Privacy

Privacy Policy

Ethara™ builds intelligence that remembers its humanity. This policy explains what we collect, why we collect it, how we protect it, and the rights you have — wherever in the world you are. We keep this simple on purpose.

GDPR-ready CPPA (Canada) CCPA/CPRA No dark patterns

1) Who we are

Ethara™ Global Technologies Inc. (“Ethara”, “we”, “us”) provides strategy, software, and advisory services for responsible AI. Contact: privacy@ethara.app.

2) Definitions

  • Personal Data: any information relating to an identified or identifiable person.
  • Controller: the entity deciding why and how data is processed.
  • Processor: the entity processing data on behalf of a Controller.
  • Sub‑processor: a vendor engaged by Ethara to support processing.
  • Sensitive Data: categories such as health, biometrics, or precise location.

3) What we collect

  • Contact details (name, email, organization, role).
  • Operational data for demos/pilots you opt into.
  • Usage analytics (pages visited, device type, rough geo).
  • Support content (tickets, forms, attachments).

We do not collect sensitive categories unless you explicitly provide them and we have a legal basis.

4) What we will never do

  • Sell your personal data.
  • Train general AI models on your content without a written contract.
  • Use dark patterns to coerce consent.

5) No dark patterns

Ethara does not use dark patterns. All consent choices are presented clearly, without manipulation, obstruction, or visual pressure. We do not hide decline options, pre‑check boxes, or make it difficult to unsubscribe or delete data.

6) Legal bases (global)

  • Consent — newsletters, beta trials, optional cookies.
  • Contract — delivering a service you requested.
  • Legitimate interests — security, fraud prevention, site performance.
  • Legal obligation — where regulators require it.

7) Data residency & storage

Data is stored in secure cloud regions in Canada, the United States, or the EU depending on service configuration. Enterprise clients may request region‑specific hosting or data residency controls.

8) International transfers

When data leaves its originating region, we use recognized safeguards such as:

  • EU Standard Contractual Clauses (SCCs)
  • UK International Data Transfer Addendum
  • Canada CPPA-compliant contractual terms
  • Brazil LGPD-compliant safeguards
  • Japan APPI and Singapore PDPA requirements

9) How we use data

  • To reply to inquiries and deliver services.
  • To secure the site and prevent abuse.
  • To improve content and user experience (aggregate insights).
  • With your permission: to send updates you can unsubscribe from anytime.

10) AI transparency

  • No customer data is used to train foundation models unless a contract explicitly permits it.
  • We prefer data minimization, pseudonymization, and sandboxed environments.
  • We maintain audit trails and role‑based access for controlled datasets.
  • We do not use personal data for automated decision‑making that produces legal or significant effects.

11) Sub‑processors

We use vetted sub‑processors for hosting, forms, analytics, and email. All vendors sign data‑processing terms and, where applicable, SCCs. A current list is available via privacy@ethara.app.

12) Security

  • Encryption in transit and at rest.
  • Least‑privilege access; MFA for admin accounts.
  • Continuous monitoring and logging.
  • Vendor due diligence and regular patching.
  • 24‑hour breach notification after verification.

13) Data retention

We keep personal data only as long as necessary for the stated purpose or as required by law. You can request deletion at any time.

14) Your rights (global)

  • Access, correction, deletion, and portability.
  • Right to restrict or object to certain processing.
  • Withdraw consent at any time.
  • Right to lodge a complaint with your local authority.

15) Children

Our services are for business users. We do not knowingly collect data from children under the age required by local law.

16) Business transfers

If Ethara undergoes a merger, acquisition, or restructuring, your data will remain protected under this policy.

17) Accessibility

We aim to make this policy readable and accessible. If you need an alternative format, contact us.

18) Changes

We update this policy when needed and timestamp major changes.

Last updated: