Privacy Policy

Last Updated: May 24, 2024

1. INTRODUCTION

Sonnet AI, Inc. (“Sonnet” or “we” or “us” or “our”) is committed to protecting the privacy of individuals who visit our websites (“Website Visitors”), use our services through a Subscriber’s Account (“Users”), and interact with our services in other ways. This Privacy Policy (the “Policy”) informs you of our practices regarding the collection, use, and disclosure of information we receive through our services, including our website located at www.sonnetai.com and any other websites that link to this Policy (collectively, the “Websites”), our software, mobile applications, content, and all other products and services offered by Sonnet (collectively, the “Services”). For the purposes of this Policy, the term “Subscriber” refers to an individual or an entity that has agreed to a Service Agreement for the use of our Services, including an individual representing the subscribing company, and the term “Account” refers to all Sonnet accounts or instances created by or on behalf of a Subscriber within the Service.

2. SCOPE OF THIS POLICY

This Policy outlines our handling practices and how we collect and use the Personal Information you provide during your online and offline interactions with us. As used in this Policy, “Personal Information” means any information that can be used to individually identify a person and may include, but is not limited to, name, email address, postal or other physical address, credit or debit card number, title, and other personally identifiable information.

3. INFORMATION WE COLLECT

Information You Provide to Us

When you use the Services or otherwise communicate with us, we collect information that you provide to us directly. This includes:

• Account and Registration Information: When you create an Account, we ask for and collect Personal Information such as your name, company name, email address, physical address, phone number, calendar data, meeting data, and any other information you choose to provide.
• Authentication Information: For Account authentication, we collect information such as your Account name, password, and any other information you decide to provide.
• Transaction Information: When you purchase a product or service, we collect information related to the transaction, including credit/debit card information.
• Communication Information: When you contact us, we collect information such as your name, company name, email address, physical address, phone number, and any other information you choose to provide.
• Other Submissions: We collect Personal Information from you when you submit web forms, participate in surveys, contests, promotions, sweepstakes, request customer support, or communicate with us.

Information Automatically Collected

We collect information automatically through the use of cookies, web beacons, and other tracking technologies. This includes:

• Device Data: Information about the devices you use to access our Services, including IP address, browser type, Internet service provider, referring/exit pages, operating system, date/time stamp, and clickstream data.
• Usage Data: Information about your usage of the Services, including actions taken, date and time, frequency, duration, quantity, quality, network connectivity, and performance information related to logins, clicks, messages, contacts, content shared, calls, use of video and screen sharing, meetings, cloud recording, and other feature usage information.
• Cookies and Similar Technologies: We use cookies and similar technologies to enhance your experience on our Websites. For more information, see the “Cookies and Similar Technologies” section below.
• Logs: We gather certain information and store it in log files when you interact with our Websites and Services. This includes IP addresses, browser type, ISP, URLs of referring/exit pages, operating system, date/time stamp, and clickstream data.

Information from Third Parties

We may receive information about you from third parties, such as:

• Social Media and Authentication Services: If you access our Services through a third-party service (e.g., Google, Microsoft), we may receive Personal Information from that service, such as your name, email address, and profile picture.
• Third-Party Service Providers: We may receive additional information about you from third-party service providers, such as demographic or interest attributes.

User-Generated Information

We collect and retain information you upload, provide, or create while using the Service, including:

• Meeting Information: Details about meetings, including title, invitation content, participants, meeting link, date, time, and duration. We collect activity recorded in the meeting, including third-party integrations and other participant information.
• Message Content: Information about messages, including sender and recipients, date, and time.
• Recordings: If you use a feature that allows for recordings, we collect and store information from you that you provide in connection with such use and through such recordings.

4. HOW WE USE YOUR INFORMATION

We use the information we collect for the following purposes:

• Providing and Improving Services: To provide, operate, maintain, and improve our Services.
• Account Management: To enable you to access and use the Services and to manage your Account.
• Transaction Processing: To process and complete transactions and send related information, including purchase confirmations and invoices.
• Communication: To send transactional messages, respond to your comments, questions, and requests, and provide customer service and support.
• Marketing and Promotions: To send promotional communications, including information about products and services, features, surveys, newsletters, offers, promotions, contests, and events.
• Analytics: To monitor and analyze trends, usage, and activities in connection with the Websites and Services.
• Security and Compliance: To investigate and prevent fraudulent transactions, unauthorized access to the Services, and other illegal activities, and to comply with our legal obligations.

5. SHARING OF INFORMATION COLLECTED

We share your information with third parties in the following circumstances:

• Service Providers: We share information with third-party service providers who provide hosting, maintenance, application development, backup, storage, payment processing, analytics, and other services for us.
• Compliance and Protection: We may disclose Personal Information in response to lawful requests by public authorities, to meet national security or law enforcement requirements, or to protect our rights, property, or safety.
• Business Transfers: In the event of a merger, acquisition, bankruptcy, or other business transaction, we may transfer your information to a successor organization.
• With Your Consent: We may share Personal Information with third parties when we have your consent to do so.

6. COOKIES AND SIMILAR TECHNOLOGIES

We use cookies and similar technologies to enhance your experience on our Websites, including:

• Strictly Necessary Cookies: These cookies are essential to provide you with the Services.
• Functional Cookies: These cookies allow us to remember your preferences and settings.
• Analytical and Performance Cookies: These cookies help us understand how you use our Websites and Services, and improve their performance.
• Advertising Cookies: These cookies are used to deliver relevant ads to you.

7. DATA RETENTION

We retain your Personal Information for as long as necessary to fulfill the purposes outlined in this Policy, or as required by law. When we no longer need your Personal Information, we will securely delete it.

8. YOUR RIGHTS

You have the following rights regarding your Personal Information:

• Access: You have the right to access the Personal Information we hold about you.
• Correction: You have the right to correct any inaccuracies in your Personal Information.
• Erasure: You have the right to request the deletion of your Personal Information.
• Object to Processing: You have the right to object to the processing of your Personal Information.
• Restrict Processing: You have the right to request the restriction of processing of your Personal Information.
• Portability: You have the right to receive your Personal Information in a structured, commonly used, and machine-readable format, and to request the transfer of your Personal Information to another controller.
• Withdraw Consent: You have the right to withdraw your consent to the processing of your Personal Information at any time.

To exercise these rights, please contact us at [email protected].

9. SECURITY

We use industry-standard security measures to protect your Personal Information. However, no method of transmission over the Internet or method of electronic storage is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security.

10. CHILDREN’S PERSONAL INFORMATION

Our Services are not directed to individuals under the age of 18. We do not knowingly collect Personal Information from children under the age of 18. If we become aware that a child under the age of 18 has provided us with Personal Information, we will take steps to delete such information.

11. INTERNATIONAL DATA TRANSFERS

Your Personal Information may be transferred to, and processed in, countries other than the country in which you are resident. These countries may have data protection laws that are different from the laws of your country. We will take appropriate safeguards to ensure that your Personal Information remains protected in accordance with this Policy.

12. ACCOUNTABILITY FOR ONWARD TRANSFER

When transferring personal data to a third party acting as an agent, we may:

• Transfer such data only for limited and specified purposes;
• Ensure the agent is obliged to provide at least a comparable level of privacy protection;
• Take reasonable steps to ensure effective processing consistent with our obligations;
• Request the agent to notify us if it determines it cannot provide the same level of protection;
• Upon notice, take reasonable steps to stop and remediate unauthorized processing;
• Provide relevant privacy provisions of its contract with the agent upon request.

13. COMPLIANCE WITH DATA PRIVACY FRAMEWORKS

We comply with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit: https://www.dataprivacyframework.gov/. We commit to cooperate and comply with the advice of the panel established by the EU data protection authorities (DPAs), the UK Information Commissioner’s Office (ICO), and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of personal data and human resources data received in reliance on the mentioned frameworks. We acknowledge that we are subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC) regarding privacy and data protection matters. Under certain conditions, individuals have the right to invoke binding arbitration.

14. CHANGES TO THIS POLICY

We may update this Policy from time to time. When we do so, we will make the updated Policy available on this page and indicate the date of the latest revision. Your continued use of the Services after any changes to this Policy will constitute your acceptance of such changes.

15. CONTACT US

If you have any questions about this Policy or our privacy practices, please contact us at:

Sonnet AI, Inc.
Attn: Privacy Officer
880 Harrison St, Suite 203
San Francisco, CA 94107
Email: [email protected]