Privacy Policy

altx forms ("altx," "Company," "we," "us," or "our") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy describes how we collect, use, disclose, and protect information when you use our AI-powered enterprise form platform and related services (collectively, the "Services").

By accessing or using the Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree to this Privacy Policy, please do not use the Services.

This Privacy Policy applies to: (a) Account Holders who create forms, surveys, and other data collection instruments; (b) Respondents who submit responses to forms created by Account Holders; and (c) Visitors who browse our websites without creating an account.

1. INFORMATION WE COLLECT

1.1 Information You Provide to Us

Account Information: When you create an account, we collect your name, email address, password, organization name, and billing information (if applicable).

Form Content: We store the forms, surveys, questionnaires, and other data collection instruments you create using the Services, including questions, logic, and design configurations.

Response Data: We store responses submitted through forms you create. The content and nature of this data depends on the questions you ask.

Communications: When you contact us for support or provide feedback, we collect the content of your communications, including any attachments.

Payment Information: If you subscribe to paid plans, we collect billing details. Payment card information is processed by our third-party payment processors and is not stored on our servers.

1.2 Information Collected Automatically

Usage Data: We collect information about how you interact with the Services, including pages visited, features used, actions taken, time spent, and clickstream data.

Device Information: We collect device type, operating system, browser type and version, unique device identifiers, and mobile network information.

Log Data: Our servers automatically record information including IP address, access times, referring URLs, and system activity.

Location Information: We may infer your approximate location from your IP address. We do not collect precise geolocation data unless you explicitly enable it.

1.3 Information from Third Parties

We may receive information about you from third parties, including: (a) identity verification services; (b) analytics providers; (c) advertising partners; (d) integration partners when you connect third-party services to your account; and (e) publicly available sources.

2. HOW WE USE YOUR INFORMATION

We use the information we collect for the following purposes:

2.1 Providing and Improving the Services

• Operating, maintaining, and delivering the Services
• Processing form responses and generating analytics
• Powering AI features such as form generation, conversational analytics, and response intelligence
• Personalizing your experience and providing recommendations
• Developing new features and improving existing functionality
• Conducting research and analysis to enhance the Services

2.2 Communications

• Sending transactional messages (account verification, password resets, billing)
• Responding to your inquiries and support requests
• Sending service announcements, updates, and security alerts
• Sending marketing communications (with your consent where required)

2.3 Security and Compliance

• Detecting, preventing, and addressing fraud, abuse, and security incidents
• Enforcing our Terms of Service and Acceptable Use Policy
• Complying with legal obligations and responding to lawful requests
• Protecting the rights, property, and safety of altx, our users, and the public

3. HOW WE SHARE YOUR INFORMATION

3.1 With Your Consent

We may share your information with third parties when you explicitly direct us to do so or provide consent.

3.2 Service Providers

We engage trusted third-party service providers to perform functions on our behalf, including hosting, analytics, payment processing, customer support, and email delivery. These providers are contractually bound to use your information only for the purposes of providing services to us and are required to maintain appropriate security measures.

3.3 Business Transfers

If altx is involved in a merger, acquisition, sale of assets, or bankruptcy, your information may be transferred as part of that transaction. We will notify you of any change in ownership or use of your personal information.

3.4 Legal Requirements

We may disclose your information if required by law, legal process, or government request, or if we believe disclosure is necessary to: (a) comply with applicable laws or regulations; (b) enforce our Terms of Service; (c) protect the security or integrity of the Services; or (d) protect the rights, property, or safety of altx, our users, or the public.

4. COOKIES AND TRACKING TECHNOLOGIES

4.1 Types of Cookies We Use

We use cookies and similar tracking technologies to collect and store information. The types of cookies we use include:

• Essential Cookies: Required for basic site functionality, authentication, and security
• Preference Cookies: Remember your settings and preferences
• Analytics Cookies: Help us understand how users interact with the Services
• Marketing Cookies: Used to deliver relevant advertisements and track campaign effectiveness

4.2 Managing Cookies

You can manage your cookie preferences through our cookie consent banner or your browser settings. Please note that disabling certain cookies may affect the functionality of the Services.

5. DATA RETENTION

We retain your personal information for as long as necessary to fulfill the purposes for which it was collected, including:

• Account Information: Retained for the duration of your account plus a reasonable period thereafter for legal and business purposes
• Form and Response Data: Retained until you delete them or close your account, subject to your data export rights
• Log and Usage Data: Generally retained for up to 24 months for security and analytics purposes
• Marketing Communications: Until you unsubscribe or withdraw consent

6. DATA SECURITY

We implement industry-standard technical and organizational measures to protect your personal information, including:

• Encryption: Data is encrypted in transit using TLS 1.2+ and at rest using AES-256
• Access Controls: Strict access controls and authentication mechanisms
• Infrastructure Security: Secure data centers with physical and environmental controls
• Monitoring: Continuous security monitoring and intrusion detection
• Employee Training: Regular security awareness training for all personnel

While we strive to protect your information, no method of transmission or storage is completely secure. If you have reason to believe your account has been compromised, please contact us immediately at security@altxforms.ai.

7. INTERNATIONAL DATA TRANSFERS

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. When we transfer data internationally, we implement appropriate safeguards, including:

• Standard Contractual Clauses approved by the European Commission
• Data Processing Agreements with all service providers
• Compliance with applicable data transfer mechanisms under local laws

8. YOUR RIGHTS

Depending on your location, you may have the following rights regarding your personal information:

8.1 General Rights

• Access: Request a copy of the personal information we hold about you
• Rectification: Request correction of inaccurate or incomplete information
• Erasure: Request deletion of your personal information (subject to legal exceptions)
• Data Portability: Receive your data in a structured, machine-readable format
• Withdraw Consent: Withdraw consent at any time for processing based on consent
• Object: Object to processing of your personal information in certain circumstances

8.2 Rights for EEA/UK Residents

Under the General Data Protection Regulation (GDPR) and UK GDPR, you have additional rights including the right to restrict processing and the right to lodge a complaint with your local supervisory authority.

8.3 Rights for Indian Residents

Under the Digital Personal Data Protection Act, 2023 (DPDP Act), Data Principals have the right to access, correct, erase, and port their personal data. You also have the right to nominate an individual to exercise your rights on your behalf and to lodge grievances with the Data Protection Board of India.

8.4 Rights for California Residents

Under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), California residents have the right to know what personal information is collected, request deletion, opt out of the sale or sharing of personal information, and not be discriminated against for exercising these rights. As stated above, we do not sell your personal information.

8.5 Exercising Your Rights

To exercise any of these rights, please contact us at privacy@altxforms.ai or through your account settings. We will respond to your request within 30 days (or sooner if required by applicable law). We may need to verify your identity before processing your request.

9. ACCOUNT HOLDERS AND RESPONDENTS

9.1 Account Holder Responsibilities

If you are an Account Holder who creates forms using our Services, you are the data controller (or "Data Fiduciary" under Indian law) for the response data you collect. You are responsible for:

• Obtaining appropriate consent from respondents before collecting their data
• Providing respondents with clear information about how their data will be used
• Complying with all applicable privacy laws and regulations
• Responding to data subject requests from your respondents
• Ensuring your forms do not collect data from children without appropriate safeguards

9.2 Respondent Rights

If you are a Respondent who has submitted data through a form created using our Services, you should contact the Account Holder (the person or organization that sent you the form) to exercise your data rights. The Account Holder is the data controller for your response data. If you cannot identify or reach the Account Holder, contact us at privacy@altxforms.ai and we will assist you.

10. AI AND AUTOMATED PROCESSING

10.1 How We Use AI

Our Services include AI-powered features such as form generation, conversational analytics, response intelligence, and adaptive questioning. These features may process your data using machine learning models to provide insights and recommendations.

10.2 AI Training

We may use aggregated, anonymized, and de-identified data to improve our AI models. We do not use your identifiable personal data or response data to train AI models without your explicit consent. You may opt out of contributing to AI improvements through your account settings.

10.3 Third-Party AI Services

Some AI features may be powered by third-party AI providers. When using such features, your data may be processed by these providers in accordance with their privacy policies. We select providers that maintain appropriate data protection standards.

11. CHILDREN'S PRIVACY

The Services are not directed to individuals under the age of 16 (or the age of majority in your jurisdiction). We do not knowingly collect personal information from children. If you are an Account Holder, you must not use the Services to knowingly collect data from children without verifiable parental consent and appropriate legal safeguards.

If we become aware that we have collected personal information from a child without appropriate consent, we will take steps to delete that information. If you believe a child has provided us with personal information, please contact us at privacy@altxforms.ai.

12. JURISDICTION-SPECIFIC PROVISIONS

12.1 For Users in India

If you are located in India, the following additional provisions apply under the Digital Personal Data Protection Act, 2023 (DPDP Act):

• altx processes your personal data as a Data Fiduciary for account and platform data, and as a Data Processor for response data controlled by Account Holders
• You may exercise your rights by contacting our designated point of contact in India
• This Privacy Policy is available in English and Hindi upon request
• You may lodge complaints with the Data Protection Board of India
• Any disputes shall be subject to the exclusive jurisdiction of courts in Bangalore, Karnataka, India

12.2 For All Other Users

For users outside India, this Privacy Policy is governed by the laws of the State of Delaware, United States, without regard to conflict of law principles. Any disputes shall be resolved in accordance with the dispute resolution provisions in our Terms of Service.

13. DO NOT TRACK SIGNALS

Some browsers transmit "Do Not Track" signals to websites. Due to the lack of industry consensus on how to respond to these signals, we do not currently respond to Do Not Track signals. You can manage your cookie preferences through our cookie consent banner or your browser settings.

14. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. We will notify you of material changes by posting the updated Privacy Policy on our website and updating the "Last Updated" date. For significant changes, we will provide additional notice via email or through the Services. We encourage you to review this Privacy Policy periodically.

15. CONTACT US

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: