Point&Click Privacy Policy

Introduction

Conception AI Inc. ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use Point&Click, our web automation browser extension and platform (the "Services").

Please read this Privacy Policy carefully. By accessing or using our Services, you acknowledge that you have read, understood, and agree to be bound by all the terms of this Privacy Policy. If you do not agree with our policies and practices, please do not use our Services.

Conception AI Inc. is the entity responsible for the processing of personal information under this Privacy Policy as a data controller.

Definitions

Automation Flow or Flow: means an automated workflow to perform tasks on websites.

Building Block: means a deterministic or semi-determinist, pre-written automation script for specific actions.

Actions: means operations, steps, or transactions executed by Automation Flows, including screen recordings and content of websites visited.

Input: means data you provide to Flows, including natural language prompts, website credentials, and instructions.

Output: means results produced by Flows, including downloaded files, extracted data, and execution reports.

You: means any person who uses or accesses the Services, or whose personal information may be processed through use of our Services.

Information We Collect

Personal Information

We collect personal information that you provide directly when you register, use the Services, or communicate with us, including contact information such as name and email address, account credentials such as username and password, payment information such as payment method details when required, profile information such as company name or job title if provided, and communication preferences.

Automation Data

When you use our Services, we collect information about Flows you create and execute, data processed through our automation platform, website credentials you choose to store which are encrypted, performance metrics of your automations, natural language prompts and commands you provide, and websites you automate and interact with through Point&Click.

Usage Information

We automatically collect information about your interactions with our Services, including log data such as IP address, browser type, pages visited, and time spent, device information such as device type, operating system, and browser version, location information derived from IP address, usage patterns and preferences, and Flow execution history, success rates, and error logs.

Screen Recordings and Browser Activity

During Flow execution, we record your screen and capture visual content displayed in your browser. This includes website content you access during automation, personal information visible on screen during Flow execution, data from all browser tabs and windows visible during execution, notifications, pop-ups, and other visual elements present during automation, and any other visual information displayed in your browser during Flow execution.

These screen recordings may capture sensitive information that happens to be visible in your browser, including personal messages, financial information, private documents, or confidential business information.

Cookies and Similar Technologies

We use cookies and similar tracking technologies to track activity on our Services. Cookies are files with a small amount of data that may include an anonymous unique identifier. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent.

Beta Period Data Collection

During the beta testing period, we have significantly broader access to your data than described above. Specifically, during beta we may access and review all Flow executions in unencrypted, plain-text form, natural language prompts and commands in full detail, all websites you automate and data you extract or download, stored credentials in decrypted form during execution monitoring, complete screen recordings capturing all visual content in your browser, all data transmitted to or from third-party websites during Flow execution, error logs, debugging information, and detailed execution traces, and any other information generated or processed during your use of the Services.

This comprehensive monitoring is necessary for debugging, platform development, quality assurance, Building Block creation, security monitoring, and service improvement during the beta period.

This level of access is broader than will be maintained after the beta period ends. Upon transition to general availability, we will implement stricter data access controls and limitations.

How We Use Your Information

Service Provision

To provide, maintain, and improve the Services, execute your Automation Flows, process transactions and manage your account, and provide customer support and respond to inquiries.

Development and Improvement During Beta Period

During the beta period specifically, we use your data to debug issues and fix bugs or errors, improve Flow reliability and success rates, create and optimize Building Blocks from successful agent executions, train and improve our AI models and agents, understand user behavior and improve platform usability, test new features and functionality, and conduct quality assurance and platform testing.

After the beta period, we will only use aggregated and anonymized data for service improvement, and will not use the specific content of your Flows without your explicit consent.

Communication

To send technical notices, updates, security alerts, and support messages, respond to your comments, questions, and requests, and provide information about new features or services.

Security and Compliance

To monitor and analyze trends, usage, and activities for security purposes, detect, prevent, and address technical issues, security breaches, and fraudulent activities, comply with legal obligations and respond to legal process, and protect our rights, property, and safety and the rights of others.

Analytics and Research

To monitor and analyze usage patterns to understand how the Services are used, develop new products, services, features, and functionality, and conduct research and analysis to improve our technology.

Marketing

To personalize your experience and deliver relevant content, and send promotional communications if you have opted in, when applicable.

Artificial Intelligence Provided by Third Parties

Point&Click leverages third-party AI technology provided by our service providers to power our agent-based automation capabilities. This AI technology is used to understand and process your natural language prompts, generate automation plans and Building Blocks, execute real-time agent tasks when Building Blocks do not exist, analyze and improve Flow execution, and create intelligent responses and automations based on your instructions.

We share your information with AI service providers that power Point&Click's capabilities. The information shared includes natural language prompts and commands you provide, information about websites you want to automate, data about Flow execution and results, screen recordings and browser activity during automation, and Inputs, Actions, and Outputs from your Flows.

These AI service providers use your information to respond to and action your prompts and instructions. During the beta period, AI providers may also use your data to improve their models and services. After the beta period ends, we will implement stricter controls and AI providers will not use your data to train their models without your explicit consent.

Our AI service providers are contractually required to maintain confidentiality and security of your information. However, you acknowledge that when you use Point&Click, your data is processed by third-party AI systems, and you consent to this processing.

Information Sharing and Disclosure

Service Providers

We share information with third-party vendors and service providers who perform services on our behalf, including cloud hosting and infrastructure providers, payment processors, analytics providers, AI and machine learning service providers, customer support and communication platforms, and security and monitoring services.

These service providers are contractually obligated to use your information only to provide services to us and maintain confidentiality.

Business Transfers

If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control.

Legal Requirements

We may disclose your information when required by law or when we reasonably believe disclosure is necessary to comply with legal obligations, subpoenas, or court orders, protect and defend our rights or property, prevent or investigate possible wrongdoing in connection with the Services, protect personal safety of users or the public, or protect against legal liability.

With Your Consent

We may share your information with third parties when you have given us consent to do so.

Community Sharing

If you choose to share Flows publicly with the Point&Click community when such feature becomes available, we will share Flow metadata such as name, description, and category with other users. We do not share the detailed Flow configuration or personal information without your explicit permission.

Data Security

We implement appropriate technical and organizational security measures to protect your personal information, including encryption of data in transit and at rest, secure storage of website credentials using industry-standard encryption, access controls and authentication mechanisms, regular security audits and vulnerability assessments, monitoring and logging of system access, and incident response procedures.

However, no security system is impenetrable. We cannot guarantee the absolute security of our databases or that information will not be intercepted while being transmitted over the Internet. You acknowledge the inherent security risks of electronic data storage and transmission.

Data Retention

We retain personal information only as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements.

Specific retention periods include account information retained while your account is active and for a reasonable period thereafter for legal and business purposes, Flow execution logs retained for 90 days unless required longer for debugging or legal purposes, screen recordings retained during beta period for platform development with retention periods to be reduced after general availability, downloaded files and Outputs not retained on our servers unless you explicitly choose to store them in your account, and deleted data permanently deleted from active databases within 30 days of deletion request and may remain in encrypted backups for up to 90 days.

When we no longer need your personal information, we securely delete or anonymize it. If deletion is not possible, we securely store your information and isolate it from further processing until deletion is possible.

Your Rights and Choices

Depending on your location and applicable law, you may have certain rights regarding your personal information.

Access and Update

You can access and update certain information about your account through your account settings within the Services.

Data Subject Rights

You may have the right to request access to your personal information and receive a copy, request correction of inaccurate or incomplete personal information, request deletion of your personal information subject to certain limitations, request restriction of processing of your personal information, request portability of your personal information to another service, object to processing of your personal information for certain purposes, withdraw consent where processing is based on consent, and opt-out of certain communications.

To exercise these rights, contact us at contact@conception.dev. We may verify your identity before responding to requests.

Data Deletion

You have the right to delete your data from our systems at any time. You may delete specific Flows, execution history, stored credentials, or your entire account through account settings or by contacting contact@conception.dev.

Upon deletion request, we will permanently delete your data from active databases within 30 days. Deleted data may remain in encrypted backups for up to 90 days but will not be accessible or used. After deletion, your data cannot be recovered.

Right to Complain

Depending on your location, you may have the right to complain to a data protection regulator where you live or work. Please contact your local data protection authority for more information.

California Privacy Rights

California residents may have additional rights under the California Consumer Privacy Act, including the right to know what personal information is collected, used, shared, or sold, the right to delete personal information held by us, the right to opt-out of sale of personal information (note: we do not sell personal information), and the right to non-discrimination for exercising privacy rights.

Children's Privacy

Our Services are not intended for individuals under the age of 18, and we do not knowingly collect personal information from children under 18. If we learn that we have collected personal information from a child under 18 without verification of parental consent, we will delete that information promptly. If you believe we might have information from or about a child under 18, please contact us immediately at contact@conception.dev.

International Data Transfers

We are based in the United States. Information we collect may be transferred to, processed, stored, and used in the United States and other jurisdictions. Data protection laws in these jurisdictions may not provide the same protections as in your home country.

When we engage in cross-border data transfers, we ensure appropriate safeguards are in place to protect personal information and comply with applicable data protection laws. For more information, contact us at contact@conception.dev.

Third-Party Websites and Services

Our Services enable you to interact with and automate actions on third-party websites. When you use Point&Click to access third-party websites, we do not control those websites and are not responsible for their content, privacy practices, or terms of service. Data you access, download, or interact with on third-party websites is subject to those websites' privacy policies. You are responsible for complying with third-party terms of service. We are not liable for any data breaches, losses, or issues that occur on third-party websites.

This Privacy Policy applies only to information we collect through Point&Click. We strongly advise you to review the privacy policies of any third-party websites you access through our Services.

Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by updating the "Last Updated" date and posting the new Privacy Policy on this page.

For material changes that significantly impact your rights or how we process your data, we will provide more prominent notice, such as email notification or a notice within the Services, at least 30 days before changes take effect.

Your continued use of the Services after we post modifications constitutes your acknowledgment and acceptance of the modified Privacy Policy. You are advised to review this Privacy Policy periodically for any changes.

How to Contact Us

If you have any questions or concerns about this Privacy Policy, our privacy practices, or if you would like to exercise your rights with respect to your personal information, please contact us:

By email: contact@conception.dev

By mail:
Conception AI Inc.
2261 Market Street STE 85701
San Francisco, CA 94114
United States