1. INTRODUCTION

1.1. Purpose of this Policy

This Privacy Policy describes how CodeDesign Inc. (“Company”, “we”, “our”, or “us”) collects, uses, discloses, and protects your personal information when you use the Intervo.ai platform (the “Platform”), including all associated products, services, websites, applications, documentation, and open-source software components.

1.2. Scope and Applicability

This Policy applies to all users globally, including users from the United States (including California under CCPA/CPRA), the European Union and EEA (under GDPR), Canada (under PIPEDA), India (under the Digital Personal Data Protection Act, 2023), and other applicable jurisdictions. It applies to data collected from:

  • Visitors to our website (https://intervo.ai)
  • Registered users of the Platform (SaaS or self-hosted)
  • End users of AI agents deployed using the Intervo platform
  • Contributors to our open-source repositories and communities

1.3. Identity of the Data Controller

For the purposes of applicable data protection laws, CodeDesign Inc. is the controller of personal data processed via the Intervo.ai Platform unless stated otherwise.

1.4. Role of Platform Users (Admins, Developers, End Users)

Depending on the use case:

  • SaaS Users: CodeDesign Inc. is the processor of data generated by agents deployed by registered users.
  • Self-hosted Users: The hosting entity is solely responsible as the controller of any personal data processed on their instance.
  • End Users: Individuals who interact with agents deployed using the Platform.
  • Contributors: Individuals who participate in the development of the open-source software.

2. DEFINITIONS

  • Personal Data: Any information relating to an identified or identifiable natural person.
  • Processing: Any operation performed on Personal Data.
  • Controller: Entity determining purposes and means of processing.
  • Processor: Entity processing personal data on behalf of the Controller.
  • Data Subject: Individual whose personal data is processed.
  • Platform: Software, APIs, tools, agents, and UI of Intervo.ai.
  • User: Any entity accessing the Platform.
  • End User: Individuals interacting with deployed AI agents.
  • Sensitive Personal Data: Data subject to specific conditions (e.g., biometric, health).
  • Cookies: Small data files placed on devices by websites.
  • Open-Source Contribution: Public contributions to the Platform’s repositories.

3. TYPES OF DATA COLLECTED AND HOW

Personal Data from Users

  • Contact Information
  • Account Information
  • Payment and Billing Information
  • Communication Data
  • User-Generated Content

Automatically Collected Data

  • Log and Usage Data
  • Device Identifiers and Metadata
  • Cookies and Tracking Technologies

Data from AI Agents

  • End User Interaction Data
  • Agent Configuration and Workflow Data

Open-Source Repository Data

  • Profile Information
  • Contribution Metadata

Third-Party Integrations

Data from integrations (e.g., Twilio, Stripe) subject to respective policies.

Children’s Data

No intentional collection from children under 13 without parental consent.

  • Consent: Obtained explicitly for specific activities.
  • Contractual Necessity: For contracts and providing services.
  • Legal Obligation: Complying with laws and regulations.
  • Legitimate Interests: Platform security, user experience, analytics.
  • Vital Interests/Public Interest: Protecting vital interests or performing tasks of public interest.
  • International Transfers: Compliance with cross-border mechanisms (SCCs, adequacy decisions).

5. HOW WE USE PERSONAL INFORMATION

  • User registration and identity management
  • Platform access and integrations
  • Fraud prevention and compliance enforcement
  • Communication (alerts, marketing)
  • Legal and regulatory compliance
  • Community contributions and transparency

6. DISCLOSURE AND SHARING

  • With service providers and affiliates
  • For legal obligations and enforcement
  • Strategic transactions (mergers, acquisitions)
  • Cross-border data transfers under safeguards

7. INTERNATIONAL DATA TRANSFERS

  • Adequate protection mechanisms for global transfers (SCCs, IDTA)
  • Compliance with GDPR, DPDPA, LGPD, CPRA

8. DATA RETENTION POLICY

  • Retention only as long as necessary (typically up to 7 years)
  • Data securely deleted upon expiry or valid erasure request

9. COOKIES AND TRACKING TECHNOLOGIES

  • Use of essential, functional, performance, and marketing cookies
  • Cookie consent management provided

10. USER RIGHTS

Rights under GDPR, CPRA, DPDPA, LGPD, PIPEDA include access, correction, erasure, and portability.

11. EXERCISING YOUR RIGHTS

Requests handled via email (support@intervo.ai) within legal timelines.

12. DATA SECURITY

Comprehensive safeguards (encryption, access controls, regular audits).

13. AI AND AUTOMATED PROCESSING DISCLOSURE

Transparent use of AI with human oversight and consent.

14. CHILDREN’S PRIVACY

Compliance with child privacy laws; immediate action upon discovering unauthorized data.

15. OPEN-SOURCE COMMUNITY NOTICE

Public collaboration; caution with sensitive data in public forums.

Responsibility of users to review third-party policies; no endorsement implied.

17. CHANGES TO THIS POLICY

Updates clearly communicated; continued use implies acceptance.

18. CONTACT INFORMATION

19. SUPPLEMENTAL JURISDICTION-SPECIFIC DISCLOSURES

Specific rights under CCPA/CPRA, GDPR, DPDPA, PIPEDA, and other relevant laws.