Privacy Policy

This Privacy Policy describes how PBI AI Agent ("we," "us," or "our") collects, uses, and protects your personal information when you use our PBI AI Agent for Power BI service ("the Service").

1. Information We Collect

1.1 Personal Information

We collect the following types of personal information:

Data Type	Purpose	Legal Basis
Email Address	License delivery, account management, support	Contract performance
IP Address	Security, fraud prevention, usage analytics	Legitimate interest
Browser Fingerprint	Fraud prevention, usage tracking	Legitimate interest
User Agent	Technical support, compatibility	Legitimate interest
Payment Information	Subscription billing (processed by Stripe)	Contract performance

1.2 Usage Information

We automatically collect information about your use of the Service:

• Query usage statistics and frequency
• AI model usage (which models you use)
• License validation events
• System performance metrics
• Error logs and debugging information

1.3 Information We Do NOT Collect

2. How We Use Your Information

2.1 Service Provision

We use your information to:

• Deliver and maintain the Service
• Generate and validate license keys
• Process payments and manage subscriptions
• Enforce usage limits and prevent abuse
• Provide technical support

2.2 Analytics and Improvement

We use aggregated, anonymized data to:

• Improve Service performance and reliability
• Understand usage patterns and feature adoption
• Plan infrastructure and capacity
• Develop new features and capabilities

2.3 Legal and Security

We may use your information to:

• Comply with legal obligations
• Protect against fraud and abuse
• Enforce our Terms of Service
• Respond to legal requests

3. Information Sharing and Disclosure

3.1 Third-Party Service Providers

We share information with trusted third-party providers:

• Stripe: Payment processing and subscription management
• Email Service Providers: For sending license keys and notifications
• Cloud Infrastructure: For hosting and data storage
• Analytics Services: For usage analytics and performance monitoring

3.2 AI Model Providers

Your query content is processed by third-party AI providers (OpenAI, Anthropic, Google) using your API keys. We do not share personal information with these providers - the processing occurs directly between you and them.

3.3 Legal Requirements

We may disclose your information if required by law or to:

• Comply with court orders or legal process
• Protect our rights and property
• Prevent fraud or abuse
• Protect the safety of users or the public

4. Data Security

4.1 Security Measures

We implement appropriate technical and organizational measures to protect your personal information:

• Encryption of data in transit and at rest
• Access controls and authentication
• Regular security audits and monitoring
• Secure hosting with reputable cloud providers
• Employee training on data protection

4.2 Data Retention

We retain your personal information for as long as necessary to:

• Provide the Service to you
• Comply with legal obligations
• Resolve disputes and enforce agreements
• Prevent fraud and abuse

5. Your Rights and Choices

5.1 Access and Correction

You have the right to:

• Access your personal information
• Correct inaccurate information
• Request information about how we use your data
• Receive a copy of your data in a portable format

5.2 Deletion and Restriction

You can request to:

• Delete your personal information
• Restrict processing of your data
• Object to processing based on legitimate interests
• Withdraw consent where applicable

5.3 Account Deletion

You can cancel your account at any time by:

• Canceling your subscription through the customer portal
• Contacting us directly

Upon account deletion, we will delete your personal information within 30 days, except where retention is required by law.

6. Cookies and Tracking

6.1 Cookies We Use

We use cookies and similar technologies for:

• Session management and authentication
• Usage analytics and performance monitoring
• Fraud prevention and security
• User experience optimization

6.2 Third-Party Cookies

Third-party services may set cookies:

• Stripe for payment processing
• Analytics providers for usage tracking
• Email services for delivery tracking

See our Cookie Notice for detailed information about cookies and how to manage them.

7. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure adequate protection through:

• Standard Contractual Clauses (SCCs)
• Adequacy decisions by regulatory authorities
• Other lawful transfer mechanisms

8. Children's Privacy

Our Service is not intended for individuals under 16 years of age. We do not knowingly collect personal information from children under 16. If you become aware that a child has provided personal information, please contact us immediately.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be notified by:

• Email notification to registered users
• Prominent notice on our website
• In-app notifications

Continued use of the Service after changes indicates acceptance of the updated Privacy Policy.

10. Contact Information

11. Regulatory Compliance

11.1 GDPR Compliance

For users in the European Union, we comply with the General Data Protection Regulation (GDPR). This includes:

• Lawful basis for processing personal data
• Data subject rights (access, rectification, erasure, etc.)
• Data protection by design and default
• Regular security assessments

11.2 Other Regulations

We also comply with applicable data protection laws in other jurisdictions, including:

• California Consumer Privacy Act (CCPA)
• Personal Information Protection and Electronic Documents Act (PIPEDA)
• Other applicable local privacy laws