Skip to main content
Legal

Privacy Policy

Last updated: April 1, 2026

1. Information We Collect

We collect the following categories of information:

  • Account Information: Name, email, company name, job title when you register
  • Business Data: ERP, CRM, and SCM data you upload for integration and analytics
  • Usage Data: Platform interactions, feature usage, and session information
  • Payment Information: Processed securely through Stripe; we do not store card numbers
  • AI Interactions: Conversations with Canaan AI to improve response quality

2. How We Use Your Information

  • Providing and operating the platform services
  • Processing data integrations and generating analytics
  • Delivering AI-powered insights through Canaan
  • Communicating about your account, updates, and support
  • Improving platform performance and user experience
  • Ensuring platform security and preventing fraud

3. Data Protection & Security

We implement enterprise-grade security measures including:

  • AES-256 encryption for data at rest
  • TLS 1.3 for data in transit
  • JWT-based authentication with token rotation
  • Brute-force protection on authentication endpoints
  • Role-based access control (RBAC)
  • Regular security audits and penetration testing

4. Data Sharing

We do not sell your data. We share information only with:

  • Service Providers: Stripe (payments), cloud infrastructure providers
  • AI Processing: Anonymized data may be processed by AI providers for response generation
  • Legal Requirements: When required by law, court order, or government regulation

5. Data Retention

Account data is retained for the duration of your subscription plus 90 days. Business data uploaded for integration is retained as long as your subscription is active. You may request data deletion at any time through your account settings or by contacting support.

6. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access and receive a copy of your personal data
  • Rectify inaccurate personal data
  • Request deletion of your personal data
  • Object to or restrict processing of your data
  • Data portability (receive your data in a structured format)
  • Withdraw consent at any time

7. Compliance

Our platform is designed to comply with SOC 2 Type II, ISO 27001, GDPR, CCPA, and HIPAA (for healthcare clients on Platinum tier). Enterprise agreements may include additional compliance commitments.

8. Cookies

We use essential cookies for authentication and session management. We do not use third-party tracking cookies. Analytics are collected server-side without personal identifiers.

9. Changes to This Policy

We may update this Privacy Policy periodically. Changes will be posted on this page with an updated "Last updated" date. Continued use of the Service after changes constitutes acceptance.

10. Contact Us

For privacy inquiries: privacy@globalindustrysolutions.com

Data Protection Officer: dpo@globalindustrysolutions.com