Privacy Policy | TeraSystemsAI

Introduction

TeraSystemsAI ("Company," "we," "us," or "our") is committed to protecting the privacy and security of personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you visit our website, use our services, or interact with our AI systems and platforms.

As a provider of AI safety, governance, and healthcare AI solutions, we adhere to the highest standards of data protection, including compliance with the General Data Protection Regulation (GDPR), Health Insurance Portability and Accountability Act (HIPAA), California Consumer Privacy Act (CCPA), and other applicable international privacy laws.

Information We Collect

Personal Information You Provide

We collect information that you voluntarily provide to us, including:

Contact Information: Name, email address, phone number, company name, job title, and mailing address
Account Information: Username, password, and account preferences when you create an account on our platform
Communications: Information contained in messages you send us, including inquiry forms, support requests, and research collaboration proposals
Professional Information: Resume, CV, publication history, and other career-related information when applying for positions
Payment Information: Billing address and payment method details (processed securely through third-party payment processors)

Information Collected Automatically

When you access our website or services, we automatically collect certain information:

Usage Data: Pages visited, time spent, links clicked, search queries, and interaction patterns
Device Information: IP address, browser type and version, operating system, device identifiers
Location Data: General geographic location based on IP address
Cookies and Tracking Technologies: Session cookies, persistent cookies, and similar technologies to enhance user experience and analyze usage patterns

Information from Third Parties

We may receive information about you from third parties, including:

Research partners and academic collaborators
Healthcare institutions and clinical partners (with appropriate data use agreements)
Professional networking platforms (LinkedIn, GitHub) when you connect with us
Public databases and published research repositories

Healthcare and Clinical Data

For healthcare AI applications, we process Protected Health Information (PHI) only in accordance with HIPAA regulations and applicable business associate agreements. Clinical data used for AI model training and validation is de-identified in compliance with HIPAA Safe Harbor or Expert Determination standards unless explicit patient consent and IRB approval authorize identifiable data use.

How We Use Your Information

We use collected information for the following purposes:

Service Delivery and Improvement

Provide, maintain, and improve our AI platforms and services
Process transactions and deliver requested products or services
Respond to inquiries, provide customer support, and fulfill service requests
Conduct research and development to enhance AI safety and performance
Validate and calibrate AI models through rigorous testing protocols

Communication and Marketing

Send administrative information, updates, and security alerts
Provide information about new products, services, research publications, and events
Deliver targeted content and personalized recommendations
Conduct surveys and gather feedback to improve our offerings

Legal and Compliance

Comply with legal obligations, regulatory requirements, and law enforcement requests
Enforce our Terms of Service and other agreements
Protect our rights, privacy, safety, or property, and that of our users and the public
Detect, prevent, and address fraud, security issues, and technical problems

Research and Analytics

Analyze usage patterns and trends to improve user experience
Conduct statistical analysis and performance benchmarking
Generate de-identified, aggregated data for research publications and presentations
Evaluate the effectiveness of AI governance frameworks and safety protocols

How We Share Your Information

We do not sell your personal information. We may share information in the following circumstances:

Service Providers and Business Partners

We engage trusted third-party service providers to perform functions on our behalf, including cloud infrastructure providers (AWS, Azure, GCP), email service providers, analytics platforms, and payment processors. These providers are contractually obligated to protect your information and use it only for authorized purposes.

Research Collaborators

With your consent or as permitted by applicable data use agreements, we may share de-identified or aggregated data with academic institutions, research partners, and clinical collaborators for peer-reviewed research, joint publications, and scientific advancement.

Legal Requirements

We may disclose information if required by law, regulation, legal process, or governmental request, or when we believe disclosure is necessary to protect our rights, comply with judicial proceedings, enforce our policies, or protect the safety of users or the public.

Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control of your personal information.

With Your Consent

We may share information for purposes not described in this Privacy Policy when we have obtained your explicit consent.

Data Security

We implement industry-standard technical and organizational measures to protect personal information against unauthorized access, alteration, disclosure, or destruction. Our security practices include:

Encryption: Data in transit is protected using TLS/SSL encryption; data at rest is encrypted using AES-256 or equivalent standards
Access Controls: Role-based access control (RBAC), multi-factor authentication (MFA), and principle of least privilege
Infrastructure Security: HIPAA-compliant cloud infrastructure, secure data centers, regular security audits and penetration testing
Monitoring and Logging: Continuous monitoring, intrusion detection systems, and comprehensive audit logging
Employee Training: Regular security awareness training and strict confidentiality obligations for all personnel
Incident Response: Documented incident response procedures and breach notification protocols

While we strive to protect your information, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security but continually work to enhance our security posture.

Your Privacy Rights

GDPR Rights (European Economic Area)

If you are located in the EEA, you have the following rights under GDPR:

Right to Access: Request copies of your personal information
Right to Rectification: Request correction of inaccurate or incomplete information
Right to Erasure: Request deletion of your personal information under certain circumstances
Right to Restrict Processing: Request limitation on how we use your information
Right to Data Portability: Receive your information in a structured, machine-readable format
Right to Object: Object to processing based on legitimate interests or for direct marketing purposes
Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent

CCPA Rights (California Residents)

California residents have additional rights under the CCPA:

Right to Know: Request disclosure of categories and specific pieces of personal information collected
Right to Delete: Request deletion of personal information subject to certain exceptions
Right to Opt-Out: Opt-out of the sale of personal information (we do not sell personal information)
Right to Non-Discrimination: Not receive discriminatory treatment for exercising privacy rights

Exercising Your Rights

To exercise any of these rights, please contact us at privacy@terasystems.ai. We will respond to verified requests within the timeframes required by applicable law (typically 30 days for GDPR, 45 days for CCPA).

International Data Transfers

TeraSystemsAI is based in the United States. If you access our services from outside the U.S., your information may be transferred to, stored, and processed in the United States or other countries where our service providers operate.

For transfers from the EEA to the United States, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission and implement supplementary measures to ensure adequate protection. We ensure all international transfers comply with applicable data protection laws.

Data Retention

We retain personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Retention periods vary based on:

The nature of the information and purposes for which it is processed
Ongoing business relationships and service provision
Legal, regulatory, tax, accounting, or reporting requirements
Litigation or investigation needs
Consent withdrawal or opt-out requests

Clinical and research data may be retained for extended periods to support longitudinal studies, regulatory compliance, and scientific reproducibility, in accordance with applicable research ethics guidelines and institutional policies.

Cookies and Tracking Technologies

We use cookies, web beacons, and similar technologies to enhance user experience, analyze usage patterns, and deliver personalized content. You can control cookies through your browser settings and opt-out of certain analytics tracking.

For detailed information about our cookie practices, including types of cookies used and how to manage them, please refer to our Cookie Policy (available upon request at privacy@terasystems.ai).

Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child without parental consent, we will take steps to delete that information promptly.

Third-Party Links and Services

Our website may contain links to third-party websites, applications, or services. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any external sites you visit.

Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technologies, legal requirements, or other factors. We will notify you of material changes by posting the updated policy on our website with a revised "Last Updated" date. For significant changes, we may provide additional notice such as email notification or prominent website notice.

Your continued use of our services after changes become effective constitutes acceptance of the updated Privacy Policy.

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

TeraSystemsAI Privacy Office
Email: privacy@terasystems.ai
General Inquiries: contact@terasystems.ai
Address: Philadelphia, PA, United States

Data Protection Officer (DPO):
Email: dpo@terasystems.ai

EEA residents may also lodge a complaint with their local supervisory authority if they believe their rights under GDPR have been violated.