Privacy Policy

Last Updated: December 25, 2024

Quick Overview

This Privacy Policy explains how Yah Technologies, LLC ("YTIAAS", "we", "us", "our") collects, uses, shares, and protects information when you use our infrastructure automation platform and related services. We are committed to protecting your privacy and complying with applicable data protection laws including GDPR and CCPA.

1. Information We Collect

1.1 Information You Provide Directly

  • Account Registration: Name, email address, company name, job title, phone number
  • Authentication: Google OAuth profile information (email, name, profile picture)
  • Payment Information: Credit card details, billing address (processed by Stripe)
  • Service Configuration: Infrastructure settings, deployment configurations, API keys
  • Communications: Support tickets, feedback, survey responses
  • Professional Information: Company size, industry, use cases

1.2 Information Collected Automatically

  • Usage Data: Features used, frequency of use, performance metrics
  • Device Information: IP address, browser type, operating system, device identifiers
  • Log Data: Access times, pages viewed, errors encountered, API calls
  • Cookies and Tracking: Session cookies, authentication tokens, preferences
  • Infrastructure Metrics: Deployment statistics, resource usage, system health

1.3 Information from Third Parties

  • OAuth Providers: Profile information from Google when you authenticate
  • Payment Processors: Transaction confirmations from Stripe
  • Analytics Services: Aggregated usage patterns and trends
  • Public Sources: Company information from public databases

2. Legal Basis for Processing (GDPR)

We process personal data under the following legal bases:

  • Contract Performance: To provide our services and fulfill our agreement with you
  • Legitimate Interests: To improve our services, ensure security, and prevent fraud
  • Consent: For marketing communications and optional features
  • Legal Obligation: To comply with laws, regulations, and legal processes
  • Vital Interests: To protect life or physical safety in emergencies

3. How We Use Your Information

3.1 Service Delivery

  • Create and manage your account
  • Provide infrastructure automation services
  • Process payments and manage subscriptions
  • Send service-related notifications
  • Provide customer support

3.2 Service Improvement

  • Analyze usage patterns to enhance features
  • Develop new functionalities
  • Optimize performance and reliability
  • Conduct research and analytics

3.3 Communication

  • Send product updates and announcements
  • Share educational content and best practices
  • Marketing communications (with consent)
  • Respond to inquiries and requests

3.4 Safety and Security

  • Detect and prevent fraud
  • Monitor for security threats
  • Enforce our terms of service
  • Protect against malicious activity

4. Information Sharing and Disclosure

We do not sell, rent, or trade your personal information. We share data only in these circumstances:

4.1 Service Providers

  • Infrastructure: Cloud hosting providers (AWS, DigitalOcean)
  • Payment Processing: Stripe for payment transactions
  • Communication: Email service providers
  • Analytics: Usage analytics services
  • Support: Customer support tools

4.2 Legal Requirements

  • Comply with legal obligations
  • Respond to lawful requests from authorities
  • Protect rights and safety
  • Enforce our agreements

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred with prior notice.

5. Your Privacy Rights

5.1 Rights Under GDPR (European Users)

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion ("right to be forgotten")
  • Restriction: Limit processing of your data
  • Portability: Receive data in a portable format
  • Object: Object to certain processing activities
  • Withdraw Consent: Withdraw previously given consent
  • Complaint: Lodge a complaint with supervisory authorities

5.2 Rights Under CCPA (California Residents)

  • Know: Information about data collection and use
  • Delete: Request deletion of personal information
  • Opt-Out: Opt-out of sale (we don't sell data)
  • Non-Discrimination: Equal service regardless of privacy choices
  • Authorized Agent: Designate an agent to make requests

5.3 How to Exercise Your Rights

Contact us at privacy@ytinfra.tech or through our Privacy Request Form. We will respond within 30 days (45 days for complex requests).

6. Data Security

We implement comprehensive security measures:

  • Encryption: TLS/SSL for data in transit, AES-256 for data at rest
  • Access Controls: Role-based access, multi-factor authentication
  • Infrastructure: Secure data centers, regular security audits
  • Monitoring: 24/7 security monitoring, intrusion detection
  • Compliance: SOC 2 Type II, ISO 27001 standards
  • Incident Response: Established breach notification procedures

7. Data Retention

  • Active Accounts: Retained while account is active
  • After Termination: 90 days for data recovery
  • Backups: Up to 180 days in secure backups
  • Legal Requirements: As required by law or litigation holds
  • Anonymized Data: May be retained indefinitely for analytics

8. International Data Transfers

Your data may be processed in the United States and other countries. We ensure appropriate safeguards:

  • Standard Contractual Clauses (SCCs) for EU data
  • Privacy Shield principles (where applicable)
  • Adequate security measures regardless of location
  • Compliance with local data protection laws

9. Cookies and Tracking Technologies

9.1 Types of Cookies We Use

  • Essential: Authentication, security, load balancing
  • Functional: User preferences, language settings
  • Analytics: Usage patterns, performance metrics
  • Marketing: Campaign effectiveness (with consent)

9.2 Managing Cookies

You can control cookies through browser settings. Note that disabling certain cookies may limit functionality.

10. Third-Party Links

Our service may contain links to third-party websites. We are not responsible for their privacy practices. Please review their privacy policies before providing personal information.

11. Children's Privacy

YTIAAS is not intended for users under 18 years of age. We do not knowingly collect information from children. If we discover we have collected data from a child, we will promptly delete it.

12. California Privacy Rights

California Shine the Light Law

California residents may request information about disclosure of personal information to third parties for marketing purposes.

Do Not Track Signals

We do not currently respond to Do Not Track signals as there is no industry standard.

13. Updates to This Policy

We may update this privacy policy to reflect changes in our practices or legal requirements. We will notify you of material changes via email or service notification. Continued use after changes constitutes acceptance.

14. Data Protection Officer

Contact Our Privacy Team

Email: privacy@ytinfra.tech

Data Protection Officer: dpo@ytinfra.tech

Address: Yah Technologies, LLC

332 Ave B SW, Suite 103-7

Winter Haven, FL 33880

15. Supervisory Authorities

If you are not satisfied with our response, you may contact:

  • EU: Your local Data Protection Authority
  • UK: Information Commissioner's Office (ICO)
  • California: California Privacy Protection Agency
  • Other: Your regional privacy regulator

Your Privacy Matters

We are committed to protecting your privacy and giving you control over your data. If you have questions or concerns, please don't hesitate to contact us.

Contact Support