Privacy Policy

This Privacy Policy describes how Jarmin, Inc. ("Jarmin," "we," "us," or "our") collects, uses, and shares personal information when you visit our website at jarmin.ai, communicate with us, or use the products and services we provide (collectively, the "Services").

Where we process personal information on behalf of a business customer, we act as a service provider or processor and the business customer is the controller of that information. In those cases, the business customer's privacy notice and our agreement with the business customer govern, and you should direct privacy requests to that business customer in the first instance.

1. Information We Collect

We collect personal information in the following ways.

• Information you provide. We collect information you provide directly, such as your name, email address, job title, company, and other details when you create an account, contact us, or otherwise interact with the Services.
• Information collected automatically. When you access or use the Services, we may automatically collect information about your device and usage, such as IP address, browser type, operating system, referring URLs, pages viewed, and dates and times of access.
• Information from third parties. We may receive information about you from authentication providers and similar services you use to access the Services.

2. How We Use Information

We use personal information to:

• Provide, operate, maintain, and improve the Services.
• Authenticate users and manage accounts.
• Communicate with you about the Services, including support requests, security notices, and updates.
• Detect, investigate, and prevent fraud, abuse, security incidents, and other harmful activity.
• Comply with legal obligations and enforce our agreements.

3. How We Share Information

We share personal information only as described below.

• Service providers and sub-processors. We share information with third-party service providers that perform services on our behalf, such as cloud infrastructure and customer support. These providers are bound by written terms that require them to use the information only as needed to provide services to us and to maintain appropriate confidentiality and security safeguards. A current list of our sub-processors is available on request at privacy@jarmin.ai.
• Legal and safety. We may disclose information where required by applicable law, legal process, or governmental request, or where we believe disclosure is necessary to investigate, prevent, or respond to suspected illegal activity, fraud, or threats to safety.
• Business transfers. If we are involved in a merger, acquisition, financing, reorganization, or sale of assets, information may be transferred as part of that transaction.

We do not sell personal information, and we do not share personal information for cross-context behavioral advertising.

4. Artificial Intelligence and Machine Learning

The Services use artificial intelligence and machine learning to perform work on behalf of our customers. We treat data submitted to the Services by or on behalf of a business customer ("Customer Content") as confidential to that customer.

We do not use Customer Content to train, fine-tune, or improve any foundation model, or any model or feature used to provide services to other customers. Where Jarmin uses third-party AI providers to operate the Services, we contractually require those providers to process Customer Content only to provide services to Jarmin and not to retain it for their own purposes beyond what is necessary to return a response, except as required by law. Where a written agreement between you or your organization and Jarmin contains additional or stricter commitments regarding Customer Content, that agreement controls.

We may use aggregated, non-identifying operational and telemetry data — excluding Customer Content and any data from which Customer Content could be reconstructed — to operate, secure, debug, and improve the Services.

AI-generated outputs may be incorrect, incomplete, biased, or unsuitable for a particular purpose. AI features are not a substitute for human judgment or for legal, financial, medical, or other professional advice. You are responsible for reviewing outputs before relying on them or sharing them with third parties.

Our AI features are designed to support human decision-making by our customer's organization, not to make decisions that produce legal or similarly significant effects without meaningful human involvement. Where you are subject to data protection laws that provide rights in connection with automated decision-making (including the General Data Protection Regulation), you may exercise those rights through the business customer that is the controller of your information, and we will support that customer in responding to verified requests.

5. Cookies and Tracking Technologies

We use cookies and similar technologies on our website to provide essential functionality, remember preferences, and understand how the site is used. You can control cookies through your browser settings. Disabling certain cookies may affect the functionality of the website.

6. Security

We implement administrative, technical, and physical safeguards designed to protect personal information. Our practices are informed by leading industry security frameworks and include encryption in transit and at rest using industry-standard methods, access controls including multi-factor authentication for administrative access, least-privilege access principles, audit logging for privileged access, and logical separation of customer data in multi-tenant environments.

No method of transmission or storage is completely secure, however, and we cannot guarantee absolute security. In the event of a security incident affecting personal information, we will notify affected individuals or customers as required by applicable law and any applicable customer agreement.

7. Data Retention

Retention periods vary by data type and by any applicable customer agreement. For Customer Content processed on behalf of a business customer, retention is governed by the applicable customer agreement. For other personal information, we retain it only as long as needed for the purposes described in this Privacy Policy and to comply with legal obligations, resolve disputes, and enforce our agreements.

8. Children's Privacy

The Services are not directed to children under the age of 13 (or the equivalent minimum age in the relevant jurisdiction). We do not knowingly collect personal information from children. If we learn that we have collected personal information from a child, we will delete it.

9. International Data Transfers

We are headquartered in the United States, and the Services are operated from the United States. If you access the Services from outside the United States, your information may be transferred to, stored in, and processed in the United States and other countries where our service providers operate. Where required for transfers of personal data from the European Economic Area, United Kingdom, or Switzerland, we rely on appropriate safeguards such as Standard Contractual Clauses.

10. Your Privacy Rights

Depending on where you are located, you may have rights under applicable data protection laws, including the rights to:

• Know and access the personal information we hold about you.
• Correct inaccurate personal information.
• Delete your personal information.
• Restrict or object to certain processing of your personal information.
• Data portability.
• Withdraw consent where we rely on consent to process your personal information.
• Non-discrimination for exercising these rights.
• Appeal a decision we make in response to a rights request, where applicable law provides this right.
• Lodge a complaint with a supervisory authority where applicable.

To exercise these rights, contact us at privacy@jarmin.ai. We will verify your identity before responding and will respond within the time period required by applicable law.

Where the processing of personal information is governed by an agreement between Jarmin and your organization, your organization is the controller of that information and you should direct rights requests to your organization in the first instance.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. For material changes, we will provide reasonable advance notice — such as by email or in-product notice — before the changes take effect.

12. Contact

If you have questions about this Privacy Policy or how we handle personal information, contact us at privacy@jarmin.ai.