Privacy Policy

Last updated: March 3, 2024

1. Introduction

Please read this Privacy Policy carefully before using our Service, including our Website, Widget, and API (together, the “Service”). This Privacy Policy explains what information we collect, how we use it, and how we may share it.

Your access to and use of the Service are subject to your acceptance of our Terms of Service, available at https://www.onedim.ai/terms, which include this Privacy Policy. The Service is operated by onedim.ai (“Company,” “we,” “us,” or “our”).

By using the Service, you agree to the collection and use of information as described in this Privacy Policy. Unless otherwise defined here, capitalized terms have the same meaning as in the Terms of Service.

2. Definitions

For purposes of this Privacy Policy:

API means the onedim.ai application programming interface that may be integrated into a user’s software.

Cookies means small data files stored on your Device.

Device means a computer, mobile phone, tablet, or other electronic device used to access the Service.

Data Controller means the person or organization that determines how and why Personal Data is processed. For purposes of this Privacy Policy, the Company is the Data Controller of your Personal Data.

Data Processors or Service Providers means third parties who process data on behalf of the Data Controller.

Data Subject means an identifiable natural person whose Personal Data is processed.

Personal Data means information relating to an identified or identifiable individual.

Service means the Website, Widget, and/or API, depending on the scope of services provided to a given User.

Usage Data means information collected automatically through use of the Service or its infrastructure, such as page visit duration.

User means the person using our Service.

Website means the webpages located at onedim.ai.

Widget means an onedim.ai widget that may be embedded on a User’s website.

3. Data Controller

The controller of your Personal Data is: onedim.ai

4. Information We Collect

We collect different types of information in order to operate, maintain, and improve the Service.

5. Types of Data We Collect

Personal Data

When you use our Service, we may ask you to provide information that can identify or contact you, including:

  • email address;
  • first name and last name; and
  • Cookies and Usage Data.

Usage Data

We may automatically collect certain technical information when you access the Service through a browser or Device. This may include:

  • IP address;
  • browser type and version;
  • pages visited;
  • date and time of visit;
  • time spent on pages;
  • device identifiers;
  • operating system; and
  • other diagnostic information.

Cookies and Tracking Technologies

We use cookies and similar technologies, such as tags, scripts, and beacons, to monitor activity on the Service and improve user experience.

Examples of cookies we may use include:

  • Session Cookies to operate the Service;
  • Preference Cookies to remember your settings;
  • Security Cookies to support security functions; and
  • Advertising Cookies to help deliver more relevant advertising.

You may configure your browser to refuse cookies or notify you when a cookie is being sent. However, some parts of the Service may not function properly without cookies.

6. How We Use Personal Data

We use Personal Data for a variety of business and operational purposes, including:

  • to provide and maintain the Service;
  • to notify you about changes to the Service;
  • to enable interactive features when you choose to use them;
  • to provide customer support;
  • to analyze and improve the Service;
  • to monitor usage of the Service;
  • to detect, prevent, and address technical problems;
  • to fulfill the purpose for which you provided the information;
  • to perform contractual obligations, including billing and collection;
  • to send notices regarding your account or subscription, such as renewal or expiration notices;
  • to provide information about related products, services, promotions, or events, where permitted by law or based on your consent; and
  • for any other purpose disclosed when the information is collected.

Depending on the purpose, our legal basis for processing may include performance of a contract, our legitimate interests, or your consent.

7. Data Retention

We retain Personal Data only for as long as necessary for the purposes described in this Privacy Policy. We may retain Personal Data for longer periods where needed to:

  • comply with legal obligations;
  • resolve disputes; or
  • enforce agreements and policies.

Where Personal Data is processed based on consent, we retain it until consent is withdrawn and for any additional period necessary to address related legal claims. Usage Data is generally retained for a shorter period, except where it is needed for security, service improvement, or legal compliance.

8. International Transfers

Your information, including Personal Data, may be transferred to and processed on computers located outside your state, province, or country, including in the United States, where data protection laws may differ from those in your jurisdiction.

If you are located outside the United States and provide information to us, you acknowledge that your Personal Data may be transferred to and processed in the United States. We take reasonable steps to ensure that such transfers are made securely and in accordance with this Privacy Policy and applicable law. Where required, we use appropriate contractual safeguards, including the European Commission’s Standard Contractual Clauses under Article 46(2)(c) of the GDPR.

9. Disclosure of Personal Data

We may disclose your Personal Data in the following circumstances:

  • when required by law or in response to valid governmental requests;
  • in connection with a merger, acquisition, or sale of assets;
  • to our subsidiaries, affiliates, and employees;
  • to contractors, service providers, and other business partners supporting the Service;
  • to fulfill the purpose for which you provided the information;
  • for use of Udio AI’s logo on our Website; and
  • in other cases where you provide consent.

Except as described in this Privacy Policy, we do not sell or otherwise share your Personal Data.

10. Data Security

We use administrative, technical, and physical safeguards designed to protect Personal Data from unauthorized access, loss, misuse, alteration, or disclosure. Examples include maintaining backup copies and restricting access to authorized personnel only.

However, no method of transmission over the Internet or electronic storage is completely secure, and we cannot guarantee absolute security.

11. Your GDPR Rights

If you are located in the European Union or European Economic Area, you may have the following rights under the GDPR:

  • the right to access your Personal Data;
  • the right to request correction of inaccurate data;
  • the right to request deletion of your Personal Data, subject to legal exceptions;
  • the right to request restriction of processing;
  • the right to object to certain processing based on your particular situation;
  • the right to withdraw consent at any time where processing is based on consent; and
  • the right to file a complaint with a supervisory authority.

To exercise these rights, please contact us at contact@onedim.ai. We may need to verify your identity before responding. Please note that some Personal Data may be necessary for us to provide the Service.

12. California Privacy Protection Act (CalOPPA)

In accordance with CalOPPA:

  • users may visit our site anonymously;
  • our Privacy Policy is clearly available and includes the word “Privacy”;
  • users will be notified of changes on our Privacy Policy page; and
  • users may request changes to their personal information by contacting us at contact@onedim.ai.

Do Not Track

We honor Do Not Track browser settings. When a Do Not Track mechanism is enabled, we do not track, place cookies, or use advertising in a way inconsistent with that setting.

13. Service Providers

We may use third-party companies and individuals to support the Service, provide services on our behalf, or help us understand how the Service is used.

These Service Providers may access Personal Data only as needed to perform services for us and are obligated not to use or disclose it for other purposes.

14. Analytics Providers

We may use third-party analytics providers to understand and improve use of the Service.

Google Analytics helps us measure traffic and usage patterns. Google may also use collected data in connection with its own services and advertising network. More information is available in Google’s privacy materials.

Mixpanel is used for analytics and product usage insights. You may opt out of Mixpanel tracking through Mixpanel’s opt-out tools. Additional information is available in Mixpanel’s own terms and privacy documentation.

15. Payment Processing

We may offer paid products or services through the Service. In those cases, we use third-party payment processors. We do not store or collect your payment card details directly. Payment information is provided directly to our payment processors and is handled under their own privacy policies.

These processors comply with PCI-DSS standards for secure payment handling. Our payment processor is: Paddle – see Paddle’s Privacy Policy at https://paddle.com/legal/privacy

16. Third-Party Links

Our Service may contain links to websites or services operated by third parties. We do not control and are not responsible for the content, privacy policies, or practices of those third parties. We encourage you to review the privacy policy of every external site you visit.

17. Children’s Privacy

Our Service is not directed to children under the age of 16, and we do not knowingly collect Personal Data from children under 16. If you believe that a child has provided us with Personal Data without appropriate consent, please contact us. If we learn that such data has been collected, we will take steps to delete it.

18. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will post the updated version on this page and update the “Last updated” date at the top, unless a different form of notice is required by law. By continuing to use the Service after an updated Privacy Policy becomes effective, you agree to the revised policy.

19. Contact Us

If you have any questions about this Privacy Policy, please contact us at: contact@onedim.ai

20. Regional Addenda

Canada

Personal Data processed by our affiliates or third-party service providers in the U.S. or other countries may be subject to lawful disclosure requests from foreign courts, regulators, or authorities. We do not share your information with third parties for marketing purposes without your prior consent. To request access to, correction of, or updates to your information, or to submit a privacy complaint, please contact us using the details in the Contact section above.

Mexico

To the extent Mexican privacy law applies, the following additional terms apply and take precedence over conflicting provisions in this Privacy Policy. We may use your Personal Data for the purposes described in the “How We Use Personal Data” section, including purposes that may be considered secondary under Mexican law. We do not use or disclose personal financial or payment information except as necessary for payment processing or where another legal basis applies. You may withdraw your consent for certain processing by contacting us. In some cases, withdrawal of consent may affect our ability to provide the Service, although we may continue processing where permitted by law.

We may also share information with customers, partners, affiliates, joint marketing partners, and other business partners for the purposes described in this Privacy Policy, including warranty, maintenance, troubleshooting, and product improvement.

In addition to the rights set out elsewhere in this Privacy Policy, you may request access, correction, cancellation, objection, or withdrawal of consent by contacting us. We will respond within the time required by law, generally within 20 business days of receiving a complete request.

Japan

We comply with applicable Japanese laws and regulations, including the Act on the Protection of Personal Information. Where Personal Data is jointly used with affiliates or third parties, the Company is primarily responsible for its management. We do not provide information to third parties for marketing purposes without prior consent.

Republic of Korea

Where required by Korean law, Personal Data will be securely deleted without delay when: consent is withdrawn; the purpose of collection and use has been fulfilled; or the applicable retention period has expired. If law requires retention, the data will be moved to a separate database and retained only for the required period before deletion. We use deletion methods designed to prevent restoration or reuse of deleted data. We do not provide Personal Data to third parties in violation of applicable law, including without consent where consent is required.

For services provided in the Republic of Korea, the Company or its affiliates are responsible for handling Personal Data in accordance with applicable law.