This Privacy Policy (this "Policy") should be read together with the theAI Terms of Use (the "Terms" available online at link to Terms). Capitalized terms used but not otherwise defined herein shall have the meanings ascribed to them in the Terms. In this Policy, we outline our methods for gathering, utilizing, and disclosing information about individuals who use our Platform, including any Services made available on our website located at https://theai.io/ (the "Site").

By using the Platform or any of the Services, you consent to the handling of your user data (including personal and identifiable information) as described in this Policy. Your use of the Platform or Services, along with any privacy-related disputes, is governed by this Policy (and any updates to it) as well as the Terms, which contain certain damage limitations and dispute resolution procedures.

1.Overview

At the heart of our mission and values is a strong commitment to privacy. We take all necessary measures to protect user privacy and strive to maintain the highest level of transparency in how we handle any data we collect or that you provide to us, including your personal information.

This Policy will undergo updates whenever changes occur in our privacy practices or in applicable legislation.

2.How We Protect Your Privacy

theAI employs industry-standard measures to protect against unauthorized access, alteration, disclosure, or destruction of data stored in our systems. These measures include regular internal reviews of our data collection, storage, and processing practices, alongside robust security protocols.You can report any suspicious messages or requests by contacting us at earlybird@theai.io.

3.Information We Collect

We collect information about you directly from you, automatically through your use of our Platform or Services, and from third-party sources.

A.Information We Collect Directly From You

Personal Finance Information. When you interact with the Services, we may collect personal finance information such as your annual income, expenses, saving goals, and investment summaries. This information is used exclusively to provide and improve the Services and to ensure compliance with applicable laws and regulations

Login. When you log in to our Services, we may collect your account information, such as your username, along with information you provide through third-party login services, which may include your name, age or age range, email address, and/or phone number.

B.Information We Collect Automatically

When you use our Platform and Services, we may automatically gather certain personal data through cookies and similar technologies. This data can include your IP address, user preferences, device identifiers like MAC address and cookie IDs, mobile carrier information, advertising IDs, browser or device details, approximate location based on your IP, and your internet provider.

We also collect information on how you interact with our Services and Site, such as the pages you visit, the links you click, the content you engage with, how often and how long you use the Services, general demographic information, and other usage patterns.

These tracking technologies help simplify login processes, support Site and Service functions, analyze performance and marketing, and customize your user experience. For more details about the cookies we use and their purposes, please see the "Cookies" section in this Privacy Policy.

We also employ common analytics tools to assist with these activities.

For additional details regarding theAI's use of cookies and other tracking technology, please refer to the section "Cookies" below.

C.Information We Collect From Other Sources

We may receive information about you from other sources, including third-party services and organizations. For instance, if you use our Services via a third-party application—such as an app store, a third-party login provider, or a social networking platform—we may collect data that you have shared with that third party through your privacy settings.

4.How We Use The Information We Collect

We employ the information we collect for the following purposes:

A. Provide our services

We use your information to communicate with you regarding your use of our Platform and Services, manage your account and information, provide access to the Services, respond to your questions, and offer customer support. Additionally, we utilize your data to detect and prevent security incidents, guard against malicious, deceptive, fraudulent, or illegal activities, and pursue those responsible. Your information is also used to authenticate and verify identities, troubleshoot and fix errors in our Services, and carry out audits and compliance-related activities.

B.Provide personalized services

We use your information to customize the content and information we send or show to you, provide location-based personalization and tailored assistance, and generally improve your experience when using the Platform and Services.

C.Improve and develop our services

We may use your information to ensure the proper functioning of our Platform and Services, to gain insights into how users access and interact with them—both in aggregate and individually—to make improvements, develop new features, and support other research and analytical efforts.

D.Other uses

We may use your information to enforce our Terms of Use, comply with legal requirements and processes, fulfill regulatory obligations, assert or defend legal claims, detect and prevent fraud, respond to requests from law enforcement, regulatory, or tax authorities, address security or technical problems, and protect our property, rights, and those of others.

5.How We Share The Information We Collect

We may share the information we collect to third parties in the following ways:

A.Third Parties

We might disclose Personal Information to third parties solely as described herein and in accordance with applicable data protection laws.

Service Providers (Data Processors):

We engage third-party service providers ("Processors") to perform specific processing activities necessary for the operation of our business and provision of the Services, including providers of cloud hosting and infrastructure services; information technology support and maintenance; electronic communication delivery systems; and data analytics and business intelligence services. Such Processors are contractually obligated to process Personal Information exclusively as necessary to perform the designated services for us, pursuant to our documented instructions, and are subject to strict confidentiality and data protection obligations prohibiting independent use or further disclosure of Personal Information.

Corporate Affiliates:

We may disclose Personal Information to entities within our corporate group ("Affiliates"), defined as entities controlling, controlled by, or under common control with Fortune Cookie Technologies Inc., for purposes limited to facilitating centralized administrative functions such as IT management, compliance, and financial reporting; enabling the provision of integrated services requested by the data subject where Affiliate involvement is inherent; and conducting research, development, enhancement, and support of the Services. Affiliates processing such Personal Information are bound by intra-group agreements requiring adherence to this Policy and applicable data protection standards.

Corporate Transactions:

In the event of a proposed or actual merger, acquisition, reorganization, bankruptcy, insolvency proceedings, sale of substantially all assets, or other change in corporate control involving Fortune Cookie Technologies Inc. (a "Business Transfer"), Personal Information constitutes a transferable business asset. We reserve the right to disclose and transfer Personal Information to the relevant successor entity, prospective purchaser(s), and their professional advisors. Any such successor entity shall be contractually required to assume and adhere to the terms of this Policy regarding transferred Personal Information, or shall provide data subjects with prior notice and, where legally mandated, an opportunity to consent or object before such information becomes subject to materially different processing terms.

B.To Protect Us and Others

We may disclose the information we collect from you when we believe it is necessary to investigate, prevent, or take action concerning illegal activities, suspected fraud, potential threats to anyone's safety, violations of our Terms of Use or this Policy, or as evidence in legal or regulatory investigations in which we are involved.

C.Aggregate and De-Identified Information

We may share aggregated or anonymized information about users and their interactions with the Platform and Services with third parties or make such information publicly available for purposes such as marketing, advertising, research, or similar activities. However, except as described above, we will not sell or share your personal information with any third party for their direct marketing purposes without obtaining your consent.

6.Our Use of Cookies and Other Tracking Mechanisms

We and our service providers use cookies and similar tracking technologies to collect information about your interactions with our Site and Services. This data may be combined with other information we gather from you, and our third-party providers may do so on our behalf.

Cookies are alphanumeric codes placed on your device's hard drive via your web browser to help with record-keeping. Some cookies assist in navigating our Site and using our Services, while others enable faster logins or let us track your activity.

You can control or block cookies and remove them by adjusting your browser or device settings, although doing so may affect the functionality of our Services. Please note that cookie-based opt-outs do not work on mobile apps. However, you can opt out of personalized ads on many mobile apps by following instructions specific to Android, iOS, and other platforms.

We may store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies we need your permission.

The online advertising industry also provides websites from which you may opt out of receiving targeted ads from data partners and other advertising partners that participate in self-regulatory programs. You can access these and learn more about targeted advertising and consumer choice and privacy by visiting the Network Advertising Initiative, the Digital Advertising Alliance, the European Digital Advertising Alliance, and the Digital Advertising Alliance of Canada.  

Please note you must separately opt out in each browser and on each device.

7.Third-Party Links

Our Platform and Services may include links to third-party websites. Please note that your access to and use of these external sites are not governed by this Privacy Policy but are subject to the privacy policies of those third parties. We are not responsible for the privacy practices or content of any third-party websites linked from our Platform or Services.

8.Security of Your Personal Information

We have implemented commercially reasonable safeguards to protect the information we collect, including your personal information, from loss, misuse, unauthorized access, disclosure, alteration, or destruction. However, please understand that no security measures can guarantee absolute protection. We encourage you to take responsibility for securing your password and devices, such as your phone and computer, against unauthorized access. We are not liable for any loss, theft, or compromise of passwords, nor for any unauthorized activity on your account resulting from such incidents.

9.What Rights Do I Have Regarding My Personal Information

You can ask to access, update, or delete the personal information you have submitted to us by reaching out to earlybird@theai.io. We will strive to fulfill these requests in accordance with applicable laws; however, some information might need to be kept to meet legal, accounting, or other valid business requirements. To safeguard your privacy, we may require additional details to confirm your identity before handling your request. Please note that copies of your updated, modified, or deleted information may still remain temporarily in cached or archived pages of our Site.

10.Cross Border Data Transfers

We may transfer your personal information outside the country where it was originally collected, including to the United States or other countries. Personal information processed by us may be stored, processed, and transferred globally, in jurisdictions that may have different data protection laws than those in your location. We strive to protect your personal information in accordance with applicable legal requirements. When such laws restrict the transfer of personal information to countries that do not offer an adequate level of protection, we implement appropriate safeguards—such as entering into contractual agreements with recipients or complying with equivalent data transfer mechanisms—to ensure the security and confidentiality of your information.

11.Children Under 13

Our Platform and Services are not designed for children under 13. If we discover that we have collected the personal information of a child under 13, we will take steps to delete such information from our systems.

12.California Privacy Notice

Additionally, under California Civil Code §1798.83, California residents who have provided personal information to theAI may obtain information regarding theAI's disclosures, if any, of personal information to third parties for third-party direct marketing purposes. Requests must be submitted to the following address: earlybird@theai.io. Within 30 days of receiving such a request, we will provide a California Privacy Disclosure, which will include a list of certain categories of personal information disclosed during the preceding calendar year to third parties for their direct marketing purposes, along with the names and addresses of the third parties. This request may be made no more than once per calendar year.

13.SPECIFIC PROVISION FOR EEA, UK AND SWISS RESIDENTS

Under the GDPR (Regulation (EU) 2016/679), we act as a data controller for the Services we provide to you, determining how and why your personal data is processed. If you reside in the EEA, UK, or Switzerland, we base our processing of your personal data on one or more of the following lawful grounds: 

• Performance of a contract with you when we provide and maintain our Services. When we process your account information, Content, and technical information solely to provide our Services to you, this information is necessary to be able to provide our Services. If you do not provide this information, we may not be able to provide our Services to you. 
• Our legitimate interests in protecting our Services from abuse, fraud, or security risks, or in developing, improving, or promoting our Services. This may include the processing of account information, Content, and technical information. 
• Your consent when we ask for your consent to process your personal information for a specific purpose that we communicate to you. You have the right to withdraw your consent at any time.
• Compliance with our legal obligations when we use your personal information to comply with applicable law or when we protect our or our affiliates', users', or third parties' rights, safety, and property.

At any time, you can contact our privacy team at earlybird@theai.io and request to exercise your rights in accordance with the provisions provided by law:

• You have the right to access the personal information we hold about you, including details about how and why it is processed, and to request correction if any of this information is inaccurate. If you believe that your personal information is incomplete, outdated, or incorrect, please provide us with the necessary details to update it.
• You may also withdraw your consent to the processing of your personal information at any time. Please note that withdrawing consent will not affect the legality of any processing conducted before the withdrawal.
• Additionally, under certain circumstances outlined by the GDPR, you have the right to request the deletion or restriction of your personal data, subject to applicable exceptions. If we delete your personal information upon request, please be aware that it may take some time to fully remove all residual copies from our active servers, backup systems, and third-party processors.

If you exercise one or more of the rights described above, and as permitted by applicable law, you have the right to request that we inform you whether any third parties holding your personal information under this Policy have complied with your request.

• You are entitled to request the transfer of personal information related to you in accordance with your right to data portability.
• You are entitled to object to the processing of personal information related to you, for example in relation to direct marketing.
• You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affecting you.
• You have the right to obtain a copy of or access to safeguards under which personal information related to you is transferred outside of the EEA. 
• You have a right to lodge a complaint with a data protection supervisory authority.

When you submit a request to exercise your rights, we will need to reasonably verify your identity and location. To do so, we may ask you to provide credentials to confirm that you are who you claim to be and may ask additional questions to clarify the nature and scope of your request. We will carefully review your inquiry and make sincere efforts to respond promptly.

In cases where we process personal information as part of delivering our Services, acting as a data processor on behalf of our users, we are committed to assisting our data controllers in fulfilling the rights outlined under the GDPR.

If you have any concerns regarding how we handle your personal information, please feel free to contact our privacy team at earlybird@theai.io.

14.Data Retention and Deletion

We retain different types of personal information for varying periods based on the purposes for which we process the data, our legitimate business interests, and compliance with applicable legal requirements.

For example, we will keep your contact information to maintain communication with you. You may contact our privacy team at earlybird@theai.io at any time—both during and after your use of the Services—to request deletion of your contact details.

Please note that even if we are not actively using your information, we may retain it as necessary for legal obligations or ongoing proceedings. We do not keep your personal information longer than reasonably required for the purposes outlined in this Privacy Policy.

Aggregated or de-identified data may be retained indefinitely, but identifiable personal information will be deleted or anonymized when it is no longer needed for processing.

As long as you continue to use the Services, we will retain information about you unless otherwise required by law to delete it.

15.Contact Us

If you have questions about our approach to privacy or would like to make a complaint, please contact us at earlybird@theai.io.

16.Changes to this Policy

This Policy is effective as of the date specified above. We may update or revise this Policy periodically and will publish any changes on the Platform. By continuing to use the Platform and Services after such updates are posted, you agree to be bound by the revised terms.