to our website and online services
• Customers and prospective customers of ZEKNEO products
• Users of ZEKNEO Enterprise Translator devices
• Business partners, vendors, and suppliers
• Job applicants and employees

By accessing our services or using our products, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with our policies and practices, please do not use our services.

2. Data Controller Information

For the purposes of applicable data protection laws, ZEKNEO Systems Inc. is the data controller responsible for your personal data.

Company Name: ZEKNEO Ai Inc.
Registered Address: 8, The Green, Ste A, Dover. DE 19901 - USA
Data Protection Officer: privacy@zekneo.com
General Inquiries: support@zekneo.com

3. Categories of Personal Data We Collect

3.1 Information You Provide Directly

• Contact Information: Name, email address, phone number, company name, job title, postal address
• Account Information: Username, password, account preferences
• Transaction Information: Billing address, payment card details (processed by secure third-party payment processors), purchase history
• Communication Data: Inquiries, feedback, support requests, and correspondence with us
• Professional Information: Business contact details, company size, industry sector

3.2 Information Collected Automatically

• Device Information: IP address, browser type, operating system, device identifiers
• Usage Data: Pages visited, time spent on pages, click patterns, referring URLs
• Location Data: Approximate geographic location based on IP address
• Log Data: Access times, error logs, diagnostic information

3.3 ZEKNEO Device Data

Our ZEKNEO Enterprise Translator devices are designed with privacy by design principles:

• No Conversation Storage: Audio and translation data are processed in real-time and are NOT stored on the device or transmitted to our servers after each session ends
• Ephemeral Processing: All conversation data is automatically cleared when a session ends or the device is powered off
• Device Diagnostics: We may collect anonymous device performance metrics (battery health, software version, error codes) to improve our products
• Firmware Updates: Connection data for over-the-air updates when devices are online

3.4 Sensitive Personal Data

We do not intentionally collect sensitive personal data (also known as special category data), including racial or ethnic origin, political opinions, religious beliefs, health data, or biometric data. If you use our translation devices in healthcare or legal settings, please note that the device does NOT store any conversation content.

4. How We Collect Personal Data

We collect personal data through the following methods:

• Direct Interactions: When you fill out forms, create accounts, make purchases, or contact us
• Automated Technologies: Cookies, pixels, and similar tracking technologies on our website
• Third Parties: Business partners, analytics providers, payment processors, and publicly available sources
• Device Connections: When ZEKNEO devices connect to our servers for updates or support

5. Purposes and Legal Bases for Processing

We process your personal data for the following purposes and legal bases:

6. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements.

6.1 Retention Periods

• Customer Account Data: Duration of account plus 7 years for legal compliance
• Transaction Records: 7 years from transaction date (tax and accounting requirements)
• Marketing Preferences: Until consent is withdrawn
• Support Tickets: 3 years from resolution
• Website Analytics: 26 months (anonymized thereafter)
• Device Conversation Data: NOT RETAINED - processed ephemerally and deleted immediately

6.2 Deletion and Anonymization

When personal data is no longer required, we will securely delete or anonymize it. You may request deletion of your personal data at any time, subject to legal retention requirements.

7. International Data Transfers

As a global company serving customers in Europe, Asia, the United States, and Brazil, we may transfer your personal data to countries outside your country of residence. We implement appropriate safeguards for such transfers:

7.1 Transfer Mechanisms

• Standard Contractual Clauses (SCCs): EU-approved contractual clauses for transfers outside the EEA
• Adequacy Decisions: Transfers to countries recognized by the European Commission as providing adequate protection
• Binding Corporate Rules: For intra-group transfers
• Supplementary Measures: Technical and organizational measures including encryption and access controls

7.2 Data Processing Locations

Our primary data processing facilities are located in:

• European Union (Primary): Frankfurt, Germany
• United States: Virginia, USA (with EU-US Data Privacy Framework certification)
• Asia-Pacific: Singapore

You may request information about the specific safeguards we apply to transfers of your data by contacting our Data Protection Officer.

8. Data Security Measures

We implement comprehensive technical and organizational measures to protect your personal data:

8.1 Technical Measures

• Encryption: TLS 1.3 for data in transit; AES-256 for data at rest
• Access Controls: Role-based access, multi-factor authentication, principle of least privilege
• Network Security: Firewalls, intrusion detection systems, DDoS protection
• Regular Audits: Penetration testing, vulnerability assessments, security audits

8.2 Organizational Measures

• Staff Training: Regular privacy and security awareness training
• Vendor Management: Due diligence and contractual protections for third-party processors
• Incident Response: Documented breach notification procedures
• Certifications: SOC 2 Type II, ISO 27001 (in progress)

8.3 ZEKNEO Device Security

• Air-Gapped Mode: Offline translation capability with no data transmission
• Ephemeral Processing: No conversation data stored after session end
• Secure Boot: Verified firmware integrity on startup
• Encrypted Updates: All OTA updates are cryptographically signed

9. Your Rights by Region

Depending on your location, you may have the following rights regarding your personal data:

9.1 European Economic Area (GDPR)

• Right of Access: Obtain confirmation of processing and access to your data
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your data (right to be forgotten)
• Right to Restriction: Limit how we use your data
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Object: Object to processing based on legitimate interests or for direct marketing
• Right to Withdraw Consent: Withdraw consent at any time without affecting prior processing
• Right to Lodge a Complaint: File a complaint with your local supervisory authority

9.2 United States (CCPA/CPRA - California)

• Right to Know: What personal information we collect, use, disclose, and sell
• Right to Delete: Request deletion of personal information
• Right to Correct: Correct inaccurate personal information
• Right to Opt-Out: Opt-out of sale or sharing of personal information
• Right to Limit Use: Limit use of sensitive personal information
• Right to Non-Discrimination: Equal service regardless of exercising privacy rights

We do not sell your personal information. We do not use or disclose sensitive personal information for purposes other than those permitted under CCPA/CPRA.

9.3 Brazil (LGPD)

• Confirmation of Processing: Confirm whether your data is being processed
• Access to Data: Access your personal data held by us
• Correction: Correct incomplete, inaccurate, or outdated data
• Anonymization, Blocking, or Deletion: For unnecessary or excessive data
• Data Portability: Transfer data to another service provider
• Deletion: Delete data processed with consent
• Information about Sharing: Know which entities your data is shared with
• Revocation of Consent: Revoke consent at any time
• Opposition: Object to processing that violates LGPD

9.4 Asia-Pacific Region

For users in Asia-Pacific jurisdictions, we comply with applicable local data protection laws including:

• Singapore PDPA: Personal Data Protection Act rights and obligations
• China PIPL: Personal Information Protection Law requirements
• Japan APPI: Act on Protection of Personal Information
• South Korea PIPA: Personal Information Protection Act

Specific rights may vary by jurisdiction. Please contact our Data Protection Officer for jurisdiction-specific information.

9.5 Exercising Your Rights

To exercise any of these rights, please contact us at:

Email: privacy@zekneo.com

We will respond to your request within the timeframes required by applicable law (generally 30 days for GDPR, 45 days for CCPA). We may request verification of your identity before processing your request.

10. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to enhance your experience and analyze website usage.

10.1 Types of Cookies

• Essential Cookies: Required for website functionality; cannot be disabled
• Performance Cookies: Help us understand how visitors interact with our website
• Functional Cookies: Remember your preferences and settings
• Marketing Cookies: Used to deliver relevant advertisements (with consent)

10.2 Managing Cookies

You can manage your cookie preferences through:

• Our Cookie Consent Banner: Displayed on first visit
• Browser Settings: Most browsers allow you to refuse or delete cookies
• Opt-Out Links: For third-party advertising networks

Please note that disabling certain cookies may affect website functionality.

11. Third-Party Services and Links

11.1 Service Providers

We engage third-party service providers to assist with our operations. These include:

• Payment Processors: Stripe, PayPal (PCI-DSS compliant)
• Cloud Infrastructure: AWS, Google Cloud Platform
• Analytics: Google Analytics, Mixpanel
• Customer Support: Zendesk, Intercom
• Email Services: SendGrid, Mailchimp

All service providers are contractually bound to protect your data and process it only as instructed.

11.2 External Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies.

12. Children's Privacy

Our services are not directed to individuals under the age of 16 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us immediately at privacy@zekneo.com and we will take steps to delete such information.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes:

• We will update the "Last Updated" date at the top of this Policy
• We will notify you via email (if you have provided one) or prominent website notice
• For material changes affecting your rights, we will seek fresh consent where required

We encourage you to review this Policy periodically. Your continued use of our services after any changes constitutes acceptance of the updated Policy.

14. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Data Protection Officer
ZEKNEO Ai Inc.
8, The Green, Ste A, Dover. DE 19901 - USA
Email: privacy@zekneo.com

For EU residents, you may also contact your local Data Protection Authority:

• UK: Information Commissioner's Office (ICO) - ico.org.uk
• Germany: Federal Commissioner for Data Protection (BfDI)
• France: Commission Nationale de l'Informatique et des Libertés (CNIL)

15. Region-Specific Provisions

15.1 European Union & United Kingdom

For users in the EU/UK, this Policy serves as our GDPR-compliant privacy notice. The legal basis for processing, data subject rights, and transfer mechanisms described above apply specifically to you. Our UK Representative can be contacted at: uk-representative@zekneo.com

15.2 California, USA

For California residents, this Policy also serves as our "Notice at Collection" under the CCPA/CPRA. In the preceding 12 months:

• Categories of personal information collected: Identifiers, commercial information, internet activity, geolocation, professional information
• We have NOT sold personal information
• We have NOT shared personal information for cross-context behavioral advertising
• Retention: As described in Section 6

California Shine the Light: California residents may request information about disclosure of personal information to third parties for direct marketing purposes. Contact us at privacy@zekneo.com.

15.3 Brazil

For Brazilian residents, this Policy complies with Lei Geral de Proteção de Dados (LGPD). Our processing of your data is based on the legal bases outlined in Section 5, which align with LGPD Article 7. You may exercise your rights under LGPD by contacting our Data Protection Officer. Our Brazilian Representative can be contacted at: brazil-representative@zekneo.com

15.4 People's Republic of China

For users in mainland China, we comply with the Personal Information Protection Law (PIPL). We process personal information in accordance with PIPL requirements, including obtaining separate consent for cross-border data transfers where required. Our China Representative can be contacted at: china-representative@zekneo.com

15.5 Singapore

For Singapore residents, this Policy complies with the Personal Data Protection Act (PDPA). You may access, correct, or withdraw consent for processing of your personal data by contacting our Data Protection Officer.