Privacy Policy

VSaaS.ai ("we", "our", or "the Platform") is committed to protecting the privacy and personal data of our users, clients, and any individuals captured by video analytics systems. This Privacy Policy explains how we collect, use, store, and delete personal information in compliance with applicable data protection laws, including Chile's Law No. 19,628, Mexico's Federal Law on Protection of Personal Data, the EU's General Data Protection Regulation (GDPR), and other relevant international regulations.

By using our services, you agree to the practices we've outlined in this policy. If you don't agree with any of these practices, please don't use our services.

We collect the following types of data:

Account & Registration Data: Your name, email, company, job title, phone number, and address provided when you create an account or request a demo.

Video Analytics Data: Images and video captured by cameras connected to the Platform, including detection metadata (e.g., objects, events, coordinates, timestamps). Our AI models process this data to generate analytics.

Biometric Data: When a client enables facial recognition or face matching features, the Platform processes biometric data (facial vectors). This data is used exclusively for the service the client has contracted and is subject to enhanced security protections.

Usage Data: Information about how you interact with our platform, such as pages visited, features used, configurations, and other usage patterns.

Technical Data: Your IP address, browser type, operating system, device information, connection data, and error logs.

We use the data we collect to:

Provide Our Services: Process video streams, generate real-time detections, manage events, and deliver the analytics and tools you've subscribed to.

Improve Our Platform: Analyze usage patterns to enhance the platform, optimize our AI models, and develop new features.

Communicate with You: Send service notifications, security alerts, product updates, and respond to your support inquiries.

Ensure Legal Compliance: Comply with our legal obligations, respond to lawful requests, and protect our rights and the rights of our users.

Maintain Security: Detect and prevent fraud, unauthorized access, and other malicious activities.

90-Day Automatic Deletion Policy: All video analytics data (including images, video clips, and detection events) is automatically and permanently deleted 90 days after it '''s created. This is our standard policy for all plans unless a client has purchased an extended retention plan.

Biometric Data: Facial vectors and other biometric data are deleted immediately when a client deactivates the facial recognition feature, or within a maximum of 30 days after their contract ends.

Account Data: We keep your registration data as long as your account is active. When an account is canceled, this data is deleted within 30 days, except for information we are required to keep for legal or tax purposes.

Backups: Backups are kept for a maximum of 90 additional days after the original data has been deleted. After that, they are permanently destroyed.

Right to Deletion: You can request the deletion of your personal data at any time by contacting us at [email protected]. We will process your request within 15 business days.

We implement robust technical and organizational measures to protect your data:

Encryption: All data is protected in transit with TLS 1.3 and encrypted at rest with AES-256.

Access Control: We use a Role-Based Access Control (RBAC) system and require multi-factor authentication for all administrative access.

Monitoring: Our systems are continuously monitored with intrusion detection and automated security alerts.

Certifications: Our infrastructure is compliant with ISO 27001 and SOC 2 Type II standards.

Incident Response: We have a formal incident response plan that includes notifying affected users within 72 hours of discovering a security breach, in line with GDPR and local regulations.

In accordance with applicable laws, you have the right to:

Access: Request a copy of the personal data we hold about you.

Rectification: Request the correction of inaccurate or incomplete data.

Deletion: Request the deletion of your personal data (subject to our legal retention obligations).

Restrict Processing: Request that we limit the processing of your data in certain situations.

Data Portability: Receive your data in a structured, commonly used, and machine-readable format.

Object: Object to the processing of your data for specific purposes.

Withdraw Consent: Withdraw your consent at any time. This will not affect the lawfulness of any processing that occurred before your withdrawal.

To exercise any of these rights, please contact us at [email protected]. We will respond within 15 business days.

Cloud Providers: We use leading cloud infrastructure services (AWS, Google Cloud) for data processing and storage. These providers comply with top international security and privacy standards.

AI Processing: Some AI models may be processed on specialized hardware (like NVIDIA GPUs) in certified data centers.

International Transfers: When data is transferred outside your country of origin, we ensure it receives adequate protection through Standard Contractual Clauses or equivalent data protection mechanisms.

We Don't Sell Your Data: We will never sell, rent, or share your personal data with third parties for their marketing or advertising purposes.

Legal Disclosure: We may disclose data when required by law, a court order, or to protect our rights and the safety of our users.

Our services are not intended for children under 18. We do not knowingly collect personal data from minors.

If our video analytics systems capture images of minors in public or client-authorized spaces, this data is processed only for the security or analytics purposes defined by the client and is subject to the same automatic deletion policies.

If we learn that we have collected data from a minor without the required parental consent, we will take steps to delete that information immediately.

If you have any questions about this Privacy Policy or how we handle your personal data, you can reach us at:

Data Protection Officer: [email protected] General Inquiries: [email protected] Address: Viña del Mar, Chile Website: www.vsaas.ai/contact

You may also contact the data protection authority in your jurisdiction with any complaints.