Skip to main content
SyrvAI - AI to Serve
Legal

Privacy Policy

Your privacy is fundamental to our mission. Learn how SYRV AI protects your data while delivering rapid AI prototyping services.

Last Updated: September 15, 2025

Table of Contents

1. Overview

SYRV AI, LLC ("we," "our," or "us") is committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI rapid prototyping services, website, and related applications.

Our services are designed to deliver functioning AI prototypes in 10 business days while maintaining the highest standards of data protection and privacy compliance, including GDPR, CCPA, HIPAA, and FedRAMP requirements.

By using our services, you consent to the data practices described in this policy. If you do not agree with this policy, please do not use our services.

2. Information We Collect

2.1 Personal Information

  • Contact information (name, email address, phone number, job title, company)
  • Account credentials and authentication data
  • Billing and payment information (processed through secure third-party providers)
  • Professional information relevant to AI prototyping requirements
  • Communication records and consultation notes

2.2 Business and Project Data

  • Project requirements, specifications, and use case descriptions
  • Sample data provided for prototype development (with appropriate permissions)
  • Prototype performance metrics and testing results
  • Feedback and evaluation data
  • Integration requirements and technical specifications

2.3 Technical Information

  • Device information (IP address, browser type, operating system)
  • Usage data and analytics (page views, session duration, feature usage)
  • Log files and error reports
  • Cookies and similar tracking technologies
  • API usage patterns and performance metrics

3. How We Use Your Information

3.1 Service Delivery

  • Developing and delivering AI prototypes within our 10-day framework
  • Providing consultation and strategic AI advisory services
  • Managing project workflows and communication
  • Quality assurance and testing of prototypes
  • Post-delivery support and optimization

3.2 Business Operations

  • Account management and customer support
  • Billing, invoicing, and payment processing
  • Contract management and legal compliance
  • Service improvement and optimization
  • Research and development of new capabilities

3.3 Legal and Security

  • Compliance with legal obligations and regulations
  • Security monitoring and threat detection
  • Fraud prevention and risk assessment
  • Audit trails and compliance reporting
  • Legal proceedings and dispute resolution

4. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information. We may share your information only in the following limited circumstances:

4.1 Service Providers

We may share information with trusted third-party service providers who assist in our operations, including cloud infrastructure providers, payment processors, and security services. All service providers are bound by strict confidentiality agreements.

4.2 Legal Requirements

We may disclose information when required by law, regulation, legal process, or government request, or when necessary to protect our rights, property, or safety, or that of others.

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction, subject to the same privacy protections.

4.4 Consent

We may share information with your explicit consent or at your direction.

5. Data Retention

We retain your information only as long as necessary to fulfill the purposes outlined in this policy and comply with legal obligations:

  • Account Information: Retained for the duration of your account plus 7 years for legal compliance
  • Project Data: Retained for 3 years after project completion unless longer retention is requested or required
  • Communication Records: Retained for 5 years for business and legal purposes
  • Technical Logs: Retained for 1 year unless required for security or legal purposes
  • Healthcare Data: Retained according to HIPAA requirements (minimum 6 years)
  • Government Data: Retained according to FedRAMP and agency-specific requirements

6. Security Measures

We implement enterprise-grade security measures to protect your information:

  • Encryption: AES-256 encryption at rest and TLS 1.3 in transit
  • Access Controls: Role-based access with multi-factor authentication
  • Network Security: Firewalls, intrusion detection, and DDoS protection
  • Monitoring: 24/7 security monitoring and incident response
  • Compliance: SOC 2 Type II, ISO 27001, HIPAA, and FedRAMP security controls
  • Data Isolation: Logical and physical separation of client data
  • Regular Audits: Third-party security assessments and penetration testing

8. Your Rights and Choices

8.1 GDPR Rights (EU Residents)

  • Access: Request copies of your personal data
  • Rectification: Request correction of inaccurate data
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Portability: Request transfer of your data to another service
  • Restriction: Request limitation of processing
  • Objection: Object to processing based on legitimate interests

8.2 CCPA Rights (California Residents)

  • Know: Right to know what personal information is collected
  • Delete: Right to delete personal information
  • Opt-Out: Right to opt-out of sale (we do not sell personal information)
  • Non-Discrimination: Right to non-discriminatory treatment

8.3 Exercising Your Rights

To exercise your rights, contact us at privacy@syrv.ai or use our contact form. We will respond within the timeframes required by applicable law.

9. Healthcare Data Compliance (HIPAA)

For healthcare clients, we maintain HIPAA compliance through:

  • Business Associate Agreements (BAAs): Required for all healthcare engagements
  • PHI Protection: Enhanced safeguards for Protected Health Information
  • Access Controls: Strict need-to-know access limitations
  • Audit Logging: Comprehensive logging of all PHI access
  • Breach Notification: Procedures compliant with HIPAA breach notification rules
  • Risk Assessments: Regular HIPAA security risk assessments
  • Training: HIPAA privacy and security training for all staff

10. Government Data Compliance (FedRAMP)

For government clients, we maintain FedRAMP compliance through:

  • FedRAMP Authorization: Authorized cloud service provider status
  • FISMA Controls: Implementation of required security controls
  • Continuous Monitoring: Ongoing security assessments and reporting
  • US-Only Operations: Data processing restricted to US facilities
  • Personnel Screening: Background checks for personnel with data access
  • Incident Response: Government-specific incident response procedures
  • Data Classification: Appropriate handling of sensitive government data

11. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience and analyze usage patterns:

11.1 Types of Cookies

  • Essential Cookies: Required for basic site functionality
  • Analytics Cookies: Help us understand site usage and performance
  • Preference Cookies: Remember your settings and preferences
  • Security Cookies: Protect against fraudulent activity

11.2 Cookie Management

You can control cookies through your browser settings. Note that disabling certain cookies may affect site functionality. We provide a cookie consent banner for EU visitors in compliance with GDPR requirements.

14. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes through:

  • Email notification to registered users
  • Prominent notice on our website
  • Direct communication for enterprise clients
  • Updated "Last Modified" date at the top of this policy

Your continued use of our services after such modifications constitutes acceptance of the updated policy.

15. Contact Information

For privacy-related questions, concerns, or requests, please contact us:

Privacy Officer

SYRV AI, LLC

Email: privacy@syrv.ai

Phone: +1 (555) SYRV-AI1

Address: [COMPANY ADDRESS]

EU Representative: For EU-related matters, contact our EU representative at eu-privacy@syrv.ai

Data Protection Officer: Our DPO can be reached at dpo@syrv.ai

Questions About Our Privacy Practices?

Our privacy team is here to help. Contact us for any questions about how we protect your data during our 10-day AI prototyping process.