Interpretation and Definitions
Interpretation
Definitions
Collecting and Using Your Personal Data
Types of Data Collected
Tracking Technologies and Cookies
Use of Your Personal Data
Retention of Your Personal Data
Transfer of Your Personal Data
Delete Your Personal Data
Disclosure of Your Personal Data
Business Transactions
Law enforcement
Other legal requirements
Security of Your Personal Data
Children's Privacy
Links to Other Websites
Changes to this Privacy Policy
Contact Us

Privacy Policy

Effective Date: 31 March 2025

1. Introduction

Dynamiq (“we,” “us,” or “our”) is committed to protecting the privacy of individuals who visit our websites, use our applications and services (collectively, the “Services”), or otherwise engage with us. Our Services are designed for generative AI applications, data analysis, and related ML/AI workflows. This Privacy Policy describes how we collect, use, store, process, and share your information in compliance with the General Data Protection Regulation (GDPR), SOC 2 principles, and HIPAA requirements (if applicable).

By using or accessing our Services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree, please refrain from using our Services.

2. Scope

This Privacy Policy covers the data we collect (i) through our Services, (ii) from visitors to our websites or mobile applications, and (iii) through other related online or offline offerings.

Where we process personal data on behalf of a customer who is subject to GDPR or HIPAA, we act as a Data Processor or Business Associate (as applicable). In such cases, the customer remains the Data Controller or Covered Entity, and our data processing is governed by contractual agreements (e.g., Data Processing Addendum, Business Associate Agreement).

3. Information We Collect

Information You Provide to Us

  • Account Information: When you sign up for an account or subscribe to our Services, we collect information such as your name, email address, billing details, and any other necessary fields.
  • Communications: We may collect information when you contact us by email, support tickets, or other channels, including chat logs, feedback, or requests.

Information Collected Automatically

  • Cookies & Tracking Technologies: We use cookies, web beacons, and similar technologies to track usage of our websites and Services. This includes IP addresses, browser types, referring pages, and other device identifiers. For more details, please see Section 11, “Cookies and Tracking.”

Information from Third Parties

  • We may receive information about you from our service providers, partners, or other third parties, such as analytics or hosting providers, but only where these parties are legally allowed to share such data with us.

Protected Health Information (PHI)

  • In cases where our Services process PHI on behalf of healthcare providers or other Covered Entities, we adhere to HIPAA requirements, which include implementing appropriate administrative, physical, and technical safeguards.

4. Legal Basis for Processing (GDPR)

We collect and process personal data based on one or more of the following legal grounds:

  • Consent: Where you have given clear consent for us to process your personal data for a specific purpose.
  • Contract: Where processing is necessary for the performance of a contract to which you are a party (e.g., Terms of Service).
  • Legal Obligation: Where processing is necessary for compliance with a legal obligation.
  • Legitimate Interests: Where processing is necessary for the purposes of our legitimate interests (e.g., improving our Services), unless overridden by your data protection interests or fundamental rights and freedoms.

5. How We Use Your Information

  1. Provision and Maintenance of Services: To provide, troubleshoot, and improve our generative AI and ML/AI-related offerings.
  2. Account Management: To manage user accounts, process billing, and handle customer support.
  3. Communication: To respond to inquiries, send administrative messages, and provide updates or notices about our Services.
  4. Security and Fraud Prevention: To monitor, detect, and protect against fraudulent or malicious activities.
  5. Aggregated Analytics: To analyze trends, usage, and activities in connection with our Services, in an anonymized or aggregated manner.

6. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected or to comply with applicable legal obligations, contractual requirements, or legitimate business interests. Once the retention period has expired, we will securely delete or anonymize the data.

7. Your Rights (GDPR)

Subject to local laws, you have the following rights regarding your personal data:

  • Right of Access: The right to request confirmation of whether we process your personal data and a copy of such data.
  • Right to Rectification: The right to request correction of inaccurate or incomplete data.
  • Right to Erasure (“Right to be Forgotten”): The right to request the deletion of your personal data, subject to certain exceptions.
  • Right to Restrict Processing: The right to request the restriction of certain processing activities.
  • Right to Data Portability: The right to receive your personal data in a structured, commonly used, machine-readable format.
  • Right to Object: The right to object to processing of your personal data, including for direct marketing.
  • Right to Lodge a Complaint: If you are in the EU/EEA, you have the right to lodge a complaint with your local supervisory authority.

How to Exercise Your Rights

To submit a request to exercise any of the above rights, please contact us at legal@getdynamiq.ai. We may request proof of identity to verify and process your request.

8. Data Security

SOC 2 Compliance

We implement safeguards and controls aligned with SOC 2 principles (Security, Availability, Confidentiality, Processing Integrity, and Privacy) to protect the confidentiality and integrity of the personal data entrusted to us. Our measures include, but are not limited to:

  • Encryption: Data is encrypted at rest and in transit where feasible.
  • Access Controls: Role-based access controls and authentication mechanisms are in place to prevent unauthorized data access.
  • Monitoring and Audits: Regular security assessments, intrusion detection, and third-party audits to maintain compliance with our security obligations.

HIPAA Compliance

For protected health information (PHI), we follow HIPAA safeguards, including:

  • Administrative Safeguards: Policies and procedures to manage the selection, development, implementation, and maintenance of security measures.
  • Physical Safeguards: Controlled facility access, hardware security, and disposal procedures.
  • Technical Safeguards: Access control, audit controls, integrity checks, and transmission security measures for PHI.

9. Data Sharing and Subprocessors

We only share personal data with third parties under the following circumstances:

  • Service Providers (“Subprocessors”): We engage trusted third-party vendors to perform certain business-related functions (e.g., hosting, analytics, or email delivery). Each subprocessor is vetted for security and privacy practices, and we have Data Processing Agreements in place as required by GDPR.
  • Legal or Compliance Reasons: We may share data to comply with applicable laws, respond to lawful requests (e.g., subpoenas or court orders), or protect our legal rights.
  • Business Transfers: In connection with a corporate transaction, such as a merger, acquisition, or asset sale, your data may be transferred. We will notify you of any such transfer and any choices you may have regarding your information.

We maintain a list of current subprocessors (or the categories of subprocessors) upon request.

10. International Data Transfers

If we transfer personal data outside of the European Economic Area (EEA) to countries that may not provide the same level of data protection as your home jurisdiction, we implement appropriate safeguards, such as Standard Contractual Clauses (SCCs), and ensure an adequate level of protection.

11. Cookies and Tracking

We use Cookiebot by Usercentrics to manage user consent for cookies and tracking technologies on our website. When you visit our site, Cookiebot presents a cookie banner allowing you to opt in or out of different types of cookies (e.g., necessary, preferences, statistics, marketing).

Your cookie preferences are stored securely and can be modified at any time using the “Cookie Settings” link in the footer of our site.

You can view a full list of the cookies we use by visiting our Cookie Declaration.

12. Children’s Privacy

Our Services are not intended for individuals under the age of 13 (or 16 where applicable under GDPR). We do not knowingly collect personal data from children. If you believe a child under this age has provided personal data, please contact us immediately at legal@getdynamiq.ai,  and we will take steps to delete or anonymize the information.

13. Data Breach Notification

We maintain a security incident response policy. In the event of a personal data breach or PHI breach, we will notify affected individuals and/or relevant supervisory authorities (e.g., under GDPR or HIPAA) without undue delay and in accordance with applicable legal requirements.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we do, we will post the revised policy on our website and update the “Effective Date” above. We encourage you to review this page periodically for the latest information.

15. Contact Us

If you have any questions or comments about this Privacy Policy, or wish to exercise your rights, please contact us at:

Dynamiq
Attn: Privacy Officer
Dynamiq Technologies Inc., 1111B S Governors Ave STE 6798, Dover, DE 19904 US.
Email: legal@getdynamiq.ai

EU Representative

Pursuant to Article 27 of the General Data Protection Regulation (GDPR), Dynamiq Technologies, Inc. has appointed the following representative in the European Union:

Maria-Elena Tzanev
Email: mariaelena@getdynamiq.ai
Address: Milan, Italy

EU data subjects and supervisory authorities may contact our representative for any inquiries related to the processing of personal data under the GDPR.

Thank you for trusting Dynamiq with your data. We take your privacy and security seriously and are committed to continual improvement in compliance with GDPR, SOC 2, and HIPAA.

Dynamiq
HomeBook a demoPricingBlogDocumentationContact usCareers
Industries
Financial ServicesHealthcarePublic Sector
Product
AgentsWorkflowsKnowledge & RAGDeploymentsObservabilityGuardrailsFine-TuningCollaboration
Use cases
AI AssistantsKnowledge baseWorkflow automations
© 2024 Dynamiq Technologies. All rights reserved.
Privacy PolicyTerms of Service