Privacy Policy

1. Data Collection & Use

Types of Data Collected:

• User Profile Information: Username, email, and Microsoft ID (if applicable).
• Uploaded Content: Documents uploaded by users (e.g., PDF, DOCX, PPTX, CSV, Excel, images), including extracted text, summaries, and embeddings.
• Usage Data: API call logs, action logs (e.g., login, logout, document upload), session IDs, client IP address, user agent, and client type (web or add-in).

Purpose of Data Use:

• Account creation, authentication, and identification
• Delivering Giani.ai services (summarization, search, categorization)
• Monitoring service use, analytics, and fair use enforcement
• Debugging and performance optimization

Sensitive Personal Data:

• We collect name and email, which are PII.
• We process uploaded content as-is. If the content contains sensitive information, it is handled only for providing services and not analyzed separately.

Model Training:

Important: Giani.ai does not train any models on client data.

2. Data Storage & Retention

Data Storage:

• All data is stored in Microsoft Azure Blob Storage and PostgreSQL databases within Azure.
• Data residency preferences of clients are honored.

Data Retention:

• Data persists as long as projects exist in Giani.ai.
• Default deletion timeout is 12 months unless client specifies a different timeline.

Data Deletion:

• Users may delete projects at any time.
• Upon deletion, all related files, logs, embeddings are permanently deleted.
• Client-specific deletion timelines can be implemented.

Backups:

Data is backed up within Azure; deletion requests apply to backups.

Account Termination:

Data is retained for 12 months post-termination or as per client agreement.

3. Data Security Measures

Encryption:

• In Transit: All communication is encrypted over HTTPS.
• At Rest: Microsoft Azure provides encryption by default for Blob Storage and databases.
• PowerPoint add-in uses end-to-end encryption.

Access Controls:

• Data is accessed only via application logic on authenticated requests.
• Giani.ai personnel do not access individual documents unless necessary for abuse prevention or customer support.

Security Testing:

Basic Azure security assessments are planned.

Additional Protections:

Authentication uses JWTs with refresh token rotation.

4. Data Sharing & Transfers

Third Parties and Sub-Processors:

• Microsoft Azure: Data hosting, processing, and AI services.
• Anthropic and Google Gemini (Optional): Additional AI models. Usage is always disclosed to users.

Prohibited Providers:

Chinese LLMs (e.g., DeepSeek) are not used.

International Transfers:

Data remains within agreed geographical confines per client.

Disclosure:

We may disclose data to comply with legal requirements.

Monetization:

Important: Giani.ai does not sell or monetize user data.

5. Cookies and Tracking

Cookies Used:

• accessToken and refreshToken cookies are used for authentication.
• Cookies are HttpOnly, Secure, and SameSite=None.

Analytics and Tracking:

• Application tracks API usage, session activity, and feature usage via internal logging.
• Data is used only for service improvement and abuse prevention.

Opt-Out:

Tracking is essential for security and subscription monitoring; opt-out is not available.

Third-Party Trackers:

No external analytics or trackers are embedded.

6. User Rights & Controls

Access and Export:

• Project data is accessible within the Giani.ai platform.
• Full data export is not currently supported.

Correction:

Users may request updates to profile information by contacting customer support.

Deletion:

• Users can delete documents and projects at any time.
• For full account and data deletion, users must contact us at info@giani.ai.

7. Additional Information

Data Ownership:

Users retain full ownership of their uploaded content and derived results.

Age Restrictions:

Giani.ai is intended for professional adult users in B2B contexts only.

Policy Updates:

We may update this policy from time to time. Changes will be communicated via email or in-app notification.

Contact Information: