Privacy Policy.

1. Introduction and Scope

FluxAI US INC ("FluxAI," "we," "us," or "our") is committed to protecting your privacy and maintaining the confidentiality of your data. This Privacy Policy describes our information practices for the FluxAI Enterprise platform and related services ("Services").

2. Data Sovereignty Model

2.1 On-Premises Deployment

Your Data Never Leaves Your Environment:

• All AI processing occurs entirely within your own infrastructure
• No data transmission to external servers or cloud services
• Complete air-gapped operation available for maximum security
• Limited and secured VPN connectivity required only for software updates and licensing validation (with explicit consent)

2.2 What We DO NOT Collect

• Your business data, documents, or AI processing inputs/outputs
• User-generated content or conversation data
• Detailed usage analytics or behavioral data
• Any data that could be used for service improvement or AI training

2.3 What We DO Collect (Minimal Administrative Data Only)

• License validation information
• Basic system health metrics (anonymized)
• Critical error logs (no sensitive data included)
• Software update status

3. Information We Collect

3.1 Account and Administrative Information

• Name, email address, organization name, job title
• Authentication credentials and access permissions
• Billing information (processed by third-party payment processors or via invoice)
• Support communications and service requests

3.2 Technical Information

• IP addresses and basic network information
• Browser type, device information, system configurations
• Error logs and security event logs (sanitized of sensitive data)

4. How We Use Information

We use collected information solely to:

• Validate licensing and service entitlements
• Provide essential customer support
• Deliver critical security updates
• Process payments and manage accounts
• Comply with legal obligations

5. Information Sharing and Disclosure

Limited non-sensitive administrative data may be shared only for:

• Payment processing (billing information only)
• Legal compliance requirements
• Critical security incident response

6. Data Security

6.1 Security Measures

• End-to-end encryption for data in transit and at rest
• Multi-factor authentication and role-based access controls
• Regular security audits and penetration testing
• Employee security training and background checks
• Incident response and breach notification procedures

6.2 On-Premises Additional Security

• Complete network isolation options
• Customer-controlled encryption keys
• Audit trails for all system access
• OS-level disk encryption

7. Compliance Certifications

FluxAI Enterprise is designed to support:

• HIPAA (Health Insurance Portability and Accountability Act)
• GDPR (General Data Protection Regulation)
• SOC 2 Type II
• ISO 27001
• FedRAMP considerations
• Industry-specific data residency requirements

8. Data Retention

• Administrative data retained only for active service period
• All customer data remains under your complete control
• Immediate data deletion available upon request

9. Your Privacy Rights

Depending on your location, you have rights including:

• Access: Request copies of your personal information
• Correction: Request correction of inaccurate information
• Deletion: Request deletion of your personal information
• Portability: Request transfer of your information
• Restriction: Request limitation of processing
• Objection: Object to certain types of processing

On-Premises customers have enhanced control over all data processing activities.

10. Children's Privacy

Our Services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from children.

11. Changes to This Policy

We will notify you of material changes by email or through our platform. For on-premises customers, we will provide advance notice of any changes that might affect compliance status.

12. Contact Information

For privacy-related questions, requests, or concerns, please contact us at: