Privacy Policy

1. Introduction

Aperture Technologies, Inc. ("Aperture," "we," "us," or "our") is committed to protecting the privacy and security of your personal information. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you visit our website, request a demo, or use the Aperture verified delivery platform and related services (collectively, the "Service").

By accessing or using the Service, you acknowledge that you have read, understood, and agree to the practices described in this Privacy Policy. If you do not agree with this Privacy Policy, please do not access or use the Service.

This Privacy Policy should be read together with our Terms of Service and any applicable Data Processing Addendum.

2. Information We Collect

2.1 Information You Provide Directly

We collect information that you voluntarily provide to us, including:

• Account Information: When you request a demo or create an account, we collect your name, email address, firm name, role, and firm type.
• Communication Information: When you contact our support team, submit inquiries, or otherwise communicate with us, we collect the content of those communications along with associated metadata.
• Payment Information: If you purchase a subscription, payment information (such as credit card number and billing address) is collected and processed by our third-party payment processor. Aperture does not store your payment card details on our systems.

2.2 Information Collected Automatically

When you access or use the Service, we automatically collect certain information, including:

• Log Data: IP address, browser type and version, referring URL, pages visited, and timestamps.
• Usage Data: Features used, query volume, session duration, and interaction patterns within the Service.
• Device Information: Operating system, device type, screen resolution, and unique device identifiers.
• Cookies and Similar Technologies: Information collected through cookies, web beacons, and similar tracking technologies as described in Section 7 below.

2.3 Information from Third Parties

We may receive information about you from third-party sources, including:

• Business Contact Information: From marketing partners and data providers to support our business development efforts.
• Publicly Available Professional Information: Professional details from publicly accessible sources such as company websites, professional networking platforms, and regulatory filings.

3. How We Use Your Information

We use the information we collect for the following purposes:

• Service Provision: To provide, operate, maintain, and improve the Service, including processing your requests, managing your account, and delivering verified output.
• Billing and Payments: To process transactions, send invoices, and manage your subscription.
• Product Improvement: To understand how users interact with the Service, identify trends, and develop new features and functionality.
• Customer Support: To respond to your inquiries, troubleshoot issues, and provide technical assistance.
• Security and Fraud Prevention: To detect, investigate, and prevent unauthorized access, security incidents, and fraudulent activity.
• Legal Compliance: To comply with applicable laws, regulations, legal processes, or enforceable governmental requests.
• Marketing: With your consent or where otherwise permitted by law, to send you information about our products, services, and events. You may opt out of marketing communications at any time.
• Aggregated Analytics: To create aggregated, de-identified data sets for internal analytics, benchmarking, and research purposes that do not identify any individual user.

4. How We Share Your Information

We may share your information in the following circumstances:

• Corporate Affiliates: With our parent company, subsidiaries, and affiliates for purposes consistent with this Privacy Policy.
• Service Providers: With third-party vendors who perform services on our behalf, including cloud hosting, email delivery, payment processing, and analytics. These providers are contractually obligated to use your information only as necessary to provide their services to us and in a manner consistent with this Privacy Policy.
• With Your Consent: When you have given us explicit consent to share your information with a specific third party.
• Professional Advisors: With our lawyers, auditors, accountants, and other professional advisors in connection with the services they provide to us.
• Legal Requirements: When we believe in good faith that disclosure is necessary to comply with applicable law, regulation, legal process, or governmental request, or to protect the rights, property, or safety of Aperture, our users, or the public.
• Business Transfers: In connection with, or during negotiations of, any merger, acquisition, sale of assets, financing, or transfer of all or a portion of our business to another entity. In such events, we will notify you before your personal information is transferred and becomes subject to a different privacy policy.

Aperture does NOT sell your personal data. We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

Aperture does NOT use Customer Data to train AI models. Your Customer Data and Content are not used to train, fine-tune, or improve general-purpose artificial intelligence models. This commitment is also reflected in our Terms of Service.

5. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.

• Account Data: Retained for the duration of your active subscription plus thirty (30) days following termination, after which it is deleted in accordance with our data retention policies.
• Demo Request Data: Retained for up to two (2) years from the date of submission, unless you request earlier deletion.
• Marketing Data: Retained until you opt out of marketing communications, after which your contact information will be added to our suppression list.
• Log and Usage Data: Retained in identifiable form for no longer than is necessary for security, analytics, and compliance purposes.

When personal information is no longer required, we securely delete or anonymize it in accordance with our data handling procedures.

6. Your Rights

6.1 Rights Under the GDPR (EEA, UK, and Switzerland)

If you are located in the European Economic Area, the United Kingdom, or Switzerland, you have the following rights under applicable data protection law:

• Right of Access: You may request a copy of the personal data we hold about you.
• Right to Rectification: You may request that we correct inaccurate or incomplete personal data.
• Right to Erasure: You may request the deletion of your personal data, subject to certain legal exceptions.
• Right to Restriction: You may request that we restrict the processing of your personal data in certain circumstances.
• Right to Data Portability: You may request to receive your personal data in a structured, commonly used, and machine-readable format.
• Right to Object: You may object to our processing of your personal data based on our legitimate interests.
• Right to Withdraw Consent: Where processing is based on consent, you may withdraw your consent at any time without affecting the lawfulness of processing carried out before withdrawal.
• Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority in the EU Member State of your habitual residence, place of work, or place of the alleged infringement.

6.2 Rights Under the CCPA (California Residents)

If you are a California resident, you have the following rights under the California Consumer Privacy Act and its amendments:

• Right to Know: You may request that we disclose the categories and specific pieces of personal information we have collected about you, as well as the sources, purposes, and third parties with whom we share it.
• Right to Delete: You may request the deletion of personal information we have collected from you, subject to certain exceptions.
• Right to Opt-Out: You have the right to opt out of the sale or sharing of your personal information. As stated above, Aperture does not sell personal data.
• Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights.
• Right to Correct: You may request that we correct inaccurate personal information that we maintain about you.

6.3 All Users

Regardless of your location, you may opt out of marketing emails at any time by clicking the "unsubscribe" link included in every marketing email we send, or by contacting us at privacy@runaperture.com.

To exercise any of the rights described above, please contact us using the information provided in Section 12 below. We will respond to your request within the timeframe required by applicable law.

7. Cookies and Tracking Technologies

We use cookies and similar technologies to operate and improve the Service. Our approach to cookies reflects our privacy-first principles:

• Essential Cookies: Deployed by default. These cookies are strictly necessary for the operation of the Service, including session management, authentication, and security. They cannot be disabled.
• Analytics Cookies: Deployed only with your consent. These cookies help us understand how users interact with the Service so that we can improve functionality and performance.
• Third-Party Advertising Cookies: We do not use third-party advertising cookies. Aperture does not serve ads and does not allow third-party advertisers to place cookies on the Service.

You may manage your cookie preferences at any time through your browser settings or the cookie preferences mechanism provided on our website. Please note that disabling essential cookies may impair the functionality of the Service.

8. Security

We implement robust technical and organizational measures designed to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit (TLS 1.2+) and at rest (AES-256);
• Session-level isolation to prevent cross-tenant data exposure;
• Access controls aligned with the principle of least privilege;
• Regular security assessments, penetration testing, and vulnerability scanning;
• Employee security training and background checks.

For a detailed description of our security practices, please refer to our Security Addendum, available upon request.

While we strive to protect your personal information, no method of transmission over the internet or method of electronic storage is completely secure. We cannot guarantee the absolute security of your information.

9. International Data Transfers

Aperture is headquartered in the United States. If you access the Service from outside the United States, your information may be transferred to, stored in, and processed in the United States or other countries where our service providers operate.

For transfers of personal data from the European Economic Area, the United Kingdom, or Switzerland to the United States, we rely on the following transfer mechanisms:

• EU-U.S. Data Privacy Framework: Aperture adheres to the EU-U.S. Data Privacy Framework, the UK Extension to the EU-U.S. Data Privacy Framework, and the Swiss-U.S. Data Privacy Framework as set forth by the U.S. Department of Commerce.
• Standard Contractual Clauses: Where the Data Privacy Framework does not apply, we use the European Commission's Standard Contractual Clauses (SCCs) as a lawful mechanism for cross-border data transfers.
• UK International Data Transfer Addendum: For transfers from the United Kingdom, we supplement the SCCs with the UK International Data Transfer Addendum issued by the UK Information Commissioner's Office.

You may request a copy of the relevant transfer mechanisms by contacting us at privacy@runaperture.com.

10. Children's Privacy

The Service is not directed to individuals under the age of eighteen (18). We do not knowingly collect, solicit, or maintain personal information from anyone under 18 years of age. If we become aware that we have collected personal information from a person under 18, we will take steps to promptly delete such information. If you believe that we may have collected information from a minor, please contact us immediately at privacy@runaperture.com.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes to this Privacy Policy, we will notify you by email (sent to the address associated with your account) or by posting a prominent notice on our website at least thirty (30) days before the changes become effective.

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of the Service after the effective date of any changes constitutes your acceptance of the updated Privacy Policy.

12. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

• Email: privacy@runaperture.com
• Mailing Address: Aperture Technologies, Inc., [Address Placeholder], United States
• EU Representative: [EU Representative Placeholder]
• Data Protection Officer: [DPO Placeholder]