Cookies & Policy. Your Control. Our Commitment.

ByteVox uses cookies to enhance your browsing experience, analyze traffic, and provide personalized services. Learn how we use cookies and how you can manage your preferences.

Complete Data, Consent & Security Policy

1) Data Collection — What We Collect & Why

Aurigen Labs Private Limited collects only the minimum data required to operate, secure, and improve our AI services. We practice data minimization, use de-identification where feasible, and never sell personal data.

Core Categories

  • Account & Contact (name, email, org, role) for account creation and notifications.
  • Service Telemetry (feature usage, request timestamps, status codes) to ensure reliability and quality.
  • Device & Cookie (browser, OS, coarse IP/region) for security, anti-abuse, and session continuity.
  • Content You Provide (prompts, files, configuration) strictly to deliver requested functionality.

How We Obtain Data

  • Direct: information you submit via forms, APIs, or support.
  • Automated: logs, cookies, and security signals generated during use.
  • Authorized Integrations: data from systems you connect (e.g., CRM) under your instructions.

Legal Bases (where applicable)

  • Contract: to provide and support the services you request.
  • Legitimate Interests: product security, anti-abuse, and service improvement.
  • Consent: non-essential cookies, marketing, or optional features.
  • Legal Obligation: compliance with applicable laws and requests.
Purpose Examples Primary Legal Basis
Deliver core features Authentication, routing requests, model outputs Contract
Reliability & quality Telemetry, performance metrics Legitimate Interests
Security & abuse prevention Rate-limiting, anomaly detection Legitimate Interests / Legal Obligation
Preferences & personalization Language, theme, saved settings Consent / Legitimate Interests
Marketing (optional) Newsletters, product updates Consent

We avoid collecting special category data (e.g., health, biometrics) unless you explicitly provide it and it is essential for a specific feature you’ve enabled.

2) User Consent & Control — Your Choices, Your Rights

Granular Controls

  • Opt-in/opt-out for non-essential cookies and analytics.
  • Real-time dashboard to view sessions, API keys, connected apps, and stored artifacts.
  • One-click export (portable format) and deletion requests.
  • Revoke third-party access and rotate credentials at any time.

Your Rights (Where Applicable)

  • Access, rectification, and erasure of your personal data.
  • Restriction or objection to certain processing activities.
  • Data portability (receive a copy in a commonly used format).
  • Withdraw consent without affecting essential functionality.

How to Exercise Your Choices

  • Use in-product settings for cookies, analytics, and permissions.
  • Submit access/export/deletion requests via the dashboard or email.
  • We may verify identity before fulfilling a request. Typical response time is 30 days.

Cookies & Preferences

Essential cookies are required for security and core features. Functional and analytics cookies are optional and controlled by your consent. You can update preferences anytime in your browser or our consent banner.

3) Security & Encryption — Our Safeguards

Technical Controls

  • Encryption in transit (TLS 1.2+) and at rest (AES-256); key rotation policies.
  • Segregated environments, least-privilege networking, and WAF/DDoS protections.
  • Continuous logging, anomaly detection, and automated alerting.
  • Regular backups, integrity checks, and disaster recovery testing.

Organizational Controls

  • Role-based access (RBAC), MFA/SSO, periodic access reviews.
  • Employee security training and confidentiality obligations.
  • Vendor risk assessments and contractual data-protection terms.
  • Policies aligned with industry best practices (e.g., SOC 2 principles).

Incident Response

  • Documented runbooks for detection, triage, containment, and recovery.
  • Post-incident reviews and corrective action tracking.
  • Legal and customer notifications where required by law and contracts.

4) Data Sharing & Processors

We may use vetted third-party processors (e.g., hosting, analytics, communications, payments) to operate the service. These providers are contractually bound to process data only on our instructions and to apply appropriate security controls. We do not sell your personal data.

5) Retention & Deletion

  • Account & Billing: retained while your account is active and for a reasonable period thereafter (e.g., 24 months) unless a longer period is required by law.
  • Telemetry & Logs: typically 12 months for security and diagnostics.
  • Cookies: session cookies expire on browser close; persistent cookies have defined lifetimes visible in your browser.
  • Upon verified deletion requests, we remove or de-identify personal data subject to legal holds or obligations.

6) International Transfers

If data is transferred across borders, we implement appropriate safeguards (e.g., Standard Contractual Clauses) and require processors to maintain comparable protections in their jurisdictions.

7) Children’s Data

Our services are not directed to children, and we do not knowingly collect personal data from children. If you believe a child has provided data, contact us so we can take appropriate action.

8) Updates to This Policy

We may revise this policy periodically. Material changes will be clearly indicated on this page with an updated effective date.

9) Contact Aurigen Labs

Questions or requests about this policy or your data?

privacy@aurigenlabs.com
Aurigen Labs Private Limited, Delhi, India