Privacy Policy

AskERP Intelligence Platform ("AskERP," "we," "us," or "our") is committed to protecting your privacy and the security of your data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered financial intelligence platform.

By using our Services, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our Services.

2.1 Information You Provide

• Account Information: Name, email address, company name, job title, and phone number when you create an account or request a demo
• Billing Information: Payment card details, billing address, and transaction history (processed by our payment processor)
• Communications: Correspondence when you contact our support team or participate in surveys
• User Preferences: Dashboard configurations, saved queries, and notification settings

2.2 ERP Data

• Query Data: The natural language questions you submit to our platform
• Query Results: Financial data returned from your ERP system in response to queries
• Connection Metadata: ERP system type, version, and connection configuration (not credentials)

Important: AskERP only has read-only access to your ERP database. We cannot modify, insert, or delete any data in your systems.

2.3 Automatically Collected Information

• Usage Data: Features used, query frequency, session duration, and interaction patterns
• Device Information: Browser type, operating system, device identifiers, and screen resolution
• Log Data: IP addresses, access times, and referring URLs
• Cookies and Tracking: Session cookies, analytics cookies, and similar technologies

We use your information for the following purposes:

• Service Delivery: To process your queries, display results, and provide our core functionality
• Account Management: To create and manage your account, process payments, and communicate about your subscription
• Improvement: To analyze usage patterns, improve our AI models, and enhance user experience
• Security: To detect and prevent fraud, unauthorized access, and other security issues
• Support: To respond to your inquiries and provide customer support
• Communications: To send service updates, security alerts, and marketing communications (with consent)
• Legal Compliance: To comply with applicable laws, regulations, and legal processes

We do not sell your personal information. We may share your information with:

4.1 Service Providers

Third-party vendors who perform services on our behalf, including:

• Cloud hosting providers (data processing and storage)
• Payment processors (subscription billing)
• Analytics providers (usage analysis)
• Customer support platforms (ticket management)

All service providers are bound by contractual obligations to protect your data and use it only for specified purposes.

4.2 Business Partners

With your consent, we may share information with ERP vendors or implementation partners for integration support.

4.3 Legal Requirements

We may disclose information when required by law, court order, or government request, or to protect our rights, privacy, safety, or property.

4.4 Business Transfers

In connection with a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

5.1 Query Results

Query results from your ERP are processed in memory and are not persistently stored on our servers. Results are discarded at the end of your session unless you explicitly save them.

5.2 Account Data

We retain account information for as long as your account is active. After account deletion, we retain certain data for:

• 90 days for account recovery purposes
• As required by law (e.g., billing records for tax compliance)
• To resolve disputes or enforce our agreements

5.3 Aggregated Data

We may retain anonymized, aggregated data indefinitely to improve our services and AI models.

We implement comprehensive security measures to protect your information:

• Encryption: TLS 1.3 for data in transit, AES-256 for data at rest
• Access Controls: Role-based access control (RBAC) and multi-factor authentication
• SOC 2 Type II: Independently audited security controls and procedures
• Network Security: Firewalls, intrusion detection, and DDoS protection
• Monitoring: 24/7 security monitoring and incident response
• Employee Training: Regular security awareness training for all team members

While we strive to protect your information, no method of transmission or storage is 100% secure. If you have reason to believe your account has been compromised, contact us immediately.

Depending on your location, you may have the following rights regarding your personal information:

• Access: Request a copy of the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information (subject to legal retention requirements)
• Portability: Request your data in a portable, machine-readable format
• Opt-Out: Opt out of marketing communications at any time
• Restriction: Request restriction of processing in certain circumstances
• Objection: Object to processing based on legitimate interests

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

We use cookies and similar technologies for the following purposes:

• Essential Cookies: Required for platform functionality and security
• Analytics Cookies: Help us understand how users interact with our Services
• Preference Cookies: Remember your settings and preferences

You can control cookies through your browser settings. Note that disabling certain cookies may impact platform functionality.

We use Google Analytics to analyze usage patterns. You can opt out at https://tools.google.com/dlpage/gaoptout.

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Data Processing Agreements (DPAs) with all sub-processors
• Compliance with applicable data protection frameworks

For EU customers, we offer data residency options to keep data within the European Economic Area.

California residents have additional rights under the California Consumer Privacy Act (CCPA):

• Right to Know: Request disclosure of personal information collected, used, and shared
• Right to Delete: Request deletion of personal information
• Right to Non-Discrimination: We will not discriminate against you for exercising your rights
• Do Not Sell: We do not sell personal information. We do not respond to "Do Not Track" signals as there is no industry standard.

To submit a CCPA request, email [email protected] with "CCPA Request" in the subject line.

If you are in the European Economic Area (EEA), United Kingdom, or Switzerland, you have rights under the General Data Protection Regulation (GDPR):

• All rights listed in Section 7 above
• Right to lodge a complaint with your local supervisory authority
• Right to withdraw consent at any time

Legal Basis for Processing:

• Contract: Processing necessary to provide our Services
• Legitimate Interest: Analytics, security, and service improvement
• Consent: Marketing communications
• Legal Obligation: Compliance with applicable laws

Data Protection Officer: Contact our DPO at [email protected].

Our Services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

We may update this Privacy Policy from time to time. We will notify you of material changes by:

• Posting the updated policy on our website with a new "Last Updated" date
• Sending an email notification to account holders
• Displaying a notice in our application

Your continued use of our Services after such notification constitutes acceptance of the updated policy.

If you have questions about this Privacy Policy or our data practices, please contact us:

AskERP Intelligence Platform
Privacy Team
100 Congress Avenue, Suite 2000
Austin, TX 78701
Email: [email protected]

For GDPR-related inquiries, contact our Data Protection Officer at [email protected].