Effective Date: January 1, 2024

Last Updated: December 23, 2024

1. Introduction

CistekAI LLC ("CistekAI," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website www.cistekai.com and use our services.

This Privacy Policy complies with the Texas Data Privacy and Security Act, the California Consumer Privacy Act (CCPA), the General Data Protection Regulation (GDPR), and other applicable federal and state laws.

CistekAI is an IT consulting and product development company headquartered in Texas, USA, with offshore development operations in India.

2. Information We Collect

2.1 Personal Information

We may collect the following personal information:

• Name, email address, phone number
• Company name and job title
• Mailing address and billing information
• Professional credentials and resume information (for job applications)
• Communication preferences

2.2 Automatically Collected Information

• IP address and device information
• Browser type and operating system
• Pages visited and time spent on our website
• Referring website addresses
• Cookies and similar tracking technologies

2.3 Business Information

• Project requirements and specifications
• Technical documentation and data
• Communication records and correspondence

3. How We Use Your Information

We use collected information for:

• Providing and improving our IT consulting and development services
• Processing transactions and managing client relationships
• Responding to inquiries and providing customer support
• Sending service updates, newsletters, and marketing communications (with consent)
• Analyzing website usage and improving user experience
• Complying with legal obligations and protecting our rights
• Recruiting and hiring qualified candidates
• Preventing fraud and ensuring security

4. International Data Transfers

IMPORTANT: CistekAI operates with offshore development teams in India. By using our services, you acknowledge and consent that your information may be transferred to, stored, and processed in India and other countries where our service providers operate.

We implement appropriate safeguards to ensure your data is protected in accordance with this Privacy Policy and applicable laws, including:

• Standard Contractual Clauses approved by regulatory authorities
• Data processing agreements with all offshore partners
• Technical and organizational security measures
• Regular security audits and compliance reviews

5. Information Sharing and Disclosure

We may share your information with:

• Service Providers: Third-party vendors who assist in our operations (hosting, analytics, payment processing)
• Offshore Development Teams: Our India-based development teams working on client projects
• Business Partners: With your consent, for collaborative projects
• Legal Requirements: When required by law, court order, or government request
• Business Transfers: In connection with mergers, acquisitions, or sale of assets

We do NOT sell your personal information to third parties.

6. Data Security

We implement industry-standard security measures to protect your information:

• SSL/TLS encryption for data transmission
• Secure data storage with encryption at rest
• Access controls and authentication mechanisms
• Regular security assessments and penetration testing
• Employee training on data protection and confidentiality
• Incident response and breach notification procedures

7. Your Privacy Rights

7.1 General Rights

You have the right to:

• Access your personal information
• Correct inaccurate or incomplete data
• Request deletion of your data (subject to legal obligations)
• Object to or restrict processing
• Data portability
• Withdraw consent at any time
• Opt-out of marketing communications

7.2 California Residents (CCPA)

California residents have additional rights:

• Right to know what personal information is collected
• Right to know if personal information is sold or disclosed
• Right to opt-out of sale of personal information
• Right to non-discrimination for exercising CCPA rights

7.3 Texas Residents

Texas residents have rights under the Texas Data Privacy and Security Act to access, correct, and delete their personal information.

7.4 EU Residents (GDPR)

EU residents have rights under GDPR including access, rectification, erasure, restriction, portability, and objection to processing.

8. Data Retention

We retain your information for as long as necessary to:

• Provide our services and maintain client relationships
• Comply with legal, tax, and accounting obligations
• Resolve disputes and enforce our agreements
• Maintain business records (typically 7 years for financial records)

9. Children's Privacy

Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal information, please contact us immediately.

10. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies.

11. Changes to This Privacy Policy

We may update this Privacy Policy periodically. We will notify you of material changes by posting the updated policy on our website with a new "Last Updated" date. Your continued use of our services after changes constitutes acceptance of the updated policy.

12. Contact Information

For questions about this Privacy Policy or to exercise your privacy rights, contact us:

13. Governing Law

This Privacy Policy is governed by the laws of the State of Texas and applicable federal laws of the United States, without regard to conflict of law principles.