Privacy Policy

Last Modified: December 2, 2025

Curatu AI Inc. Privacy Policy

Last Updated: December 2, 2025

Curatu AI Inc. ("Curatu", "we", "us", "our") respects your privacy. This Privacy Policy explains how we collect, use, disclose, store, and protect information when you use our websites, applications, APIs, and related services (the "Services"). By using the Services, you consent to this Privacy Policy. If you do not agree, do not use the Services.

Enterprise Customers

If you are accessing the Services under a separately negotiated Master Services Agreement ("MSA"), Statement of Work ("SOW"), or other written agreement with Curatu (each, an "Enterprise Agreement"), the data protection and privacy terms of that Enterprise Agreement will govern to the extent they differ from or conflict with this Privacy Policy.

1. Scope

This Privacy Policy applies to website visitors, account holders, authorized users, and End-Users who interact with experiences powered by Curatu. It does not apply to third-party platforms you connect to Curatu, which are governed by their own policies.

2. Information We Collect

2.1 Information You Provide

  • Account information such as name, email, company name, and password.
  • Optional profile information such as phone number and organization details.
  • Support requests and communications.
  • Customer Data uploaded to the knowledge base and content submitted through the Services.

2.2 Information Collected Automatically

  • IP address, device identifiers, browser type, operating system, and settings.
  • Log data such as timestamps, pages viewed, actions taken, and diagnostic events.
  • Approximate location derived from IP address.
  • Cookies and similar technologies.

2.3 Customer Data

Customer Data includes any data you or your authorized users submit to the Services, such as documents, URLs, prompts, conversations, and other content used to configure or operate your AI experience. Customer Data remains controlled by you. Curatu processes Customer Data only as needed to provide, maintain, and secure the Services, and to provide support, subject to any applicable DPA.

2.4 AI Interaction and Model Improvement Data

The Services process prompts, inputs, outputs, documents, conversations, and related metadata to deliver AI-powered functionality. In addition to providing the Services, Curatu may use such data to maintain, develop, test, train, validate, and improve its artificial intelligence models, algorithms, and Services.

Such use may include automated processing and limited manual review for quality assurance, safety, compliance, and system improvement. Curatu may aggregate, anonymize, or de-identify data where commercially reasonable; however, no method of de-identification is guaranteed to be irreversible.

Unless otherwise agreed in writing, including through a Data Processing Addendum, use of the Services constitutes your acknowledgment and authorization for such processing.

Curatu’s data processing practices may evolve over time as artificial intelligence technologies develop.

For Enterprise customers, Curatu’s use of Customer Data for model training, testing, or improvement will be governed by the applicable Enterprise Agreement, including any data processing or confidentiality provisions contained therein.

Customer Responsibility for Submitted Data

You represent and warrant that you have all necessary rights, permissions, and consents to submit personal data, confidential information, or proprietary materials to the Services and to authorize Curatu’s processing of such data as described in this Privacy Policy and the Terms of Use.

3. How We Use Information

  • Provide and operate the Services.
  • Authenticate users and secure accounts.
  • Process transactions and manage billing through third-party payment providers.
  • Monitor, prevent, and investigate abuse, fraud, or security incidents.
  • Provide customer support and respond to requests.
  • Improve the Services, performance, and user experience.
  • Comply with legal obligations and enforce our Terms.
  • Develop, train, test, validate, and improve artificial intelligence models, algorithms, and features.
  • Perform quality assurance, safety review, and abuse prevention.
  • Analyze usage patterns to improve accuracy, reliability, and performance.

4. Sharing and Disclosure

We may share information with:

  • Service Providers: Subprocessors that help operate the Services (hosting, storage, analytics, email delivery, payments).
  • Legal and Safety: Where required by law, regulation, legal process, or to protect rights and safety.
  • Business Transfers: In connection with a merger, acquisition, or asset sale.

We do not sell personal information.

5. Security

Curatu uses commercially reasonable safeguards to protect information. However, no system is completely secure. You acknowledge that use of the Services and transmission of information occurs at your own risk.

6. Data Retention

We retain information for as long as necessary to provide the Services, comply with legal obligations, resolve disputes, and enforce agreements. Customer Data may be deleted upon request or account closure, subject to reasonable backup retention periods and legal requirements.

7. International Transfers

Your information may be processed or stored in jurisdictions outside your region. Where required, we use appropriate safeguards for international transfers.

8. Requests Regarding Personal Information

Subject to applicable law, you may submit a request regarding personal information we hold about you by contacting us at the email address below. Any such request will be evaluated in accordance with applicable legal requirements and our obligations. We reserve the right to decline requests where permitted by law, including where fulfilling a request would be impractical, compromise security, violate the rights of others, or conflict with our legitimate business interests. We may require reasonable verification before responding to any request.

9. End-User Data

If you use Curatu to provide AI experiences to End-Users, you are responsible for providing appropriate notices and obtaining consents where required. Curatu acts as a processor of End-User data on your behalf, subject to any applicable DPA.

10. Children’s Privacy

The Services are not intended for individuals under 18. We do not knowingly collect personal information from minors.

11. Updates to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, or legal requirements. The most current version will always be available on our website. Your continued use of the Services after an update indicates your acknowledgment of the updated Privacy Policy.

12. Contact

If you have any questions about privacy or this policy, please contact us via email.