Last Updated: June 11, 2025

AT SAT Ltd and at-say ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our website, at-say.com (the "Site"), and our software-as-a-service platform (collectively, the "Service"). This policy complies with applicable data protection laws, including the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

By using the Service, you agree to the practices described in this Privacy Policy. If you do not agree, please do not use the Service.

 1. Information We Collect

We collect the following types of information:

 1.1 Personal Information

·      Account Information: When you register for an account, we collect your name, email address, and billing information (e.g., credit card details).

·      User Content: Data you upload or input into the Service (e.g., project files, messages, or other content).

·      Contact Information: If you contact us for support or inquiries, we collect your name, email, and any additional details you provide.

 1.2 Automatically Collected Information

·      Usage Data: Information about how you interact with the Service, such as IP address, browser type, device information, pages visited, and timestamps.

·      Cookies and Tracking Technologies: We use cookies, web beacons, and similar tools to enhance functionality, analyse usage, and deliver personalized content. See Section 7 for details.

 1.3 Information from Third Parties

We may receive information about you from third-party services (e.g., payment processors or analytics providers) to facilitate the Service or improve your experience.

 2. How We Use Your Information

We use your information for the following purposes:

·      To provide, maintain, and improve the Service.

·      To process payments and manage your subscription.

·      To communicate with you, including sending service-related notices, updates, or promotional offers (where permitted).

·      To analyse usage trends and optimize performance.

·      To comply with legal obligations and protect our rights.

 Legal Bases (GDPR)

For EU residents, we process personal data based on:

·      Consent: Where you have given explicit consent (e.g., for marketing emails).

·      Contract: To fulfil our obligations under the Terms of Service.

·      Legitimate Interests: For purposes like improving the Service or preventing fraud, provided your rights are not overridden.

·      Legal Obligation: To comply with applicable laws.

 3. How We Share Your Information

We do not sell your personal information. We may share it as follows:

·      Service Providers: With third-party vendors (e.g., hosting providers, payment processors) who assist us in operating the Service, bound by confidentiality agreements.

·      Legal Requirements: If required by law, court order, or to protect our rights, safety, or property.

·      Business Transfers: In connection with a merger, acquisition, or sale of assets, with notice to you where required.

·      With Your Consent: When you explicitly authorize us to share your data.

 4. Data Retention

We retain your personal information only as long as necessary to fulfil the purposes outlined in this Privacy Policy, comply with legal obligations, or resolve disputes. For example:

·      Account data is kept for the duration of your subscription and a reasonable period thereafter.

·      Usage data may be retained in aggregated form for analytics.
EU residents: Under GDPR, we delete data when it is no longer needed unless retention is required by law.

 5. Your Rights and Choices

 5.1 GDPR Rights (EU Residents)

If you are in the European Economic Area (EEA), you have the following rights:

·      Access: Request a copy of your personal data.

·      Rectification: Correct inaccurate or incomplete data.

·      Erasure: Request deletion of your data ("right to be forgotten").

·      Restriction: Limit how we process your data.

·      Portability: Receive your data in a structured, machine-readable format.

·      Object: Oppose processing based on legitimate interests (e.g., marketing).

·      Withdraw Consent: Revoke consent where it is the basis for processing.
To exercise these rights, contact us at [support email]. We will respond within one month, extendable by two months for complex requests. You may also file a complaint with your local data protection authority.

 5.2 CCPA Rights (California Residents)

If you are a California resident, you have the following rights under the CCPA:

·      Know: Request disclosure of the categories, sources, purposes, and specific pieces of personal information we collect, use, or disclose about you.

·      Delete: Request deletion of your personal information, subject to exceptions.

·      Opt-Out: opt out of the sale of your personal information. (Note: We do not sell your personal information as defined by the CCPA.)

·      Non-Discrimination: We will not discriminate against you for exercising these rights.
To submit a verifiable request, contact us at [support email] or [CCPA request link]. We will respond within 45 days, extendable by an additional 45 days if needed.

 5.3 General Choices

·      Cookies: Manage cookie preferences via your browser settings or our cookie consent tool (if applicable).

·      Marketing: opt out of promotional emails by clicking "unsubscribe" in the email or contacting us.

 6. International Data Transfers

We are based in [Your Country, e.g., "the United States"]. If you access the Service from outside this region, your data may be transferred to and processed in countries with different data protection laws.

·      GDPR: For EEA residents, we ensure adequate safeguards for transfers outside the EEA, such as Standard Contractual Clauses or reliance on Privacy Shield (if applicable).

·      CCPA: California residents’ data is processed in accordance with CCPA requirements.

 7. Cookies and Tracking Technologies

We use cookies and similar technologies to:

·      Ensure the Service functions properly (essential cookies).

·      Analyse usage and improve performance (analytics cookies).

·      Personalize content or ads (optional cookies, with consent where required).
You can manage cookie preferences via our Site or your browser. For EU residents, we obtain consent for non-essential cookies per GDPR.

 8. Security

We implement reasonable technical and organizational measures to protect your personal information from unauthorized access, loss, or misuse. However, no system is 100% secure, and we cannot guarantee absolute security. For GDPR compliance, we notify you and relevant authorities of data breaches as required by law.

 9. Children’s Privacy

The Service is not intended for individuals under 18. We do not knowingly collect personal information from minors. If we learn such data has been collected, we will delete it promptly.

 10. Third-Party Links

The Service may contain links to third-party websites or services. We are not responsible for their privacy practices. Review their policies before providing personal information.

 11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the Service. Your continued use of the Service after such updates constitutes acceptance of the revised policy.

 12. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us at:

at-say @SAY part of AT SAY Ltd
legal@at-say.com

Data Protection Officer (for GDPR):  gdpr@at-say.com