Privacy Policy | Steps AI (Aide)

3.1 Personal Information You Provide

We collect personal information that you provide directly when:

• •Creating an account (name, email address, end-end encrypted password)
• •Connecting third-party integrations authentication details (e.g., Google Drive, Slack, salesforce)
• •Interacting with customer support (error logs/ troubleshooting details, email inquiries)
• •Providing billing information for paid subscriptions (payment details are handled securely by third-party processors)
• •Submitting forms (e.g., demo requests, feedback surveys)

3.2 Information Collected Automatically

When you use Aide, we may automatically collect the following:

• •Device Information: IP address, browser type, operating system
• •Usage Data: How you interact with Aide (e.g., features used, query history)
• •Log Data: System logs that record errors, performance issues, and user activity for security monitoring

3.3 Information Collected from Third Parties

We may receive additional personal information from third-party sources, including:

• •Enterprise Clients: If your employer provides access to Aide, we may receive your work email and role information
• •Third-Party Integrations: If you connect Google Drive, Slack, or other services, we collect relevant metadata only as authorized
• •Marketing & Business Partners: We may collect lead-generation data for business development purposes

3.4 Cookies & Tracking Technologies

We use cookies, web beacons, and analytics tools to:

• •Enhance user experience by remembering preferences
• •Monitor platform performance and security threats
• •Analyze website traffic and improve our marketing efforts

Users can manage cookie preferences through browser settings.

4.1 Service Delivery & Functionality

• •To provide and improve Aide's AI-powered services (e.g., personalized AI responses, workflow automation)
• •To authenticate users and manage accounts (e.g., login, password recovery)
• •To process transactions and manage subscriptions (for paid users)
• •To offer AI-powered recommendations and insights based on user interactions

4.2 Communications & Customer Support

• •To send service-related notifications (e.g., security alerts, account updates)
• •To provide customer support (e.g., resolving issues, troubleshooting)
• •To send surveys and gather user feedback for product improvement

4.3 AI Model Training & Enhancement

• •To refine and optimize AI responses (we use anonymized and aggregated data to improve Aide's accuracy and efficiency)
• •To analyze user behavior (to enhance product experience and optimize AI algorithms)
• •To detect and prevent fraudulent, illegal, or unauthorized activities

4.4 Legal, Security & Compliance

• •To comply with GDPR, CCPA, and other data privacy laws
• •To detect, investigate, and prevent security threats and fraudulent activities
• •To comply with legal obligations or government requests

5.1 Where We Store Your Data

Steps AI stores user data securely on AWS data centers in the United States. Enterprise clients may opt for regional storage options or in-house data storage options regulatory requirements.

5.2 Security Measures

We implement industry-standard security controls to protect user data, including:

• •End-to-end encryption (AES-256) for stored data
• •Secure HTTPS (TLS 1.2+) connections for data transmission
• •Multi-factor authentication (MFA) for admin access
• •Regular security audits and penetration testing
• •Strict access controls to ensure only authorized personnel can access sensitive data

5.3 Data Retention Policy

• •Account Data: Retained as long as the account is active. If deleted, data is removed within 30 days unless legally required to retain it
• •AI Chat History: Retained for user experience optimization, but does not persist beyond user sessions unless explicitly enabled by enterprise clients
• •Third-Party Integration Data: Retained only during the session (not stored permanently)
• •Billing & Compliance Data: Retained for seven (7) years as per financial regulations

Data Deletion Requests: Users can request permanent data deletion by emailing tech@stepsai.co

6.1 Third-Party Integrations

Aide integrates with third-party platforms, including:

• •Google Drive, Slack, Salesforce, etc (for AI-powered searches)
• •Payment Processors (Stripe, PayPal) (for subscription billing)
• •Analytics & Performance Tools (for improving service quality)

6.2 Data Sharing & Disclosure

We do not sell personal data, but may share it in the following cases:

• •With Service Providers: Cloud hosting, analytics, and security partners who process data on our behalf
• •For Legal Compliance: If required by law, regulation, or a court order
• •With Business Partners: Only if users opt in for additional services or enterprise integrations
• •During a Business Transfer: In case of mergers, acquisitions, or asset sales, users will be notified before data transfer

Steps AI ensures all third-party partners comply with GDPR, CCPA, and security best practices.

8.1 Types of Cookies We Use

• 1.Essential Cookies – Required for platform functionality and security
• 2.Analytical Cookies – Used to track site usage and improve performance
• 3.Functional Cookies – Enhance AIDE platform personalization (e.g., remembering preferences)
• 4.Advertising Cookies – Not used by Steps AI (we do not track users for ad targeting)

8.2 Managing Your Cookie Preferences

• •Browser Settings: You can disable or delete cookies through your browser
• •Do Not Track (DNT): Aide does not currently respond to DNT signals due to a lack of industry standards
• •Cookie Banner: First-time visitors are given options to accept or customize cookie settings

9.1 Compliance with Global Data Protection Laws

Steps AI complies with GDPR, CCPA, and other international privacy laws regarding:

• •Data storage and processing
• •User consent and transparency
• •Legal requirements for data protection and cybersecurity

9.2 Disclosure to Authorities

We may share personal information with law enforcement, regulators, or legal entities only under the following circumstances:

• •To comply with a valid legal request (e.g., court order, subpoena)
• •To protect user safety and prevent fraud or cyber threats
• •To investigate violations of our Terms of Service or security breaches

Steps AI will always notify users of such requests unless legally prohibited.

9.3 Data Transfers & International Processing

• •User data may be processed in the United States or other jurisdictions with adequate privacy safeguards
• •Whenever data is transferred outside the EU/EEA, we use Standard Contractual Clauses (SCCs) approved by the European Commission to ensure compliance with GDPR

10.1 Data Transfers Outside the European Economic Area (EEA)

If you are located in the European Economic Area (EEA), United Kingdom (UK), or Switzerland, we ensure that your personal data is transferred in compliance with GDPR and other data protection laws by using:

• •Standard Contractual Clauses (SCCs) approved by the European Commission
• •Data Processing Agreements (DPAs) with service providers handling your data
• •Additional security measures to protect cross-border data transfers

10.2 Safeguards for International Transfers

Steps AI ensures that data transferred outside your country is handled with a level of protection equivalent to local laws, including:

• •Encryption protocols to protect data in transit and at rest
• •Access controls and authentication measures for restricted data processing
• •Continuous security audits to ensure compliance with applicable law

11.1 Updates & Revisions

We may update this Privacy Policy from time to time to reflect:

• •Changes in laws and regulations (e.g., GDPR, CCPA updates)
• •Improvements in security measures and data processing methods
• •Changes to Aide's AI functionalities and integrations

11.2 Notification of Changes

If we make material changes to this Privacy Policy:

• •We will notify users via email or in-app alerts
• •The "Last Updated" date at the top of this page will be revised
• •If required by law, we will seek user consent before applying significant changes