Privacy Policy

1. Who We Are

Core Pulse ("we", "us", or "our") operates the AI-powered workspace platform accessible at core-pulse.io. We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our services.

If you have any questions or concerns about this policy or our practices, please contact us at privacy@core-pulse.io.

2. Information We Collect

2.1 Information You Provide Directly

We collect information you voluntarily provide when you use our services, including:

• Account Information: Email address and password when you create an account.
• Search Queries: The queries and prompts you submit to our AI platform.
• Uploaded Content: Documents, images, or files you upload for analysis.
• Communications: Messages you send to our support team.
• Preferences: Language settings and notification preferences.

2.2 Information Collected Automatically

When you access Core Pulse, we automatically collect certain technical information, including:

• IP address and approximate geographic location
• Browser type, version, and operating system
• Pages visited, time spent, and navigation patterns
• Device identifiers and screen resolution
• Referring URLs and exit pages
• Session duration and interaction data

2.3 Information from Third Parties

If you choose to sign in using a third-party service (such as Google or GitHub), we receive basic profile information such as your name, email address, and profile picture as permitted by your privacy settings on that service.

3. How We Use Your Information

We use the information we collect for the following purposes:

• Service Delivery: To provide, operate, and maintain the Core Pulse platform and process your AI queries.
• Account Management: To create and manage your account, authenticate your identity, and provide customer support.
• Personalisation: To tailor search results, language settings, and AI responses to your preferences.
• Product Improvement: To analyse usage patterns, identify bugs, and improve the quality of our AI models and features.
• Communications: To send transactional emails (account confirmations, password resets) and, where you have opted in, product updates and newsletters.
• Security: To detect, investigate, and prevent fraudulent or unauthorised activity.
• Legal Compliance: To comply with applicable laws, regulations, and legal obligations.

We do not sell your personal data to third parties for their own marketing purposes.

4. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on Core Pulse. Cookies are small text files stored on your device that help us remember your preferences and understand how you use our platform.

For detailed information about the specific cookies we use and how to control them, please see our Cookie Policy.

4.1 Types of Cookies We Use

• Strictly Necessary Cookies: Essential for the website to function and cannot be disabled.
• Functional Cookies: Remember your preferences such as language selection.
• Analytics Cookies: Help us understand how visitors interact with our platform.

5. How We Share Your Information

We do not sell, trade, or rent your personal information. We may share your information in the following limited circumstances:

• Service Providers: Trusted third-party vendors who assist us in operating our platform (e.g., cloud hosting, analytics, email delivery). These providers are contractually bound to protect your data.
• AI API Providers: When processing your queries, anonymised or pseudonymised data may be transmitted to AI model providers. We do not share personally identifiable information with AI providers beyond what is necessary.
• Legal Requirements: When required by law, court order, or governmental authority.
• Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction, subject to equivalent privacy protections.
• With Your Consent: For any other purpose with your explicit consent.

6. Data Retention

We retain your personal information for as long as necessary to provide our services and fulfil the purposes outlined in this policy. Specifically:

• Account Data: Retained for the duration of your account and for up to 90 days after account deletion.
• Search History: Retained for up to 12 months for registered users; anonymous queries are retained for up to 30 days.
• Uploaded Files: Deleted within 24 hours of processing unless you explicitly save them to your account.
• Log Data: Technical logs are retained for up to 90 days for security and debugging purposes.

You may request deletion of your data at any time by contacting us at privacy@core-pulse.io.

7. Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal data:

• Right of Access: Request a copy of the personal data we hold about you.
• Right of Rectification: Request correction of inaccurate or incomplete data.
• Right of Erasure: Request deletion of your personal data ("right to be forgotten").
• Right to Restrict Processing: Request that we limit how we use your data.
• Right to Data Portability: Receive your data in a structured, machine-readable format.
• Right to Object: Object to processing based on legitimate interests or for direct marketing.
• Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent.

To exercise any of these rights, please contact us at privacy@core-pulse.io. We will respond within 30 days. You also have the right to lodge a complaint with your local data protection authority.

8. Data Security

We implement industry-standard technical and organisational measures to protect your personal information against unauthorised access, alteration, disclosure, or destruction. These measures include:

• TLS/SSL encryption for all data in transit
• AES-256 encryption for data at rest
• Regular security audits and penetration testing
• Strict access controls and employee training
• Multi-factor authentication for internal systems

While we strive to protect your data, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security, but we are committed to notifying you of any breach that affects your personal data within 72 hours of becoming aware of it.

9. International Data Transfers

Core Pulse operates globally, and your data may be transferred to and processed in countries other than your country of residence, including the United States and European Union member states. When we transfer data internationally, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission or equivalent mechanisms.

10. Children's Privacy

Core Pulse is not directed to children under the age of 13 (or 16 in the European Union). We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately at privacy@core-pulse.io and we will promptly delete such information.

11. Third-Party Integrations

Our platform may integrate with or link to third-party services, including AI model providers, analytics platforms, and authentication services. This Privacy Policy does not apply to those third-party services. We encourage you to review the privacy policies of any third-party services you access through Core Pulse.

Current third-party service categories include: cloud infrastructure providers, AI model APIs, web analytics services, and email delivery services. We conduct due diligence on all third-party providers to ensure they meet our data protection standards.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify you by:

• Updating the "Last updated" date at the top of this page
• Sending an email notification to registered users
• Displaying a prominent notice on our website

Your continued use of Core Pulse after the effective date of any changes constitutes your acceptance of the updated policy.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

• Email: privacy@core-pulse.io
• Website: core-pulse.io
• Data Protection Officer: dpo@core-pulse.io