GuideAI Privacy Policy
Last Updated: December 24, 2025
GuideAI Technologies, Inc. ("GuideAI," "we," "our," or "us") respects your privacy and is committed to protecting the information you entrust to us. This Privacy Policy explains how we collect, use, process, and safeguard information in connection with our real-time AI guidance platform (the "Service").
GuideAI is designed to minimize data collection and storage. Our system processes information transiently and does not retain customer workflow data beyond what is necessary to provide the Service.
1. Scope
This Privacy Policy applies to:
- Visitors to our website
- Customers and users of the GuideAI platform
- Business partners and prospects
It does not apply to third-party services that you may access through integrations.
2. Information We Collect
A. Workflow & Screen Data (Processed Ephemerally)
To provide real-time AI guidance, GuideAI temporarily processes:
- HTML structure and DOM elements
- Page layout information
- User interface metadata
- Click interactions and navigation flows
- On-screen content necessary to generate navigation guidance
This data is:
- Processed in real time
- Not permanently stored
- Not used for training generalized AI models
- Not sold or shared for marketing purposes
We do not intentionally collect sensitive personal information unless it is present in the workflow being processed by the end user.
B. Account & Administrative Information
For business and operational purposes, we may collect:
- Name
- Work email address
- Company name
- Support communications
This information is retained only as long as necessary for contractual, legal, and operational obligations.
C. Automatically Collected Technical Data
We may collect limited technical data such as:
- IP address
- Device type
- Browser type
- Log data related to system performance and security
This data is used solely for:
- Security monitoring
- Fraud prevention
- Debugging
- Service performance optimization
3. How We Use Information
We use information to:
- Deliver real-time AI navigation guidance
- Maintain security and system integrity
- Provide customer support
- Meet legal and regulatory obligations
- Improve system reliability and performance
We do not sell, rent, or trade personal information.
4. Data Retention
GuideAI follows a strict data minimization approach:
- Workflow and screen data are processed transiently and not retained.
- System logs are retained only as long as necessary for security and operational monitoring.
- Account data is retained for the duration of the business relationship and as required by law.
When retention periods expire, data is securely deleted.
5. Security & SOC 2 Alignment
GuideAI implements administrative, technical, and physical safeguards aligned with SOC 2 Trust Services Criteria, including:
- Encryption in transit (TLS 1.2 or higher)
- Encryption at rest for stored data
- Role-based access controls (RBAC)
- Least-privilege access policies
- Multi-factor authentication (MFA) for internal systems
- Continuous security monitoring and logging
- Secure software development lifecycle (SDLC) practices
- Regular vulnerability assessments
- Vendor risk assessments
Access to customer data is restricted to authorized personnel with a legitimate business need.
6. Confidentiality
GuideAI treats all workflow and business data as confidential. We do not:
- Sell user data
- Use customer data for advertising
- Share data with third parties except as required to provide the Service
All subprocessors are contractually required to maintain confidentiality and appropriate security controls.
7. Subprocessors & Third-Party Services
We may use trusted third-party providers for:
- Cloud infrastructure
- Generative AI processing
- Monitoring and analytics
These providers process data solely to deliver contracted services and are bound by data protection agreements.
8. International Data Transfers
If data is transferred outside your jurisdiction, we implement appropriate safeguards such as:
- Standard Contractual Clauses (SCCs)
- Data processing agreements
- Vendor compliance certifications
9. Your Privacy Rights
Depending on your jurisdiction (including GDPR and CCPA/CPRA), you may have the right to:
- Access your personal data
- Correct inaccurate data
- Request deletion
- Restrict processing
- Object to processing
- Request data portability
To exercise these rights, contact us at:
We will respond in accordance with applicable law.
10. GDPR Compliance
GuideAI processes data under the following lawful bases:
- Performance of a contract
- Legitimate interests (e.g., service security and reliability)
- Legal obligations
Because workflow data is processed ephemerally and not retained, long-term personal data storage risk is minimized.
11. California Privacy Rights (CCPA/CPRA & CalOPPA)
GuideAI:
- Does not sell personal information
- Does not share personal information for cross-context behavioral advertising
- Honors applicable California privacy rights
California residents may submit privacy requests via phil@getguide.ai.
12. Children's Privacy (COPPA)
GuideAI is not directed toward children under 13 and does not knowingly collect personal data from children.
13. Availability & Processing Integrity
We maintain controls designed to:
- Ensure system uptime and reliability
- Prevent unauthorized modification of data
- Detect and respond to security incidents
In the event of a confirmed data breach, we will notify affected customers in accordance with applicable laws.
14. Incident Response
GuideAI maintains an incident response program designed to:
- Detect and investigate security incidents
- Contain and remediate vulnerabilities
- Notify affected parties as required
15. Changes to This Policy
We may update this Privacy Policy periodically. Material changes will be communicated through our website or direct notification where appropriate.
16. Contact Information
GuideAI Technologies, Inc.
Email: phil@getguide.ai
If you have questions about this Privacy Policy or our security practices, please contact us.