Privacy Policy

Effective Date: June 8, 2024

Last Updated: June 8, 2024

1. Introduction and Scope

This Privacy Policy ("Policy") describes how OutThink, Inc. ("OutThink," "we," "us," or "our") collects, uses, processes, and discloses information when you use our cognitive workflow intelligence platform and related services (collectively, the "Services"). This Policy applies to all users of our Services and governs your use of our platform accessible at outthink.pro and associated applications.

Geographic Availability and Jurisdiction

IMPORTANT NOTICE: The OutThink Services are currently available exclusively to users located within the United States. We do not offer our Services to individuals or entities located outside the United States, including but not limited to users in the European Union, United Kingdom, or other international jurisdictions. By accessing or using our Services, you represent and warrant that you are located within the United States and are subject to United States jurisdiction.

If you are located outside the United States, you are prohibited from accessing or using the Services. We reserve the right to implement technical measures to prevent access from non-U.S. locations and may terminate accounts that violate this geographic restriction.

Age Restrictions

The Services are intended for use by individuals who are at least eighteen (18) years of age. We do not knowingly collect personal information from individuals under eighteen years of age. If we become aware that we have collected personal information from an individual under eighteen, we will take steps to delete such information promptly. If you believe we have collected information from someone under eighteen, please contact us immediately at legal@outthink.pro.

2. Information We Collect

We collect information you provide directly to us, information we obtain automatically when you use our Services, and information from third-party sources as described below.

2.1 Information You Provide to Us

Account Information: When you create an account, we collect your email address, password, and any profile information you choose to provide, including your name and organizational affiliation.

Workflow and Content Data: We collect all information you input into our platform, including but not limited to:

  • Visual workflows, decision frameworks, and cognitive process templates you create
  • Content, data, and information you input into workflow blocks for processing
  • Questions, prompts, and instructions you provide to artificial intelligence models
  • Comments, annotations, and metadata associated with your workflows
  • Files, documents, and data you upload or import into the platform

Collaboration Data: When you use collaborative features, we collect information about:

  • Shared workflows and templates
  • Team and workspace memberships and permissions
  • Communication and interaction data within shared workspaces
  • Access logs and collaboration history

MCP Integration Data: When you connect external data sources through Model Context Protocol (MCP) integrations, we collect:

  • Connection metadata and configuration information
  • Authentication tokens and access credentials (encrypted)
  • Data accessed from your connected sources during workflow execution
  • Logs of MCP server interactions and data flows

Communications: We collect information when you communicate with us, including support requests, feedback, survey responses, and any other correspondence.

Payment Information: If you purchase premium services, our payment processors collect billing information including credit card details, billing address, and transaction history. We do not store complete payment card information on our servers.

2.2 Information We Collect Automatically

Usage Analytics: We automatically collect information about how you use our Services, including:

  • Feature usage patterns and frequency
  • Workflow creation and execution statistics
  • Artificial intelligence model preferences and usage
  • Time spent on various platform features
  • Error logs and performance metrics

Technical Information: We collect technical data including:

  • IP address and geographic location (limited to verifying U.S. location)
  • Device information including browser type, operating system, and device identifiers
  • Referring URLs and pages visited before and after using our Services
  • Session information and authentication logs

Cookies and Tracking Technologies: We use cookies, web beacons, and similar tracking technologies to collect information about your use of our Services. This includes:

  • Essential cookies required for platform functionality
  • Analytics cookies to understand user behavior and improve our Services
  • Preference cookies to remember your settings and choices
  • Session cookies to maintain your authenticated state

You may configure your browser to reject cookies, but this may limit your ability to use certain features of our Services.

3. How We Use Your Information

We use the information we collect for the following business and commercial purposes:

3.1 Service Delivery and Core Functionality

  • Platform Operation: To provide, maintain, and improve our cognitive workflow intelligence platform
  • Workflow Execution: To process your workflows, execute artificial intelligence model interactions, and deliver results
  • Collaboration Services: To enable sharing, collaboration, and team-based workflow development
  • Data Processing: To integrate with your selected MCP servers and process data from connected sources
  • Caching and Performance: To cache artificial intelligence model outputs for improved performance and reduced latency
  • Authentication and Security: To verify your identity, maintain account security, and prevent unauthorized access

3.2 Product Development and Improvement

  • Analytics and Insights: To analyze usage patterns, understand user preferences, and identify areas for product enhancement
  • Feature Development: To develop new features and improve existing functionality based on user behavior and feedback
  • Quality Assurance: To monitor platform performance, identify bugs, and ensure service reliability
  • Research and Development: To advance our cognitive workflow intelligence capabilities and artificial intelligence integration

3.3 Communication and Support

  • Customer Support: To respond to your inquiries, provide technical assistance, and resolve service issues
  • Service Communications: To send important updates about our Services, including security notices and policy changes
  • Marketing Communications: To send promotional materials and product updates (with your consent where required)

3.4 Legal and Business Operations

  • Legal Compliance: To comply with applicable laws, regulations, and legal processes
  • Terms Enforcement: To enforce our Terms of Service and other agreements
  • Business Transfers: To facilitate potential business transactions including mergers, acquisitions, or asset sales
  • Risk Management: To detect, prevent, and address fraud, security threats, and other harmful activities

4. Information Sharing and Disclosure

We may share your information in the following circumstances:

4.1 Third-Party Artificial Intelligence Providers

When you use our Services, certain information may be shared with third-party artificial intelligence providers based on your selections and workflow configurations:

Default AI Providers: We currently integrate with OpenAI and Anthropic as default artificial intelligence providers. When you use workflows that utilize these providers, the prompts and content from your workflow blocks are transmitted to these services for processing. These providers are subject to their own privacy policies and terms of service.

User-Provided AI Models: When you configure custom artificial intelligence endpoints or bring your own models, information may be transmitted to those services based on your configuration. We do not control the privacy practices of user-provided AI services.

Data Minimization: We implement measures to share only the minimum information necessary for artificial intelligence processing, typically limited to specific prompts and content from individual workflow blocks.

4.2 Service Providers and Business Partners

We may share information with trusted service providers who assist us in operating our platform and delivering our Services, including:

  • Infrastructure Providers: Cloud hosting, database, and content delivery network services
  • Analytics Providers: Services that help us understand user behavior and improve our platform
  • Payment Processors: Third-party services that process billing and payment transactions
  • Security Providers: Services that help protect our platform and user data from threats
  • Communication Services: Email and messaging services for customer communications

These service providers are contractually bound to protect your information and use it only for the specific purposes we authorize.

4.3 Community and Collaboration Features

Template Sharing: When you choose to publish workflow templates to our community library, the templates and associated metadata become publicly accessible to other users. You control which workflows are made public through your privacy settings.

Team Collaboration: Information is shared with members of teams and workspaces you join or create, including shared workflows, collaboration history, and workspace communications.

4.4 Legal Requirements and Business Transfers

We may disclose your information when required by law or when we believe disclosure is necessary to:

  • Comply with legal obligations, court orders, or government requests
  • Protect our rights, property, or safety, or that of our users or the public
  • Investigate potential violations of our Terms of Service
  • Prevent fraud, security threats, or other harmful activities

In the event of a merger, acquisition, bankruptcy, or other business transaction, your information may be transferred to the acquiring entity, subject to this Privacy Policy or a substantially similar policy.

5. Data Storage, Security, and Retention

5.1 Data Storage Location

All user data is stored exclusively on servers located within the United States. We do not transfer, store, or process personal information outside of U.S. jurisdiction. Our primary data centers are operated by reputable cloud service providers with robust security and compliance certifications.

5.2 Security Measures

We implement comprehensive security measures to protect your information, including:

Encryption: All data is encrypted in transit using industry-standard TLS protocols and encrypted at rest using AES-256 encryption or equivalent standards.

Access Controls: We maintain strict role-based access controls, ensuring that only authorized personnel can access user data for legitimate business purposes.

Isolation: Workflow executions and artificial intelligence processing occur in isolated environments to prevent unauthorized access or data leakage.

Monitoring: We continuously monitor our systems for security threats, unauthorized access attempts, and unusual activity patterns.

Regular Audits: We conduct regular security assessments and audits to identify and address potential vulnerabilities.

5.3 Data Retention and Deletion

Active Accounts: We retain your information for as long as your account remains active and as necessary to provide our Services.

Account Deletion: When you delete your account, we will delete your personal information and workflow data within thirty (30) days, except where longer retention is required by law or for legitimate business purposes such as:

  • Resolving disputes or enforcing agreements
  • Complying with legal obligations
  • Maintaining security and preventing fraud

Cached Data: Artificial intelligence model outputs and cached results are retained to improve performance but are deleted in accordance with our data retention schedule or when you delete your account.

Backup Systems: Information may persist in backup systems for up to ninety (90) days after deletion for disaster recovery purposes, after which it is permanently purged.

6. Your Rights and Choices

6.1 Account Management

Access and Updates: You may access, review, and update your account information and profile settings through your account dashboard.

Workflow Management: You have full control over your workflows, including the ability to create, modify, share, and delete workflow templates.

Privacy Settings: You can control the visibility and sharing settings for your workflows and templates through your privacy preferences.

6.2 Data Rights

Data Export: You may request a copy of your personal information and workflow data in a machine-readable format by contacting us at legal@outthink.pro.

Account Deletion: You may delete your account at any time through your account settings or by contacting customer support. Account deletion will result in the permanent removal of your data as described in our retention policy.

Correction: If you believe any information we hold about you is inaccurate or incomplete, you may request corrections by contacting us.

6.3 Communication Preferences

Marketing Communications: You may opt out of promotional emails by following the unsubscribe instructions in those communications or updating your preferences in your account settings.

Service Communications: Certain communications related to your account security, service updates, and important policy changes cannot be opted out of while you maintain an account.

6.4 Cookie Controls

You can control cookies through your browser settings and choose to accept, reject, or receive notifications about cookies. Note that disabling certain cookies may limit your ability to use some features of our Services.

7. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes to this Policy, we will:

  • Update the "Last Updated" date at the top of this Policy
  • Provide notice through our Services or by email to your registered email address
  • Obtain your consent where required by applicable law

We encourage you to review this Policy periodically to stay informed about our privacy practices. Your continued use of our Services after changes become effective constitutes acceptance of the updated Policy.

8. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

Email: legal@outthink.pro

For data protection inquiries or to exercise your privacy rights, please include "Privacy Request" in your email subject line and provide sufficient detail for us to understand and respond to your request.

We will respond to privacy-related inquiries within thirty (30) days of receipt, or as otherwise required by applicable law.

This Privacy Policy is part of our Terms of Service and is incorporated by reference into that agreement. Capitalized terms not defined in this Policy have the meanings given in our Terms of Service.