1. Scope
This Policy applies to personal information we process when you visit our websites (e.g., purestamp.stelrai.com, stelrai.com), sign up, use PureStamp or PureVector, or interact with us. It does not apply to third-party services (e.g., AWS, Pinecone), which have their own policies.
2. Information We Collect
Account & Billing
- Contact details (name, email, company, role).
- Subscription and plan information (e.g., Free, Pro, Enterprise via AWS Marketplace or direct).
Service & Technical
- API identifiers (API key ID/value), AWS Marketplace customer identifiers, and usage events (e.g.,
issue,verifycounts). - Log data (timestamps, request IDs, IP addresses, user agent, device info like OS and browser type).
- Operational metadata (hashes, watermark tokens, third-party watermark detection flags).
Content You Provide
- Files, text, embeddings, and metadata submitted for watermarking or verification. We process these to provide the Service and may store watermarked artifacts and receipt metadata based on your configuration.
Cookies & Similar Technologies
Our websites use cookies for essential functions (e.g., session management) and anonymized analytics. You can manage preferences via browser settings.
3. Sources of Information
- Directly from you (e.g., forms, uploads, API calls).
- From authorized administrators (e.g., enterprise account managers).
- Automatically from Service usage (e.g., logs, metrics).
- From AWS Marketplace (e.g., customer identifier, subscription status).
- From third-party authentication providers (e.g., AWS IAM SSO).
4. How We Use Information
- Provide, operate, and improve the Service, including AI models for watermarking and verification (you may opt out of model training).
- Issue and verify watermarks, detect third-party marks, and generate receipts.
- Authenticate and secure accounts, prevent misuse, and detect fraud.
- Meter usage and facilitate billing (e.g., via AWS Marketplace).
- Communicate product updates, support responses, compliance notifications, and security notices.
- Comply with legal obligations and enforce our Terms of Service.
6. Data Retention
We retain account data for the duration of your contract plus 90 days, and log data for 12 months, unless legally required otherwise. Content is retained based on your configuration (e.g., watermarked artifacts). Request deletion by contacting privacy@stelrai.com.
7. Security
We implement industry-standard measures, including AES-256 encryption for data at rest, TLS 1.3 for data in transit, and AWS KMS for cryptographic signatures. No system is 100% secure; you must safeguard your API keys and report breaches to security@stelrai.com within 72 hours.
8. Your Choices & Rights
Under laws like GDPR or CCPA, you may have rights to access, correct, delete, port, or restrict processing of your data. We respond to requests within 30 days. Contact privacy@stelrai.com. Enterprise users should first contact their account administrator.
9. International Transfers
We process data in the United States and other regions, using Standard Contractual Clauses (SCCs) for EU/UK transfers and complying with US adequacy frameworks (e.g., Data Privacy Framework) where required.
10. Children’s Privacy
The Service is not directed to children under 13. If we discover personal information from children, we will delete it promptly. Contact privacy@stelrai.com to report concerns.
11. Changes to this Policy
We may update this Policy, posting the effective date and providing 30-day notice via email or website banners for material changes. Continued use after changes constitutes acceptance.
12. Contact Us
STELR AI, Inc.
123 AI Way, Wilmington, DE 19801
Email: privacy@stelrai.com
Data Protection Officer: dpo@stelrai.com