Privacy Policy

Your privacy is important to us. Learn how we protect your data.

PRIVACY POLICY

Productlabs Inc

Effective Date: Jan 1, 2025 | Last Updated: March 3, 2026

1. Introduction

Welcome to Productlabs Inc ("Company," "we," "us," or "our"). We are a California S-Corporation providing AI Agent Copilot products and AI consulting services to customers across the United States and globally.

This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website, use our AI Agent Copilot platform, engage our AI consulting services, or otherwise interact with us. Please read this policy carefully. By accessing or using our services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.

If you do not agree with the terms of this Privacy Policy, please discontinue use of our website and services.

2. Company Information

Productlabs Inc is the data controller responsible for your personal information.

Registered State: California, United States
Entity Type: S-Corporation
Contact for Privacy Inquiries: connect@productlabs.us
Phone: +1 (408) 676-8787
Address: 21230, Homestead Rd, #52, Cupertino, CA 95014

For any questions, requests, or concerns regarding this Privacy Policy, please contact us at the address or email above.

3. Information We Collect

We collect several categories of information depending on how you interact with us:

3.1 Information You Provide Directly

Account registration data: name, email address, username, and password
Billing and payment information: credit card details, billing address (processed via secure third-party payment processors)
Business information: company name, job title, industry, and size
Communications: messages, emails, support tickets, feedback, and survey responses you send to us
Consulting engagement data: project descriptions, business objectives, and any materials you share during AI consulting engagements

3.2 Information Collected Automatically

Usage data: pages visited, features used, time spent, and actions taken within our platform
Device and technical data: IP address, browser type and version, operating system, device identifiers
Log data: server logs including access timestamps, error logs, and diagnostic data
Cookies and tracking technologies: session cookies, persistent cookies, pixel tags, and similar technologies (see Section 9)

3.3 Information from AI Agent Interactions

Prompts, queries, and inputs submitted to AI Agent Copilot features
Outputs and responses generated by AI features during your sessions
Workflow configurations, automation sequences, and integration settings
Third-party data you connect to our platform via integrations (e.g., CRM data, documents, API responses)

3.4 Information from Third Parties

Identity and authentication data from OAuth providers (e.g., Google, Microsoft) if you use SSO
Business data from publicly available sources or data enrichment partners for consulting purposes
Payment verification data from our payment processor partners

4. How We Use Your Information

We use the information we collect for the following purposes:

4.1 Providing and Improving Our Services

To operate, maintain, and deliver our AI Agent Copilot platform and consulting services
To personalize your experience and tailor AI outputs to your preferences and use cases
To process transactions and send related information (confirmations, invoices, receipts)
To provide technical support and respond to your inquiries
To develop, test, and improve new features and services

4.2 AI Model Training and Improvement

We may use aggregated and de-identified interaction data to improve the accuracy, reliability, and performance of our AI systems. We will not use your identifiable personal data or confidential business data to train AI models without your explicit written consent.

4.3 Communications

To send transactional communications (account alerts, security notices, service updates)
To send marketing communications, where you have opted in or as permitted by applicable law
To conduct surveys, request feedback, and notify you of changes to our services or policies

4.4 Security and Compliance

To detect, investigate, and prevent fraudulent transactions, abuse, and security incidents
To comply with applicable legal obligations, court orders, or regulatory requirements
To enforce our Terms of Service and other agreements
To protect the rights, property, and safety of Productlabs Inc, our users, and the public

4.5 Analytics and Business Operations

To analyze usage trends and measure the effectiveness of our services
To conduct internal research and generate aggregated, anonymized business insights
To evaluate and improve our marketing and sales outreach

5. Legal Basis for Processing (GDPR / International Users)

For users located in the European Economic Area (EEA), United Kingdom, or other jurisdictions requiring a legal basis for data processing, we process personal data under the following legal grounds:

Contract performance: Processing necessary to provide our services as agreed in our Terms of Service
Legitimate interests: Processing for fraud prevention, security, analytics, and service improvement, where our interests do not override your rights
Consent: Processing for marketing communications, optional data sharing, and AI model training (where applicable) — you may withdraw consent at any time
Legal obligation: Processing required to comply with applicable laws and regulations

6. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

6.1 Service Providers

We share information with vetted third-party vendors who assist in operating our platform, including cloud hosting providers, payment processors, email delivery services, analytics providers, and customer support tools. These providers are contractually obligated to protect your data and use it only to perform services on our behalf.

6.2 Business Transfers

In connection with a merger, acquisition, sale of assets, or bankruptcy, your information may be transferred to a successor entity. We will notify you via email and/or prominent notice on our website before your information is transferred and becomes subject to a different privacy policy.

6.3 Legal Requirements

We may disclose your information to government authorities, law enforcement, or other parties when required by law, subpoena, court order, or similar legal process, or when we believe in good faith that disclosure is necessary to protect rights, safety, or property.

6.4 With Your Consent

We may share your information with third parties when you have given us explicit consent to do so, such as during co-marketed consulting projects or integration partnerships you authorize.

6.5 Aggregated or De-Identified Data

We may share aggregated or de-identified data that cannot reasonably be used to identify you, for research, benchmarking, or marketing purposes.

7. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law. Specifically:

Active account data is retained for the duration of your account and service relationship
AI interaction logs and session data are retained for up to 24 months, after which they are anonymized or deleted
Billing records are retained for a minimum of 7 years to comply with tax and accounting regulations
Support and communication records are retained for up to 3 years after your last interaction
You may request deletion of your personal data at any time, subject to legal retention obligations (see Section 11)

8. Data Security

We implement industry-standard administrative, technical, and physical safeguards to protect your personal information from unauthorized access, use, alteration, or destruction. These measures include:

TLS/HTTPS encryption for all data transmitted between your browser and our servers
AES-256 encryption at rest for stored personal data and AI interaction logs
Role-based access controls and multi-factor authentication for internal systems
Regular security audits, vulnerability assessments, and penetration testing
Incident response and breach notification procedures

No method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee its absolute security. In the event of a data breach that may affect your rights or freedoms, we will notify affected individuals and applicable regulatory authorities as required by law.

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our platform. Cookies are small data files placed on your device that help us recognize you, remember your preferences, and understand how you use our services.

9.1 Types of Cookies We Use

Essential cookies: Required for core platform functionality (authentication, session management, security)
Performance cookies: Used to analyze how visitors use our website and to identify areas for improvement
Functional cookies: Used to remember your preferences, language settings, and display choices
Marketing cookies: Used to deliver relevant advertisements and measure campaign effectiveness (only with your consent)

9.2 Managing Cookies

You can manage or disable cookies through your browser settings. Please note that disabling certain cookies may affect the functionality of our platform. For detailed cookie preferences, you may use our Cookie Preference Center accessible on our website footer.

10. International Data Transfers

Productlabs Inc is headquartered in California and serves customers globally. Your personal information may be transferred to, stored in, and processed in the United States or other countries that may not have the same data protection laws as your country of residence.

For transfers involving EEA/UK individuals, we rely on appropriate legal mechanisms including Standard Contractual Clauses (SCCs) approved by the European Commission, or other transfer mechanisms recognized under applicable law. Where required, we assess transfer impact and implement supplementary safeguards.

By using our services, you acknowledge that your information may be transferred internationally in accordance with this Policy.

11. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

11.1 Rights for All Users

Access: Request a copy of the personal information we hold about you
Correction: Request correction of inaccurate or incomplete personal information
Deletion: Request deletion of your personal information, subject to legal retention requirements
Portability: Request your data in a structured, commonly used, machine-readable format
Opt-out of marketing: Unsubscribe from marketing emails at any time via the unsubscribe link or by contacting us

11.2 California Residents (CCPA/CPRA)

As a California-based company serving California residents, we comply with the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA). California residents have additional rights:

Right to Know: Know what personal information is collected, used, shared, or sold
Right to Delete: Request deletion of personal information we have collected
Right to Correct: Request correction of inaccurate personal information
Right to Opt-Out of Sale/Sharing: We do not sell or share personal information for cross-context behavioral advertising
Right to Limit Use of Sensitive Personal Information: You may limit certain uses of sensitive personal information
Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights

To submit a California privacy request, contact us at connect@productlabs.us or use our designated web form. We will respond within 45 days, with an extension of up to 45 additional days where necessary.

11.3 EEA, UK, and Swiss Residents (GDPR)

If you are located in the EEA, UK, or Switzerland, you have rights under the General Data Protection Regulation (GDPR) including the right to access, rectification, erasure, restriction of processing, data portability, and to object to processing. You also have the right to lodge a complaint with your local supervisory authority.

11.4 How to Submit Privacy Requests

To exercise any of your privacy rights, please contact us at connect@productlabs.us. We may need to verify your identity before processing your request. We will respond within the timeframes required by applicable law.

12. Children's Privacy

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at connect@productlabs.us. We will take prompt steps to delete such information from our systems.

13. Third-Party Links and Integrations

Our website and platform may contain links to third-party websites or enable integrations with third-party services (e.g., Slack, Salesforce, Google Workspace). This Privacy Policy does not apply to those third-party services. We encourage you to review the privacy policies of any third-party services you access through our platform. We are not responsible for the privacy practices or content of third-party websites or services.

14. AI-Specific Privacy Disclosures

Given the nature of our AI Agent Copilot and AI consulting services, we want to be transparent about how AI systems interact with your data:

Inputs to AI features may be processed by large language model (LLM) providers such as OpenAI, Anthropic, Google Gemini among various others. We contractually require such providers to maintain data confidentiality and prohibit training on your inputs
AI-generated outputs are not reviewed by Productlabs employees as a standard practice, but may be reviewed for safety, quality assurance, or in response to reported concerns
Automated decision-making: Our AI tools provide recommendations and assistance but are not designed to make final decisions about individuals without human review in high-stakes contexts
You should avoid submitting sensitive personal information (e.g., Social Security numbers, medical records, financial account numbers) as direct inputs to AI features unless instructed otherwise

15. Changes to This Privacy Policy

We reserve the right to update this Privacy Policy at any time. When we make material changes, we will notify you by posting a prominent notice on our website, by sending an email to registered users, or both, at least 30 days before the change takes effect.

The "Last Updated" date at the top of this page reflects the most recent revision. Your continued use of our services after the effective date of the updated Privacy Policy constitutes your acceptance of the changes. We encourage you to review this Policy periodically.

16. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Productlabs Inc
Privacy and Data Compliance
Email: connect@productlabs.us
State of Incorporation: California, United States

For escalated privacy concerns or complaints that have not been resolved to your satisfaction, you may also contact your local data protection authority or, for California residents, the California Privacy Protection Agency (CPPA).