Darrow.AI – Privacy Policy

Last Updated: April 30, 2024

General

Darrow AI, Inc., its subsidiaries, and affiliates, including Darrow.AI Ltd. (together – “Darrow” or “Company“) develops an AI-powered justice Intelligence platform and operates the website www.darrow.ai, its subdomains and its related services and features (“Website”, collectively – the “Services”).

We are dedicated to protecting your privacy rights and making our practices regarding the processing of your personal data more transparent and fair. This Privacy Policy (“Policy”) was designed to help you understand the information we collect, store, use and share, and it applies whenever you visit, install, or interact with our Services. Please note that parts of this Policy may not be applicable to you, depending on the jurisdiction in which you reside and the applicable laws.

Scope: This Privacy Policy applies only to the information we collect in connection with your use of the Website, including when you register to receive more information about our Services and when you submit your candidate information for career opportunities at Darrow.

This Privacy Policy supplements and shall be read in conjunction with our Website Terms of Use (the “Terms”) and our Cookie Policy (the “Cookie Policy”), and may be supplemented by additional privacy statements, terms or notices provided to you.

We strongly urge you to read this Policy and make sure that you fully understand and agree to it. If you do not agree to this Policy, please discontinue and avoid using our Services. You have the right to cease using our Services at any time, pursuant to this Policy and our Terms. You are not legally required to provide us with any personal data, but without it we will not be able to provide you with the best experience of using our Services.

01. What types of data we collect?

We collect personal data from you, meaning any information which potentially allows, alone or together with other data, the identification of an individual with reasonable means (for example, email address or name, collectively “Personal Data“). This section sets out how and when we collect and process Personal Data about you.

1.1 Information received directly from you:
We collect information which you provide us voluntarily. For example, when you request to receive communications from us or when you otherwise contact us directly via the Website:

punkt

User Data: If you choose to receive a Service that requires to log-in to your account via the Website, we may collect your personal data in respect of your engagement with the respective Service, such as your user account credentials, your business needs and preferences.

punkt

Communication Information: When you send us an email, or contact us via the support or the PlaintiffLink page, or submit any other contact form  within our Services, we collect the Personal Data you provide us. This includes your name, email address and any other information you choose to provide.

punkt

Personal details that you provide us in connection with your request to receive our communication and updates;

punkt

Candidates Information: When you apply for employment opportunities at Darrow within our Services, we collect the Personal Data you provide us.

punkt

We work with data processors to whom we have instructed to collect, store and process Personal Data on our behalf for the purposes of providing our services, for example, Comeet, as a recruiting and applicant tracking platform (“Platform”) in order to handle your Personal Data as a candidate.

punkt

Personal Data processed: This may include your full name, phone number, email address, address, CV or resume and at your option (including information such as skills, work experience, education), links to your LinkedIn profile and details of your occupational preferences, information about your candidacy and employment options (such as salary expectation), the source who submitted your candidacy (e.g., recruiting agency, headhunters, referral),  your interviews including call and video recordings, evaluations of your candidacy, internal discussions within the recruiting agency, our responses to questionnaires and other information or materials you or other parties (such as references, evaluators or background check providers) submitted in relation to your candidacy.

punkt

We may also collect, store and use the following types of sensitive Personal Data (the purposes for which we process this are set out at paragraph 3.2 below):

punkt

Background check information, credit, drug/alcohol and/or other checks, only where permitted by law, and information received during these checks;

punkt

Providing some of the personal data listed above is voluntary (e.g., information about your ethnicity, health conditions, religious beliefs, and sexual orientation). In relation to other information that is important for our consideration of your application (such as evidence of qualifications or work history), we will not be able to process your application successfully if you do not provide that information.

punkt

Providing some of the personal data listed above is voluntary (e.g., information about your ethnicity, health conditions, religious beliefs, and sexual orientation). In relation to other information that is important for our consideration of your application (such as evidence of qualifications or work history), we will not be able to process your application successfully if you do not provide that information.

punkt

Providing some of the personal data listed above is voluntary (e.g., information about your ethnicity, health conditions, religious beliefs, and sexual orientation). In relation to other information that is important for our consideration of your application (such as evidence of qualifications or work history), we will not be able to process your application successfully if you do not provide that information.

punkt

We will retain your Personal Data for as long as we need it to assess you as a candidate or as long as we have a valid legal basis. In some instances, we may retain your information to consider you for future opportunities at the Company which may be of interest to you. If you do not want us to retain your information, please contact us at legal@darrow.ai.

03. Why we process your personal data?

This section explains for what purposes we use your Personal Data and outlines the legal bases that underlie our usage.

Purpose

Legal basis under GDPR (if applicable)

Provision and operation of our Services; Support. We use your Personal Data, such as your name and email address, to provide you with our Services and provide customer support. This includes, for example, allowing you to log-in or responding to your inquiries.

The legal bases for processing this data are the performance of our contractual  obligations towards you; your consent (for example, when you provide Personal Data); and our legitimate interests. Our legitimate interests in this case are provision of our Services and supporting our customers.

Improve our Services. We collect and analyse Personal Data about you and your usage of our Services for the purposes of usability, quality, functionality and effectiveness of our Services and their user experience.

The legal basis for processing this data is our legitimate interest. Our legitimate interests in this case are providing and improving, developing and maintainig our Services.

Anonymize or de-identify your Personal Data, create cumulative data that is non-personal, which we might make use in order to operate and improve our Services, and for research purposes.

The legal basis for processing this data is your consent (when required) and our legitimate interests. Our legitimate interests in this case are providing and improving our Services.

Communicate with you, notably when you contact us or submit a request to us.

The legal bases for processing this data are your consent (where required) and our legitimate interests. Our legitimate interests in this case are providing you with the requested services.

Marketing and Advertising. We use your Personal Data in order to provide you with advertisements, updates, notices, notifications, newsletters and additional information when you visit our Services, including personalized and non-personalized advertising.

The legal bases for processing this data are your consent (when required) and our legitimate interests. Our legitimate interests in this case are providing you with tailored services, content and advertisements that better correspond with your interests.

Optional Recruitment. We process your Personal Data as part of our  receipt of applications for employment opportunities at Darrow.

The legal basis for processing this data are your consent (when required). Processing is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract; Our legitimate interest in this case is recruitment management.

Integrity. We process certain information about you and your usage of our Services in order to keep the integrity and security of our Services, identify your identity and enforce our policies.

The legal bases for processing this data are compliance with our legal obligations and our legitimate interests. Our legitimate interests in this case are keeping the integrity of our Services; detection of fraudulent activities; and the safety of our end-users.

Compliance with applicable laws; assistance to law enforcement agencies; response or defend against legal proceedings. We process your personal data in order to comply with our legal obligation under applicable laws.

The legal bases for processing this data are compliance with our legal obligations and our legitimate interests. Our legitimate interests in this case are compliance with our legal obligations and assisting law enforcement agencies.

Protect and enforce our rights, privacy and security, prevent fraud  or other illegal activity, safety of our systems, users and property, or those of other persons or entities, conduct audits, defend legal claims and resolve disputes.

The legal basis for processing this data is your consent (when required) and our legitimate interests. Our legitimate interests in this case are protecting our Services.

04. With whom we share your personal data?

4.1 We disclose your Personal Data as described below:

punkt

Service providers:

Our service providers that serve in facilitating and enhancing our Services, work on our behalf and may need access to certain Personal Data in order to provide their services to us. These companies include, but are not limited to, hosting services, analytics services, Website functionality and operation services, marketing services, identity verification providers, recruiting and applicant tracking platform for handling recruitment processes including but not limited to, Comeet (who provide us with the candidacy platform) etc. These service providers are authorized to use your Personal Data as necessary to provide these services or as otherwise authorized by us. Third party advertisers:

We partner with third parties to either display or to manage our advertising on other websites or apps. Our third-party advertisers use Tracking Technologies to gather information about your activities on our Services and other websites and apps in order to provide you advertising based upon your browsing activities and interests

We partner with third parties to either display or to manage our advertising on other websites or apps. Our third-party advertisers use Tracking Technologies to gather information about your activities on our Services and other websites and apps in order to provide you advertising based upon your browsing activities and interests

punkt

Compliance with laws and assistance to law enforcement agencies:

We may disclose your Personal Data to government or law enforcement officials or private parties. The disclosure will be made in our sole discretion, as we believe it necessary or appropriate to respond to claims and legal procedures (including but not limited to subpoenas), to protect our or a third party’s property and rights, to protect the safety of the public or any person, or to prevent or stop any activity we consider to be, or to pose a risk of being, illegal, unethical, inappropriate or legally actionable. We also may be required to disclose an individual’s Personal Data in response to a lawful request by public authorities, including meeting national security or law enforcement requirements.

08. Transfer your personal data

We operate globally, thus any information that we collect, disclose or share, including your Personal Data, can be stored and processed in various jurisdictions around the world, including (but not limited to) the European Economic Area, the United States, Israel,  for the purposes detailed in this Policy.

However, to the extent that the GDPR is applicable, we will only transfer or share your Personal Data to data recipients

1. located in the EEA;
2. located in non-EEA countries which have been approved as providing adequate level of data protection; or
3. who entered into legal agreements ensuring an adequate level of data protection.

15. Contact us

If you have any further questions, please contact us by email at: contact@darrow.ai.

Location

Yitzhak Sadeh St. 8, 21st Floor. Tel Aviv-Yafo, Israel.

Torch

Welcome to Darrow AI, Inc. and its affiliates (the "Company", "we", "us" and "our") privacy policy for users of our web-browser add-on as described below (the "Policy"). Please read this Policy carefully and ensure you fully understand and agree to it.

This Policy applies to our registered users (each, a “user”, "you") when they use or interact with Torch, our web-browser add-on, which is intended to assist users with legal workflows, or other associated services, features and functionality all as further described on Company’s website and documentation, as well as any electronic communications exchanged between us (the "Service", or "Torch").

while you are using the Service, Torch interacts with your web-browser and performs analysis of the content you display on the browser, as referenced in your prompt; such content may include without limitations, webpages, images and documents, required to process contextual information relevant to your tasks (e.g., visited legal databases), which may be transmitted to our backend systems in order to deliver accurate, real-time responses to your requests. We are committed to minimizing the data we collect, avoiding sensitive information where possible, and providing users with clear controls over how their data is handled, as specified in this Policy.

The Policy describes our practices regarding the collection, use and disclosure of the information we collect from and relating to you when you use the Service.  

This Policy supplements and shall be read in conjunction with our Terms of Service (the “Terms of Service”), and may be supplemented by additional privacy statements, terms or notices provided to you. Capitalized terms which are not defined herein, shall have the meaning ascribed to them in our Terms of Service. This Policy is not intended to override the terms of any contract you have with us, nor any rights you may have under other applicable data privacy laws.

We will not collect or use personal information for purposes other than those described in this Policy, our Terms of Service, and/or any other legal instrument in effect between us.

We strongly urge you to read this Policy and make sure that you fully understand and agree to it. If you do not agree to this Privacy Policy, please discontinue and avoid using our Service. You have the right to cease using our Service at any time, pursuant to this Policy and our Terms of Service. You are not legally required to provide us with any personal information, but without it we will not be able to provide you with the Service.

By using the Service, you consent to the collection, use, and processing of your information as described in this Privacy Policy. You also acknowledge that you have read and understood the terms of this Policy, including your rights and the choices available to you regarding your personal information. If you do not agree to be bound by this Policy, you should exit and cease all use of the Services.  If you wish to revoke your consent, please contact us at contact@darrow.ai.

Access Restrictions for EEA Users: Access to our Service is restricted to users located in the European Economic Area (EEA). By using our Service, you confirm that you are not located in the EEA. We do not offer, market or intend to offer our Service to individuals within the EEA and any such use is unauthorized.

For the purposes of this Policy, 'Personal Information' shall mean any information that identifies, relates to, describes, or could reasonably be linked, directly or indirectly, to a natural person, or as defined by applicable privacy laws. This includes, among others, details like name, contact details, IP address, device IDs, location, but also encompasses information derived from inferences and insights about you, such as your purchase habits, preferences, and interests. Personal Information does not include aggregated or deidentified information that is not reasonably capable of being associated with or linked to a specific natural person.

Specifically, this Privacy Policy describes–
1. What Types Of Data We Collect?
2. Tracking Technologies
3. Why We Process Your Personal Information ?
4. With Whom We Share Your Personal Information ?
5. Marketing And Advertising
6. Your Rights
7. Transfer Of Personal Information
8. How We Protect Your Personal Information ?
9. Minors
10. Retention
11. Updates To This Policy
12. Controlling Version
13. Governing Law
14. Contact Us

01. What types of data we collect?

This section sets out how and when we collect and process Personal Information about you.

1.1 Information received directly from you:
We collect information which you provide us voluntarily. For example, when you request to receive communications from us or when you otherwise contact us via the Service

1.2 Data you provide to us:

punkt

Account Information: When you create an account with us, we will collect information associated with your account, including your name, contact information, account credentials, payment and billing information (such as credit card information, banking information or a billing address), contractual details and transaction history, as well as any needs, preferences, attributes and insights relevant to our engagement.

punkt

Registration via Google Account. You may choose to register for the Service using your Google account credentials. If you do so, we will receive limited Personal Information from Google, such as your name, email address (as permitted by your Google account settings), in order to authenticate you.

punkt

This information is used solely to create and manage your account, authenticate your access to the Service, and personalize your experience. We do not access your Google account password or any other data beyond what is explicitly shared with us during the authentication process.

punkt

Your use of the Google login option is subject to Google’s own privacy policy and terms of service.

punkt

Other Information You Provide: We collect other information that you may provide to us, such as when you participate in our events or surveys, or provide feedback to us.

punkt

Registration via Google Account. You may choose to register for the Service using your Google account credentials. If you do so, we will receive limited Personal Information from Google, such as your name, email address (as permitted by your Google account settings), in order to authenticate you.

1.3  Communication Information:

punkt

When you send us an email or contact us via the support, including through bot, we collect the Personal Information you provide us.

punkt

We may monitor and record phone calls, e-mails, live chats, or other communications between you and our customer service representatives or other Company representatives.

punkt

Personal Information that you provide us in connection with your request to receive our communication and updates.

1.4  Communication Information:
When you visit, use, or interact with the Service, we receive the following information about your visit, use, or interactions:

Users Interactions with the Service in their browser

punkt

Any prompt text you enter and information about buttons that you select while interacting with the Service.

punkt

When the Service is active in your browser, metadata is generated that provides additional context about the way you use the Service. For example, while you are using the Service, i.e. when you ask a question in the Service chatbot while referring to the content currently open in your browser, the Service may collect and analyze information based on your browser interactions, such as visited URLs, page titles and content, links, images, features and content you view or interact with, the types of files shared and what third-party services are used by you, your work on a document on the browser (e.g. the content of the document, creating a summary, editing, adding comments, translating the content etc.), your prompt and the Service's response. We refer to the above user’s interactions with the Service and browser, including the prompt and the Service’s response to that prompt, as the user's "activity history".

punkt

This information is used to deliver accurate, real-time responses to your requests, to enhance your experience, improve the functionality of the Service, and to train foundation models of the Service in accordance with the purposes set forth under clause ‎4 below.  

punkt

We use our best efforts and implement technical safeguards to remove the following types of information from the data generated by your activity and transmitted to the Service:

punkt

Our system creates a unique ID that it associates with user’s data, and your activity history is stored under that unique ID. We don’t use this unique ID to intentionally identify a specific user.

punkt

User activity within secure login-based portals of financial, healthcare, governmental services, private messaging platform (including email services), or social media platforms (except for LinkedIn and Twitter, if you choose to interact with these platforms while using the Service).

punkt

Usage and Technical Information: When you visit or access our Service      we automatically receive and record information through the use of pixels, cookies and other tracking technologies. Such information includes:

punkt

Usage Data: We collect information about your use of the Service, such as the types of content that you view or engage with while you are using the Service, i.e. when you ask a question in the Service chatbot while referring to the webpage currently open in your browser (i.e., your current URL), the features you use and the actions you take, technical information about your interaction with our Service, your login information, information about your visit, its duration, sessions, , as well as other information which relates to your activity in Torch.

punkt

Log Data: information that your browser or device automatically sends when you use our Service. Log data includes your Internet Protocol address, the date and time of your request, and how you interact with our Service.

punkt

Device Information: We collect information about the device you use to access the Service, such as the name of the device, operating system, device unique identifiers (e.g. MAC address and UUID), browser type and settings, time zone setting. Information collected may depend on the type of device you use and its settings.

punkt

Location Information: We may determine the general area from which your device accesses our Service based on information like its IP address for security reasons and to make your product experience better, for example to protect your account by detecting unusual login activity or to provide more accurate responses.

punkt

Cookies and Similar Technologies: We use cookies and similar technologies to operate and administer our Service and improve your experience. For details about our use of cookies, please read Section 2 below⁠.

punkt

The information collected (including your IP address) may be disclosed to or collected directly by our third-party web analytics service providers, as further detailed under the "Tracking Technologies" section below.

Aggregated data:

punkt

We may also collect aggregated or technical data generated when you use our Service, relating to how you use them, so we could learn how users and customers use our Service and improve them and our users' experience. Aggregated data may be derived from your Personal Information but is not considered Personal Information as this data does not directly or indirectly reveal your identity.

Sensitive Personal Information:
Please do not upload or submit any third-party personal information and any sensitive personal information to the Service
, including but not limited to Social Security numbers, financial account information, health or medical records, biometric data, or other information subject to special legal protections.

punkt

We do not intentionally collect such information, and any transmission of it is at your own risk.

02. Cookies and tracking technologies

Cookies: a cookie is a small data file that is downloaded and stored on your computer or mobile device when you use or interact with our Service. When you visit or access our Service, we may use cookies, pixels, beacons, local storage and similar technologies ("Tracking Technologies"). These Tracking Technologies allow us to automatically collect information about you, your device, and your online behaviour, in order to enhance your navigation in our Service, improve  its performance, perform analytics, and customize your experience.

For example, these technologies enable us to: (i) keep track of our users’ preferences and authenticated sessions, (ii) secure our Service by detecting abnormal behaviours, (iii) identify technical issues and improve the overall performance of our Service, and (iv) create and monitor analytics. You can set your browser to block or alert you about these cookies from your browser (see below), but if you do so - some of the features that make the Service experience more efficient may not function properly.  We may use "First Party Tracking Technologies" which are set by us and also "Third Party Tracking Technologies" that are stored by other third parties. Third-party cookies are aimed at collecting certain information (including digital identifiers that recognize your device when it visits our Service).  

Types of cookies we use

We only use Strictly Necessary Cookie (as specified in the table below):  This type of Cookies is necessary for the Service to function. We use these Cookies to enable you to use our Service's features, such as  managing our users' authentication.

We do not use marketing cookies or “retargeted advertising.”  

A list of cookies we use
We use the following First and Third-Party Cookies:

Cookie Name

Type

Type

Duration

Auth0

3rd P; Authentication

Used to manage all the authentication methods for our users (sign in with Google for example) and for managing and storing user sign-in credentials. Information stored in Auth0 may consist of personal information such as name and your email, as well as data about application sign-in frequency and time.

Up to 30 Days

Information collected by Darrow through Cookies is stored and used in accordance with applicable laws and the provisions of our Privacy Policy.
While we do our best to keep this table updated, please note that the number and names of cookies, pixels and other technologies may change from time to time.
You can turn off certain third party targeting and advertising cookies by visiting the following third party webpages:

03. Why we process your personal information ?

This section explains for what purposes we use your Personal Information:

punkt

Provision and operation of our Service. To provide, analyze, and maintain our Service, for example to respond to your prompts to Torch, resolve technical problems etc.

punkt

To provide customer support. This includes, for example, responding to your inquiries and communicating with you, including sending you information about our Service and events, about changes or improvements to the Service.

punkt

Improving our Service. We collect and analyze Personal Information to improve and develop the usability, quality, development and performance of our Service. This includes enhancing our user experience, maintaining and updating existing features, and supporting the development of new products. We may also use such data for research and to train our models in order to improve and develop our Services.

punkt

Advertising and marketing: We may use your Personal Information in order to provide you with advertisements, updates, notices, notifications, newsletters and additional information when you visit our Service. We don’t use your content to market our services or create advertising profiles of you.

punkt

Integrity. We process certain information about you and your usage of our Service in order to keep the integrity and security of our Service, validate your subscription identity and to enforce our policies.

punkt

Anonymizing or de-identifying your Personal Information, creating cumulative data that no longer identifies you, so that it will no longer be considered Personal Information and which we might make use and analyze in order to operate and improve our Service, and for research purposes.

punkt

Compliance with applicable laws; assistance to law enforcement agencies; response or defend against legal proceedings. We may process your Personal Information in order to comply with our legal obligation under applicable laws.

punkt

To protect and enforce our rights, privacy and security, prevent fraud or other illegal activity, safety of our systems, users and property, or those of other persons or entities, conduct audits, defend legal claims and resolve disputes.

04. With whom we share your data?

4.1 We disclose your Personal Data as described below:

punkt

Service providers:

Our service providers that serve in facilitating and enhancing our Service, work on our behalf and may need access to certain Personal Information in order to provide their services to us. These services include, but are not limited to, hosting services, data analytics of the functionality and usability of our Service (e.g AWS), identity verification providers (aut0.com), payment processors (Stripe, Stigg), analytics service (posthog), AI Gateway (Portkey) etc. Using External Tools for work management: we may use external third-party AI tools and services for work management, when responding to a user’s request (such as OpenAI, Claude, Perplexity). All these service providers above are authorized to use your Personal Information only as necessary to provide these services or as otherwise authorized by us.

punkt

Compliance with laws and assistance to law enforcement agencies:

We may disclose your Personal Information to government or law enforcement officials or private parties. The disclosure will be made in our sole discretion, as we believe it necessary or appropriate to respond to claims and legal procedures (including but not limited to subpoenas), to protect our or a third party’s property and rights, to protect the safety of the public or any person, or to prevent or stop any activity we consider to be, or to pose a risk of being, illegal, unethical, inappropriate or legally actionable. We also may be required to disclose an individual’s Personal Information in response to a lawful request by public authorities, including meeting national security or law enforcement requirements.

punkt

Auditors and advisers:

We may share your Personal Information with our external auditors, advisors and professional service providers (e.g. lawyers, accountants, insurers etc.) for ensuring our compliance with regulatory requirements and industry standards, auditing, managing disputed etc.

punkt

Protecting our rights and safety:

We may share your Personal Information to enforce this Privacy Policy or the Terms of Service, including investigation of potential violations thereof; to detect, prevent, or otherwise address fraud, security or technical issues; or otherwise if we believe in good faith that this will help protect the rights, property or personal safety of any of our users, or any member of the general public.

punkt

Affiliated companies, mergers and acquisitions:

We may share your Personal Information with our affiliated companies. In addition, we may transfer or share your Personal Information in case of entering into a business transaction (including during negotiations) such as a merger, acquisition, reorganization, bankruptcy, or sale of some or all of our assets, with the parties involved in such event. Such disclosure shall be subject to the terms of this Privacy Policy.

For avoidance of doubt, we may share anonymized or de-identified information with any other third party, at our sole discretion.

05. Your privacy rights and choices

User's privacy controls:

This section explains the tools and settings available to you to control how the Service operates in your browser, how to enable or disable Torch and how to customize your privacy preferences. These controls are designed to provide you with transparency and flexibility in managing your data and interactions with the Service:

punkt

The user will have a clear visual indication showing when Torch is "active", to ensure transparency about its ongoing operation.

punkt

Users can disable Torch at any time directly from the user’s browser toolbar.

punkt

Users can delete their activity history. To view and manage this stored data on the Service, users can access their chats from the Torch console and delete them by clicking on a chat and selecting 'Delete'.

User's rights

Depending on the jurisdiction in which you reside, you may have certain rights under relevant applicable laws regarding the collection and processing of your Personal Information. To the extent these rights apply and concern you, you can contact us via the contact details available below and ask to exercise the following rights: contact@darrow.ai.

Your Opt-Out Rights and Communications Choices

punkt

Unsubscribe from using your personal information for marketing communications by clicking the unsubscribe link they contain or contact us: contact@darrow.ai.

punkt

Your Other Data Rights

punkt

Depending on the jurisdiction in which you reside, you may have additional rights under privacy laws to submit requests to us to access your personal information and information relating to how it is processed, update or correct your personal information, transfer your personal information to a third party, restrict how we process it, delete your personal information from our records, withdraw your consent – where we rely on consent, lodge a complaint with your local data protection authority. If you would like to submit a request to exercise your rights, please contact us:contact@darrow.ai.

punkt

To exercise any other rights you may have under privacy laws or if you need additional assistance, please contact us: contact@darrow.ai, and describe your request.

We may ask for additional information from you to clarify your request and verify that you are authorized to make this request. We will respond to requests to exercise privacy rights according to applicable laws.

06. Additional U.S. States disclosures

This section addresses the specific disclosure requirements under US state privacy laws that require specific disclosures, including the California Consumer Privacy Act of 2018 as amended by the California Privacy Rights Act , and the California Consumer Privacy Act Regulations (collectively, “CCPA”). The sections below supplement the information in the rest of our Privacy Policy .

The terms “personal information”, “business purpose”, “commercial purpose”, “sale” and “service provider” as used herein shall have the meanings ascribed to them in the CCPA.

6.1 Categories of Personal Information we collect

In the preceding 12 months, we may have collected the following categories of Personal Information (as defined in the CCPA) to the extent that any of the following are personally identifiable:

Category

Examples

Identifying Information

Real name, alias, postal address and other contact information,unique personal identifier, online identifier, Internet protocoladdress, email address, account name

Communication information

such as your contact information when you send us email

Commercial information

Transaction history, and information about an individual’sinteractions with the Service, records of personal property,products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.

Your account credentials and payment information

Financial data such as payment card information.

Network activity information

Content and how you interact with our Services

Internet or other electronic information

Internet or other network or device activity, browsing history, and information regardingyour interaction with an Internet Website, application, oradvertisement and other information described in theCookies section of our Privacy Policy

Geolocation Data

General area from which your device accesses our Services basedon information like its IP address, or precise location information you choose to provide

Inferences drawn from any of the provided information

Profile reflecting a person’s preferences, characteristics,psychological trends, predispositions, behavior, attitudes,abilities, and aptitudes.

punkt

electronic, visual, or similar information, such as video recordings, physical characteristics or description, and photos.

punkt

Professional information, such as occupation, employment history, professional contact information, education history, or other information provided by you in connection with the Services.

punkt

Sensitive personal information, as defined under applicable local law, such as certain characteristics of protected classifications as defined above, account login credentials and passwords, and financial account information, credit card number, debit card number, or other payment card information.

Information that is publicly accessible is not considered “Personal Information” under this policy. Information that has been de-identified, or aggregated with other consumer information is similarly excluded from Personal Information.

For more information about the types of personal information we collect, please see the “What Types of Data we collect?” under Section 1 above.

6.2 Sources of Personal Information

The sources from which we obtain Personal Information are: Directly from our users either directly - when you register, complete forms, interact with Torch or contact us via the Service, via conversations, or indirectly - through monitoring of your use of the Service      via your browser or measurement tools (See Section 2 above).

6.3 Sale or Share of Personal Information

We do not knowingly 'sell' personal information that we collect from you, and we do not share Personal Information for “interest-based advertising” or “cross-context behavioral advertising”,  in accordance with the definition of 'sell' in the CCPA. We will treat personal information we collect from you as subject to a do not sell request.  

6.4 The purpose for collecting, sharing or selling information:

We collect and share personal information for the following business and commercial purposes: administering the provision of our Service, authenticating users access requests when they access our properties, providing customer support as required, detecting and preventing security incidents, debugging and fixing errors, maintaining and enhancing our Service, and allowing users to receive our commercial communications when they have agreed to receive them.

For more information about the purposes for which we collect personal information, please see the “Why we process your Personal Information?” under Section 3 above.

We do not “sell” Personal Information or “share” Personal Information for cross-contextual behavioral advertising, and we do not process Personal Information for “targeted advertising” purposes (as those terms are defined under state privacy laws). We also do not process sensitive Personal Information for the purposes of inferring characteristics about a consumer.

6.5 Disclosures of personal information for a business purpose:

We may disclose your Personal Information to a contractor or service provider for a business purpose. When we disclose Personal Information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract. We further restrict the contractor and service provider from selling or sharing your Personal Information.  In the preceding twelve (12) months, we disclosed the following categories of Personal Information for a business purpose:

  • Service providers. such as hosting services, service functionality and operation services, payment processing, identity verification provider, AI external tools, data analytics.
  • Affiliates. Our corporate parent, subsidiaries, and other affiliates under the control of our corporate parent, for purposes consistent with this Policy or to operate shared infrastructure, systems and technology.
  • Law enforcement, government bodies, regulators and other parties for legal reasons. We may share your Personal Information with third parties as required by law or if reasonably necessary to (i) detect and investigate illegal activities and breaches of agreements; and/or (ii) exercise or protect the rights, property, or safety of the Company, our personnel or others.
  • Business transfers. Parties to transactions and potential transactions whereby we sell, transfer or otherwise share some or all of our business or assets, including your Personal Information, such as a merger, consolidation, acquisition, reorganization or sale of assets (including negotiations for such transaction), or in the event of bankruptcy or dissolution.
  • Professional advisors. Lawyers and other outside professional advisors.

6.6 California and other state laws privacy rights:

Depending on where you live and subject to applicable exceptions, you may have the following privacy rights in relation to your Personal Information:

punkt

Right to access: If applicable, you may have the right to request access to the specific pieces of personal information we have collected about you in the last 12 months.

punkt

Right to request additional information: If applicable, you may also request additional details about our information practices, including the categories of personal information we have collected about you, the categories of sources of such collection, the categories of personal information that we sold or disclosed about you for a business purpose, the business or commercial purpose for collecting or selling personal information, the categories of third parties with whom we share and sell your personal information and the categories of personal information we have disclosed, shared and sold about you in the preceding 12 months. This information is provided in Section 7 above (Additional U.S. State disclosure).

punkt

Right to delete: If applicable, you also have the right to request deletion of your personal information, subject to certain applicable legal exceptions.

punkt

Right to rectify any inaccurate information about you. By visiting your account settings, you can correct and change certain personal information associated with your account.

punkt

Right to opt out of sale of personal information: If applicable, you have the right to opt-out of sales of personal information and to receive equal service and price and not be discriminated against even if you exercise any of your CCPA rights (unless permitted by applicable law, such as if the differences are reasonably related to your information). Our Privacy Policy describes the circumstances in which we may share your information with third parties.

How to make a request?

To exercise these rights if applicable to you, please email contact@darrow.ai. Before completing your request, we may need to verify your identity or the identity of your authorized representative. We may request additional information for the purpose of verifying your identity.  

6.7 Right to lodge a complaint and appeal our decisions:

All requests, complaints or queries may be addressed to us to the following email address: contact@darrow.ai.

punkt

Please note that these rights are not absolute, and may be subject to the relevant applicable laws, our own legitimate interests and regulatory requirements.

punkt

We will take steps to verify your identity before responding to your request, which may include requesting that you respond to an email that we send to you, or otherwise verifying your name, email address or other information that will help us to confirm your identity.

punkt

Authorized Agents. You may also submit a rights request through an authorized agent. If you do so, the agent must present signed written permission to act on your behalf and you may also be required to independently verify your identity with us.

punkt

Nondiscrimination. You have the right not to be discriminated against for exercising any of your privacy rights.

punkt

Appeals. Depending on where you live, you may have the right to appeal a decision we make relating to requests to exercise your rights. To appeal a decision, please send your request to: contact@darrow.ai.

punkt

We will consider any requests, complaints or queries and provide you with a reply in a timely manner. We take our obligations seriously and we ask that any concerns are first brought to our attention, so that we can try to resolve them.  

07. Do not track

Our Service does not respond to browser “Do Not Track” signals, as no uniform standard to respond to such signals has been widely-adopted at this time. Should this situation change, or should applicable law require us to comply with mandated DNT signals, we will do so promptly and update this Policy accordingly.

08. Transfer of personal information

Any information that we collect, disclose or share, including your Personal Information, can be stored and processed in various jurisdictions around the world, including (but not limited to) the European Economic Area, the United States, Israel, for the purposes detailed in this Policy.

09. How we protect your personal information ?

We have implemented administrative, technical, and physical safeguards to reduce the risk of unauthorized access, use, or disclosure of your Personal Information. Your information is stored on secure servers and is not publicly available.

We limit access of your Personal Information only to those employees, third party service providers or partners on a “need to know” basis, and strictly in order to enable us to perform the agreement between you and us.

Despite these measures, we cannot provide absolute information security or eliminate all risks associated with Personal Information , and security breaches may happen. If there are any questions about security, please contact us at contact@darrow.ai.

10. Minors

We do not knowingly sell or share personal information of users under the age of 18.

We do not knowingly collect or solicit Personal Information from Minors (as determined under the applicable laws where the individual resides; “Minors”). By accessing, using or interacting with our Service, you certify to us that you are not a Minor. If you believe that we might have any information from or about a Minor without verification of parental consent, then please contact us through the contact details available below.

11. Retention

vide our Service, and as necessary to comply with our legal obligations, resolve disputes, and enforce our policies. Retention periods will be determined taking into account the type of information that is collected and the purpose for which it is collected, bearing in mind the requirements applicable to the situation and the need to destroy outdated, unused information at the earliest reasonable time.owingly sell or share personal information of users under the age of 18.

12. Updates to this policy

We reserve the right to change this Policy at any time. The most current version will always be posted through our Service (as reflected in the “Last Updated” heading). You are advised to check for updates regularly. In the event of material changes, we will provide a notice via the Service or by other means. By continuing to access or use our Service after any revisions become effective, you agree to be bound by the updated Policy.

13. Contact us

If you have any further questions, please contact us by email at: contact@darrow.ai.

Let Darrow help you make a lasting impact