Privacy Policy

1. Introduction

This Privacy Policy explains how Albearoti Solutions Inc. ("isent", "we", "us", or "our") collects, uses, shares, and protects your personal information when you use the isent website located at isent.io (the "Site"), our applications, and our related content, products, and services (collectively, the "Service").

By using our Service, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, please do not use our Service. For information about the terms governing your use of the Service, please refer to our Terms of Service.

2. Data Controller

Albearoti Solutions Inc., a corporation incorporated under the laws of Ontario, Canada, is the data controller responsible for your personal information. If you have any questions about how we process your personal information, you can contact us at legal@isent.io.

3. Information We Collect

We collect information in three ways: information you provide directly, information collected automatically, and information from other sources.

3.1 Information You Provide

When you use our Service, create an account, or contact us, you may provide:

• Account Information: Email address, name, and profile image
• User Content: Files, data, text, images, videos, audio, and other content you upload, transmit, or share through the Service
• Transfer Information: Transfer names, sender information, recipient email addresses, and access passwords
• Portal Information: Custom branding, themes, settings, and configurations for branded upload portals
• Payment Information: Billing address and payment details (processed securely by our payment provider, Stripe)
• Preferences: Account settings, notification preferences, theme preferences, and default file expiry settings
• Communications: Messages, feedback, and correspondence when you contact our support team

3.2 Information Collected Automatically

When you use our Service, we automatically collect certain information:

• Technical Information: IP address, browser type and version, device type, operating system, and system language
• Usage Information: Pages visited, features used, files uploaded and downloaded, transfer activity, and interaction patterns
• Performance Data: Error reports, diagnostic information, and performance metrics
• Cookie Information: Data collected through cookies and similar technologies (see Section 8)
• Location Information: Approximate geographic location based on your IP address (country or city level)

3.3 Information from Other Sources

We may receive information about you from other sources:

• Payment Providers: Transaction confirmation and payment status from Stripe
• Other Users: When someone includes your email address as a transfer recipient
• Law Enforcement: Information related to legal requests or investigations

4. How We Use Your Information

We use your information for the following purposes:

4.1 Provide and Operate Our Service

• Create and manage your account
• Process file uploads and transfers
• Generate and manage download links
• Send notifications about your transfers (downloads, expiration, etc.)
• Process payments and manage your credit balance
• Provide customer support

4.2 Improve and Develop Our Service

• Analyze usage patterns to improve features and user experience
• Conduct research and development
• Test and troubleshoot new features
• Monitor and analyze trends and usage

4.3 Safety and Security

• Detect, prevent, and address fraud, abuse, and security issues
• Enforce our Terms of Service and policies
• Protect the rights, property, and safety of our users and others
• Comply with legal obligations

4.4 Communications

• Send service-related emails (login codes, transfer notifications)
• Send activity digests (if enabled in your preferences)
• Notify you about changes to our Service, Terms, or Privacy Policy
• Respond to your inquiries and support requests

5. Legal Bases for Processing (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we process your personal information based on the following legal grounds:

• Contract Performance: Processing necessary to provide our Service to you, including account management, file transfers, and payment processing
• Legitimate Interests: Processing necessary for our legitimate business interests, such as improving our Service, preventing fraud, and ensuring security, where these interests are not overridden by your rights
• Consent: Processing based on your consent, such as for optional analytics or marketing communications (you may withdraw consent at any time)
• Legal Obligations: Processing necessary to comply with applicable laws and regulations

6. How We Share Your Information

We do not sell your personal information. We share your information only in the following circumstances:

6.1 Service Providers

We work with trusted third-party service providers who help us operate our Service:

• Cloudflare: File storage and content delivery
• Stripe: Payment processing (we do not store your full payment card details)
• Resend: Email delivery for notifications and communications
• Analytics Providers: Website analytics and performance monitoring
• Error Monitoring: Application error tracking and debugging
• Customer Support: Live chat and support tools

6.2 Other Users

When you share files through our Service, recipients will see information you choose to include, such as your name, transfer name, and any messages. If you use a branded portal, portal visitors may see your custom branding and contact information.

6.3 Legal Requirements

We may disclose your information if required to do so by law or in response to valid legal requests, including:

• Court orders, subpoenas, or other legal processes
• Government or law enforcement requests
• To protect our rights, property, or safety, or that of our users or others
• To detect, prevent, or address fraud, security, or technical issues

6.4 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any change in ownership or use of your personal information.

7. Cookies and Tracking Technologies

We use cookies and similar technologies to operate our Service, remember your preferences, and understand how you use our Service.

7.1 Types of Cookies

• Essential Cookies: Required for the Service to function, including authentication and security
• Functional Cookies: Remember your preferences and settings (theme, language, etc.)
• Analytics Cookies: Help us understand how you use our Service and identify areas for improvement

7.2 Managing Cookies

Most browsers allow you to control cookies through their settings. You can typically set your browser to refuse cookies or alert you when cookies are being sent. Please note that disabling cookies may affect the functionality of our Service.

7.3 Analytics Opt-Out

You can opt out of analytics tracking through your account settings. When you opt out, we will no longer collect analytics data about your usage of the Service.

8. International Data Transfers

We are based in Canada, and your information may be processed in Canada and other countries where our service providers operate, including the United States. These countries may have data protection laws that differ from those in your country.

When we transfer personal information outside of the EEA, UK, or Switzerland, we implement appropriate safeguards to protect your information, including:

• Adequacy Decisions: Transfers to countries recognized as providing adequate data protection (including Canada)
• Standard Contractual Clauses: EU-approved contractual terms with our service providers
• Data Privacy Framework: Transfers to US providers certified under the EU-US Data Privacy Framework

9. Data Security

We implement technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit using TLS/HTTPS
• Secure authentication using one-time passwords (no password storage)
• Rate limiting to prevent brute-force attacks
• Regular security assessments and monitoring
• Access controls limiting employee access to personal information

While we take reasonable steps to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

10. Data Retention

We retain your information only as long as necessary for the purposes described in this Privacy Policy:

• User Content (Files): Automatically deleted based on your selected expiration period (3, 7, 14, or 21 days after upload)
• Account Information: Retained until you delete your account
• Login Codes: Automatically deleted after 10 minutes
• Usage Logs: Retained for billing and compliance purposes
• Payment Records: Retained as required by tax and financial regulations (typically 7 years)

When you delete your account, we will delete or anonymize your personal information within a reasonable timeframe, except where we are required to retain it for legal or regulatory purposes.

11. Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information:

11.1 Access and Portability

You can access your personal information through your account settings. You may also request a copy of your data in a portable format.

11.2 Correction

You can update your account information through your account settings. If you need assistance correcting other information, please contact us.

11.3 Deletion

You can delete your account and associated data through your account settings. Please note that we may retain certain information as required by law or for legitimate business purposes.

11.4 Object and Restrict

You may object to the processing of your personal information or request that we restrict certain processing activities. Please contact us to exercise these rights.

11.5 Withdraw Consent

Where we process your information based on consent, you may withdraw your consent at any time. This will not affect the lawfulness of processing prior to withdrawal.

11.6 Opt-Out of Analytics

You can opt out of analytics tracking through your account settings or by adjusting your browser's cookie settings.

11.7 Lodge a Complaint

If you are in the EEA, UK, or Switzerland, you have the right to lodge a complaint with your local data protection authority. In Canada, you may contact the Office of the Privacy Commissioner of Canada.

To exercise any of these rights, please contact us at legal@isent.io. We will respond to your request within the timeframe required by applicable law (typically 30 days).

12. Children's Privacy

Our Service is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at legal@isent.io, and we will take steps to delete such information.

13. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us at:

Albearoti Solutions Inc.
Email: legal@isent.io

14. Updates to This Privacy Policy

We may update this Privacy Policy from time to time. When we make changes, we will update the "Last Updated" date at the top of this page and may notify you through the Service or by email. Your continued use of the Service after any changes constitutes your acceptance of the updated Privacy Policy.