# Privacy Policy **Last Updated:** March 20, 2025 ## 1. Introduction Devflow, Inc. ("Devflow," "we," "us," or "our") provides a SaaS-based artificical intelligence-powered text search and chat platform (the "Services"). This Privacy Policy describes how we handle personal information that we collect about our customers and users, including when they use our Services or visit our website, https://trieve.ai/. We treat all personal information covered by this Privacy Policy as pertaining to individuals acting as business representatives, and not in their individual or household capacity. This Privacy Policy does not apply to our handling of personal information that we process on behalf of our customers as a service provider. By using our Services or visiting our website, you are accepting the practices and policies described in this Privacy Policy. If you do not agree with this Privacy Policy, do not provide any personal information to us, or register or use the Services. ## 2. Personal Information We Collect ### Information You Provide to Us We may collect the following information you provide to us: - **Account information and contact details**, such as your company's name, your first and last name, username and password, email address, mailing address, and phone number. - **Payment information**, including your payment account details, which we may obtain from your financial institution when you choose to connect your account to the Services. - **Communications** that we exchange with you, including when you contact us with questions, feedback, or otherwise. - **Marketing data**, such as your preferences for receiving our marketing communications, and details about your engagement with them. - **Other data** not specifically listed here, which we will use as described in this Privacy Policy or as otherwise disclosed at the time of collection. ### Information from Third-Party Sources We may combine personal information we receive from you with personal information we obtain from other sources, such as: - **Third parties**, such as our business partners and others. - **Public sources**, such as social media platforms. ### Information Collected Automatically We, our service providers, and our advertising partners may automatically log information about you, your computer or mobile device, and your interaction over time with our website and the Services, our communications and other online services, such as: - **Device data**, such as your computer's or mobile device's operating system type and version, manufacturer and model, browser type, screen resolution, RAM and disk size, CPU usage, device type (e.g., phone, tablet), IP address, unique identifiers (including identifiers used for advertising purposes), language settings, mobile device carrier, radio/network information (e.g., WiFi, LTE, 3G), and general location information such as city, state or geographic area. - **Online activity data**, such as pages or screens you viewed, how long you spent on a page or screen, the website you visited before browsing to the website, navigation paths between pages or screens, information about your activity on a page or screen, access times, and duration of access, and whether you have opened our marketing emails or clicked links within them. ### Cookies and Similar Technologies Our Services use tracking technologies to collect information about your experience when accessing and using our Services. These technologies include: - **Cookies**: Text files that websites store on a visitor's device to uniquely identify the visitor's browser or to store information or settings in the browser. - **Local storage technologies**: Like HTML5, that provide cookie-equivalent functionality but can store larger amounts of data. - **Web beacons**: Also known as pixel tags or clear GIFs, which are used to demonstrate that a webpage or email was accessed or opened, or that certain content was viewed or clicked. Types of cookies we use include: - **Session Cookies**: Temporary cookies that help track real-time changes in a user's activity while on our website. - **Necessary Cookies**: Essential for the operation of the Services. - **Performance Cookies**: Collect information about how you use the Services. - **Functionality Cookies**: Allow us to remember information you have entered or choices you make. - **Targeting or Advertising Cookies**: Help track the performance of our advertisements. For more information about cookies and how to disable them, visit http://www.allaboutcookies.org. ## 3. How We Use Personal Information We use your personal information for the following purposes: ### To Operate Our Services - Provide, operate, maintain, secure, and improve our Services. - Fulfill a payment or transaction initiated by you. - Provide information about our Services. - Communicate with you about our Services, including by sending you announcements, updates, security alerts, and support and administrative messages. - Understand your needs and interests, and personalize your experience with our Services and our communications. - Respond to your requests, questions, and feedback. ### Research and Development - Create aggregated, de-identified or other anonymous data from personal information we collect. - Analyze and improve the Services, and promote our business. ### Marketing and Advertising - Send you direct marketing communications as permitted by law, including, but not limited to, notifying you of special promotions, offers, and events via postal mail, email, telephone, text message, and other means. - Engage our advertising partners, including third party advertising companies and social media companies, to advertise our Services. - Use cookies and similar technologies to collect information about your interaction with us to serve online ads. ### Compliance and Protection - Comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities. - Protect our, your, or others' rights, privacy, safety, or property. - Audit our internal processes for compliance with legal and contractual requirements and internal policies. - Enforce the terms and conditions that govern our website and Services. - Prevent, identify, investigate and deter fraudulent, harmful, unauthorized, unethical, or illegal activity, including cyberattacks and identity theft. ### Corporate Transactions - Facilitate corporate transactions, sales, mergers, acquisitions, reorganizations, bankruptcy, and other corporate events. ## 4. How We Share Personal Information We may share your information with the following categories of recipients: ### Service Providers and Contractors We share your information with third-party service providers working on our behalf, such as hosting service providers, IT providers, operating systems and platforms, internet service providers, data analytics companies, marketing providers, suppliers, professional advisors (legal and consultancy), payment processors, and those that support our business operations. We provide these companies with only the information they need to perform their services. ### Subprocessors We use the following subprocessors in our provision of the Services: 1. **Openrouter, Inc.** - **Location**: USA - **Processing activities**: Routes requests to LLM providers 2. **OpenAI, LLC** - **Location**: USA - **Processing activities**: Serves LLM requests, receiving and sending back tokens, if OpenAI products are selected for use 3. **Amazon Web Services (AWS)** - **Location**: USA and globally, depending on region selection - **Processing activities**: Cloud infrastructure, hosting services, and data storage 4. **Google Cloud Platform (GCP)** - **Location**: USA and globally, depending on region selection - **Processing activities**: Cloud infrastructure, computing services, and data storage 5. **Stripe, Inc.** - **Location**: USA - **Processing activities**: Payment processing services We maintain appropriate contracts with each subprocessor to ensure they process your data in accordance with our instructions and applicable data protection laws. Before engaging any new subprocessor, we conduct due diligence to ensure they can provide sufficient guarantees regarding the security and privacy of your data. ### Legal and Law Enforcement We disclose information to law enforcement or regulatory authorities to the extent required by law or if, in our reasonable discretion, disclosure is reasonable to: - Investigate, prevent, or take action regarding illegal activities, suspected fraud, and situations involving potential threats to physical or online safety. - Enforce or apply our agreements and to protect our rights, property, or safety of our users or third parties. - Establish, exercise, and defend against legal claims. ### Corporate Transactions We disclose your information to financial advisers, legal service providers, investors, and potential buyers of our business or assets related to any merger, acquisition, sale, financing, or similar transaction. ### Marketing Partners We may disclose your contact information to partners/sponsors/advertisers in connection with our marketing, promotional, advertisements, and other commercial communications, subject to your consent where required by law. ### Public Information If you provide testimonials or feedback that you published or intended to be published on the Services or as a customer testimonial, we may disclose your post and your name on our Services and marketing materials. ### With Your Consent We disclose your information to other third parties with your consent where required by law. ### Anonymized and Aggregated Information We may also de-identify, anonymize, or otherwise aggregate information in a manner that is no longer identifiable before sharing with third parties for any legally permitted purpose. ## 5. Your Choices ### Opt Out of Marketing Communications You may opt out of marketing-related communications by following the opt out or unsubscribe instructions contained in the marketing communications we send you, or by emailing us at privacy@trieve.ai. ### Online Tracking Opt-Out There are several ways to limit online tracking: - **Blocking cookies in your browser**: Most browsers let you remove or reject cookies. For more information about cookies, including how to see what cookies have been set on your device and how to manage and delete them, visit www.allaboutcookies.org. - **Blocking advertising ID use in your mobile settings**: Your mobile device settings may provide functionality to limit use of the advertising ID associated with your mobile device for interest-based advertising purposes. - **Using privacy plug-ins or browsers**: You can block our websites from setting cookies used for interest-based ads by using a browser with privacy features, like Brave, or installing browser plugins like Privacy Badger, Ghostery, or uBlock Origin, and configuring them to block third party cookies/trackers. You can also opt out of Google Analytics by downloading and installing the browser plug-in available at: https://tools.google.com/dlpage/gaoptout. - **Platform opt-outs**: Many advertising platforms offer opt-out features, including: - Google: https://adssettings.google.com/ - Facebook: www.facebook.com/about/ads - Twitter: www.twitter.com/settings/personalization - **Advertising industry opt-out tools**: You can use these tools to limit use of your information for interest-based advertising by participating companies: - Digital Advertising Alliance for Websites: optout.aboutads.info - Digital Advertising Alliance for Mobile Apps: https://youradchoices.com/appchoices - Network Advertising Initiative: optout.networkadvertising.org Note that because these opt-out mechanisms are specific to the device or browser on which they are exercised, you will need to opt out on every browser and device that you use. ### Do Not Track Some Internet browsers may be configured to send "Do Not Track" signals to the online services that you visit. We currently do not respond to "Do Not Track" or similar signals. To find out more about "Do Not Track," please visit https://www.allaboutdnt.com. ## 6. Data Security We employ technical, organizational, and physical safeguards designed to protect the personal information we collect. However, no security measures are failsafe, and we cannot guarantee the security of your personal information. We follow industry standards to protect your data, including: - Encryption of sensitive data at rest and in transit - Regular security assessments - Employee training on security practices - Access controls and authentication requirements - Monitoring for unauthorized access attempts ## 7. Data Retention The time periods for which we retain your personal information depend on the purposes for which we use it. We will keep your personal information for as long as you are a registered account holder or user of our Services, or for as long as we have another business purpose to do so (e.g., for business, tax, or legal purposes). We otherwise will not retain your personal information for longer than is required or permitted by law, or longer than our records retention policy, or longer than reasonably necessary for internal reporting and reconciliation purposes, or to provide you with feedback or information you might request. We may retain information that is de-identified, aggregated, or anonymized for as long as we deem appropriate. ## 8. Children's Privacy The Services are not intended for use by children under 13 years of age. If we learn that we have collected personal information through our Services from a child under 13 without the consent of the child's parent or guardian as required by law, we will delete it. If you believe we might have any information from or about a child under 13, please contact us at privacy@trieve.ai. ## 9. International Data Transfers Our services are primarily operated and managed on servers located in the United States. If you access our Services from outside the United States, you should be aware that your information may be transferred to, stored, and processed in the United States and other countries where our servers, databases, and service providers are located. The data protection laws of the United States and these other countries might not be as comprehensive or protective as those in your country. By using our Services, you understand that your information may be transferred to our facilities and to third parties with whom we share it as described in this Privacy Policy. If you are accessing our Services from the European Economic Area, United Kingdom, or Switzerland, please contact us at privacy@trieve.ai to learn more about our data transfer mechanisms. ## 10. Your Privacy Rights Depending on your location, you may have certain rights regarding your personal information: ### For U.S. Residents Some states grant you certain rights and control over your information: - **Information About You**: You may ask what categories of personal information we have about you, and the categories of sources from which we collect your personal information. - **Correct Your Information**: You may request that we correct inaccurate information we have about you. - **Receive a Copy of Your Data**: You may request the categories and specific pieces of information we have about you, the categories of personal information that we have disclosed about you for a business purpose, and the categories of third parties with which we have shared personal information. - **Delete Your Data**: You may request that we delete the personal information we have collected from you. - **Opt Out of Profiling**: You may opt out of our ability to create a profile of you for marketing or advertising purposes. - **Do Not Sell/Share**: You may opt out of our sale(s) of your personal information or sharing for targeted advertising, as "sale" and "sharing" are defined by data privacy laws. - **Non-Discrimination**: We will not discriminate against you for exercising your privacy rights. To exercise these rights, please contact us at privacy@trieve.ai. ### For EU/EEA, UK, and Swiss Residents If you are in these regions, you have these rights: - **Access**: Request a copy of the personal data we process about you. - **Rectification**: Have incomplete or inaccurate personal data corrected. - **Deletion**: Request that we delete your personal data. - **Restriction**: Request that we restrict processing of your personal data. - **Portability**: Obtain personal data we hold about you in a structured, electronic format, and transmit it to another provider. - **Objection**: Object to our processing of your personal data based on our legitimate interests. - **Withdraw Consent**: Withdraw consent you have previously given for processing. - **Lodge a Complaint**: File a complaint with your local supervisory authority. To exercise these rights, please contact us at privacy@trieve.ai. ## 11. Changes to This Privacy Policy We reserve the right to modify this Privacy Policy at any time. If we make material changes to this Privacy Policy, we will notify you by updating the date of this Privacy Policy and posting it on the website. Your continued use of our Services following the posting of changes constitutes your acceptance of such changes. ## 12. How to Contact Us If you have questions or concerns about this Privacy Policy or our practices, please contact us at: **Email**: privacy@trieve.ai **Address**: Devflow, Inc. 1401 Lavaca St. #1084 Austin, Texas 78701 USA