Privacy Policy
HachiAI Inc.
This Privacy Policy describes how HachiAI Inc. collects, uses, discloses, and protects your personal information when you visit our website, use our services, or interact with us in any capacity.
Website: hachiai.com | Contact: hello@hachiai.com
Effective Date: February 2026
1. Introduction
HachiAI Inc. ("HachiAI", "we", "us", or "our") is an enterprise AI automation company that deploys Intelligent Digital Workers ("IDWs") to automate complete job roles across ERPs, portals, and legacy systems. We are committed to protecting the privacy and security of your personal information.
This Privacy Policy applies to information collected through our website at hachiai.com (the "Website"), our Intelligent Digital Worker platform and related services (the "Services"), our marketing and sales activities, and any other interactions you may have with HachiAI.
HachiAI is headquartered in Toronto, Canada, with offices in Montreal, Dallas, Dubai, Lahore, and Hyderabad. We serve enterprise clients globally and comply with applicable data protection laws in all jurisdictions where we operate, including the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA), the European Union General Data Protection Regulation (GDPR), the California Consumer Privacy Act as amended by the California Privacy Rights Act (CCPA/CPRA), and other applicable provincial, state, and national data protection legislation.
By accessing our Website or using our Services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with the practices described herein, please do not use our Website or Services.
2. Data Controller Information
For the purposes of applicable data protection legislation, the data controller is:
HachiAI Inc.
Address:
207 Queens Quay W
Toronto, ON M5J 1A7, Canada
Email: hello@hachiai.com
Website: https://hachiai.com
When HachiAI processes personal data on behalf of our enterprise clients as part of the IDW Services, we act as a data processor (or "service provider" under CCPA). In such cases, the enterprise client remains the data controller and is responsible for ensuring it has the appropriate lawful basis and consent for sharing data with HachiAI for processing.
3. Information We Collect
We collect personal information in several ways, depending on how you interact with us. The categories of information we collect include the following.
3.1 Information You Provide Directly
| Category | Details |
|---|---|
| Contact Information | Name, email address, phone number, company name, job title, and mailing address, collected when you fill out forms, request a demo, or contact us. |
| Account Credentials | Username and password if you create an account to access our platform or client portal. |
| Communication Data | Content of emails, messages, chat transcripts, and other communications you send to us, including through our contact and demo request forms. |
| Payment Information | Billing address, payment method details, and transaction history. Credit card numbers and bank account details are processed by Stripe and other authorized payment processors on our behalf and are not stored on HachiAI's systems. |
| Professional Information | Company name, industry, role, department, and business requirements shared during sales conversations, onboarding, or support interactions. |
3.2 Information Collected Automatically
When you visit our Website, we automatically collect technical, usage, and behavioural information through cookies, web beacons, pixels, and similar technologies, including third-party tracking tools.
| Category | Details |
|---|---|
| Device Information | Browser type and version, operating system, device type, screen resolution, and device identifiers. |
| Usage & Behavioural Data | Pages visited, time spent on pages, click patterns, scroll depth, referring URLs, search queries, navigation paths, content interactions, and session recordings. This data is used to analyze user behaviour and improve our Website. |
| Network Information | IP address, approximate geographic location (city/country level), internet service provider, and connection type. |
| Cookie & Tracking Data | Session identifiers, preferences, and analytics data collected via first-party and third-party cookies, tracking pixels, and similar technologies. See Section 9 for details. |
| Third-Party Analytics | We use the following third-party analytics and tracking tools: Google Analytics 4 (GA4), Cloudflare Web Analytics, Hotjar, and Microsoft Clarity. These tools collect aggregated and individual-level behavioural data, including session recordings and heatmaps. Each tool sets its own cookies and processes data in accordance with its respective privacy policy. |
3.3 Information from Third Parties and Lead Generation
We may receive personal information from third-party sources, including business partners and referral sources, publicly available databases and business directories, social media platforms (LinkedIn, Facebook, Instagram, X/Twitter), digital advertising platforms (Google Ads, LinkedIn Ads, Meta Ads), marketing and lead-generation partners, and our enterprise clients who share employee or end-user data for the purpose of configuring and deploying IDWs.
HachiAI conducts lead-generation activities across multiple digital platforms. When you engage with our advertisements, sponsored content, webinars, downloadable resources, or social media profiles, we may collect your name, email address, company name, job title, and other professional information you provide through lead forms on these platforms. This information is used to contact you about our Services and is subject to the data practices described in this Privacy Policy as well as the privacy policies of the respective platforms.
3.4 Client Data Processed by IDWs
When delivering our Services, our Intelligent Digital Workers may process data that resides in or originates from our clients' enterprise systems, including ERPs (such as Epicor, SAP, Syspro), CRM platforms, accounting software, HR systems, and other business applications. This data may include personal information of our clients' employees, customers, vendors, or other individuals.
HachiAI offers two deployment models for our IDW Services:
- On-Premises / Client-Hosted: For clients who choose an on-premises deployment, IDWs operate within the client's own infrastructure and Client Data remains in the client's environment. HachiAI does not collect or store the underlying Client Data in this model.
- Cloud-Hosted / HachiAI-Managed: For clients who prefer a cloud-hosted solution, HachiAI may collect and store Client Data on our managed infrastructure in order to operate the IDWs. In this model, Client Data is processed and stored in accordance with our security standards (SOC 2 Type II certified) and the terms of the applicable Data Processing Agreement.
Important: Regardless of the deployment model, HachiAI processes Client Data strictly as a data processor on behalf of our clients. We do not own, sell, or use Client Data for any purpose other than delivering the contracted Services. Our processing of Client Data is governed by the terms of our Master Services Agreement and Data Processing Agreement with each client.
3.5 IDW Performance and Analytics Data
HachiAI collects operational analytics and performance metrics from IDWs running on client systems, regardless of the deployment model. This includes data such as task completion rates, processing volumes, error rates, workflow execution times, and system health indicators. This analytics data is used to monitor service quality, troubleshoot issues, and improve our platform. While this data is primarily operational and technical in nature, it may in some cases contain or be derived from Client Data. Any such analytics collection is disclosed in and governed by the applicable Master Services Agreement.
3.6 Anonymized Case Studies and Examples
HachiAI may use anonymized and aggregated descriptions of implemented workflows, processes, and outcomes to demonstrate our capabilities to prospective clients and for marketing purposes. These case studies do not identify the client by name or include any information that could reasonably be used to identify the client, unless the client has provided explicit written permission. Where a client consents to being named, the scope of disclosure is limited to what the client has approved.
4. How We Use Your Information
We use personal information for the following purposes:
| Category | Details |
|---|---|
| Service Delivery | To provide, operate, maintain, and improve our IDW platform and Services; to configure and deploy Intelligent Digital Workers tailored to your business workflows; to provide customer support, technical assistance, and training; and to manage your account and process payments. |
| Communications | To respond to your inquiries, demo requests, and support tickets; to send you service-related notices, updates, and security alerts; and to deliver marketing communications about our products, events, and thought leadership (with your consent where required by law). |
| Analytics and Improvement | To analyze Website usage patterns and improve user experience; to collect and analyze operational performance metrics from deployed IDWs (such as task completion rates, processing volumes, and error rates) for quality monitoring and service improvement; to conduct internal research and development; and to generate aggregated, de-identified analytics and benchmarks. |
| Case Studies and Marketing | To create anonymized, non-identifying case studies and workflow examples based on client implementations for use in marketing, sales, and educational materials. Client names are never disclosed without explicit written permission. These anonymized examples help prospective clients understand the practical applications and outcomes of our IDW platform. |
| Legal and Compliance | To comply with legal obligations, regulatory requirements, and lawful requests from public authorities; to enforce our terms of service and other agreements; to protect the rights, safety, and property of HachiAI, our clients, and the public; and to detect, prevent, and respond to fraud, security incidents, and technical issues. |
| Business Operations | To manage business relationships with enterprise clients and partners; to facilitate mergers, acquisitions, or asset sales (subject to standard confidentiality obligations); and to conduct audits and maintain internal records. |
5. Legal Bases for Processing
If you are located in the European Economic Area (EEA), the United Kingdom, or another jurisdiction that requires a lawful basis for processing personal data, we rely on the following legal bases under the GDPR:
| Legal Basis | Applicable Processing Activities |
|---|---|
| Contractual Necessity (Art. 6(1)(b)) | Processing necessary to perform our contract with you or your organization, including delivering IDW Services, managing accounts, processing payments, and providing support. |
| Legitimate Interests (Art. 6(1)(f)) | Processing necessary for our legitimate business interests, including Website analytics, service improvement, fraud prevention, direct marketing to existing business contacts, and maintaining the security of our systems. We balance these interests against your rights and freedoms. |
| Consent (Art. 6(1)(a)) | Where we rely on your consent, such as for marketing communications to new contacts and placing non-essential cookies. HachiAI does not intentionally collect sensitive or special-category personal data (such as biometric, health, racial, religious, or political data). You may withdraw consent at any time. |
| Legal Obligation (Art. 6(1)(c)) | Processing necessary to comply with legal obligations, including tax reporting, responding to lawful data subject requests, and cooperating with regulatory authorities. |
6. Data Sharing and Disclosure
We do not sell your personal information. We do not rent, trade, or otherwise make personal information available to third parties for their own marketing purposes without your explicit consent.
We may share personal information in the following limited circumstances:
Service Providers and Subprocessors
We engage trusted third-party service providers who process personal information on our behalf to support our operations. All service providers are contractually bound to process data only on our instructions, maintain appropriate security measures, and comply with applicable data protection laws. Our current subprocessors include:
| Provider | Category | Purpose |
|---|---|---|
| Stripe | Payment Processing | Processes credit card and payment transactions on our behalf. Stripe is PCI DSS Level 1 certified. |
| HubSpot | CRM | Customer relationship management, lead tracking, and sales pipeline management. |
| Mailchimp (Intuit) | Email Marketing | Marketing email campaigns, newsletters, and transactional email delivery. |
| Google (GA4, GTM, Ads) | Analytics & Advertising | Website analytics via Google Analytics 4, tag management via Google Tag Manager, and advertising via Google Ads. |
| Meta (Facebook/Instagram) | Advertising | Advertising and retargeting via Meta Pixel on Facebook and Instagram platforms. |
| Advertising | Advertising and lead generation via LinkedIn Insight Tag and LinkedIn Ads. | |
| Hotjar | Behavioural Analytics | Session recordings, heatmaps, and user behaviour analysis. |
| Microsoft (Clarity) | Behavioural Analytics | Session recordings and heatmaps for Website usability analysis. |
| Cloudflare | CDN & Analytics | Content delivery, DDoS protection, DNS, and privacy-focused web analytics. |
| Cloud Infrastructure* | Hosting & Storage | Cloud-hosted IDW deployments use infrastructure selected per client requirements (e.g., AWS, Azure, GCP, or equivalent). The specific provider is disclosed in each client's Data Processing Agreement. |
This list may be updated from time to time. Material changes to our subprocessor list will be communicated to affected clients in accordance with our Data Processing Agreement obligations.
- Enterprise Clients: When processing Client Data as a data processor, we may share information with our clients as required by the terms of our Data Processing Agreement and in accordance with their instructions.
- Legal Requirements: We may disclose personal information when required by law, regulation, or legal process (such as a court order or subpoena), or when we believe in good faith that disclosure is necessary to protect the rights, property, or safety of HachiAI, our users, or the public.
- Business Transfers: In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, personal information may be transferred as part of that transaction. We will notify affected individuals of any change in ownership or use of their personal information, and any choices they may have regarding their information.
- With Your Consent: We may share your personal information with third parties when you have given us explicit consent to do so.
7. International Data Transfers
HachiAI is headquartered at 207 Queens Quay W, Toronto, ON M5J 1A7, Canada, and operates globally with offices in Montreal (Canada), Dallas (United States), Dubai (United Arab Emirates), Lahore (Pakistan), and Hyderabad (India). Your personal information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your jurisdiction.
For cloud-hosted IDW deployments, the hosting region varies per client and is selected based on the client's requirements, regulatory obligations, and proximity considerations. The specific cloud provider and data centre location for each engagement are disclosed in the applicable Data Processing Agreement.
Our third-party subprocessors also process data in various jurisdictions. For example, Stripe processes payment data in the United States, HubSpot and Mailchimp store CRM and email data in the United States, and Google, Meta, LinkedIn, Hotjar, and Microsoft process analytics and advertising data globally in accordance with their respective privacy policies and data processing agreements.
When we transfer personal data outside the EEA, the UK, or other jurisdictions with transfer restrictions, we implement appropriate safeguards, including Standard Contractual Clauses (SCCs) as approved by the European Commission, adequacy decisions where applicable (such as for transfers to Canada under the EU adequacy framework), binding corporate rules or other approved transfer mechanisms, and supplementary technical and organizational measures where necessary following transfer impact assessments. For transfers from Canada, we comply with PIPEDA's accountability requirements and ensure that personal information transferred to third parties in other jurisdictions receives a comparable level of protection through contractual and other measures.
You may request a copy of the safeguards we use by contacting us at hello@hachiai.com.
8. Data Security
HachiAI takes the security of your personal information seriously. We are SOC 2 Type II certified and maintain a comprehensive information security program that includes the following measures:
- Technical Safeguards: Encryption of data in transit (TLS 1.2+) and at rest (AES-256); multi-factor authentication for access to systems containing personal data; regular vulnerability scanning, penetration testing, and security audits; network segmentation and firewall protections; intrusion detection and prevention systems; and automated monitoring and alerting for anomalous activity.
- Organizational Safeguards: Role-based access controls following the principle of least privilege; mandatory security awareness training for all employees and contractors; background checks for personnel with access to personal data; documented incident response and breach notification procedures; regular review and updating of security policies; and vendor security assessments for all third-party service providers.
- Architecture: Our IDW platform is designed with a security-first architecture. For on-premises deployments, Client Data remains in the client's own environment, and our IDWs operate within the client's infrastructure. For cloud-hosted deployments, Client Data is stored in SOC 2 Type II certified infrastructure with encryption at rest and in transit, logical tenant isolation, and strict access controls. Regardless of the deployment model, we maintain 99.9% uptime and have redundancy and disaster recovery measures in place.
While we implement industry-leading security measures, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security, but we continuously work to protect your personal information and promptly address any incidents. For more details on our security practices, please visit our Trust Center.
9. Cookies and Tracking Technologies
Our Website uses cookies, pixels, web beacons, and similar tracking technologies — including those provided by third parties — to enhance your experience, analyze user behaviour, and support our marketing and lead-generation efforts.
| Cookie Type | Necessity | Purpose |
|---|---|---|
| Strictly Necessary | Required | Essential for Website functionality, security, and session management. Cannot be disabled. |
| Performance / Analytics | Optional | Help us understand how visitors interact with our Website by collecting usage statistics and behavioural data. Tools used: Google Analytics 4, Cloudflare Web Analytics, Hotjar, and Microsoft Clarity. |
| Functional | Optional | Remember your preferences, language, and settings to provide a personalized experience. |
| Marketing / Targeting | Optional | Used to deliver relevant advertisements, retarget visitors across platforms, and track the effectiveness of marketing and lead-generation campaigns. Tools used: Google Ads remarketing tag, Meta Pixel (Facebook/Instagram), LinkedIn Insight Tag, and Google Tag Manager (as a container for the above). |
Third-party tracking tools: The following third-party tracking technologies on our Website may collect data about your online activity across different websites over time: Google Analytics 4 and Google Ads (subject to Google's Privacy Policy at policies.google.com/privacy), Meta Pixel (subject to Meta's Data Policy at facebook.com/privacy/policy), LinkedIn Insight Tag (subject to LinkedIn's Privacy Policy at linkedin.com/legal/privacy-policy), Hotjar (subject to Hotjar's Privacy Policy at hotjar.com/privacy), and Microsoft Clarity (subject to Microsoft's Privacy Statement at privacy.microsoft.com). We encourage you to review these policies to understand how each provider handles your data.
Managing cookies: You can manage your cookie preferences through your browser settings or through our cookie consent banner when available. Most browsers allow you to block or delete cookies. However, blocking strictly necessary cookies may impair Website functionality. HachiAI is implementing a Consent Management Platform (CMP) to provide granular cookie controls. Once deployed, you will be able to accept or reject specific cookie categories directly on our Website. Where required by law (such as under the ePrivacy Directive in the EU), we will obtain your consent before placing non-essential cookies.
Do Not Track: Our Website currently does not respond to "Do Not Track" browser signals, as there is no universal standard for how websites should respond to such signals. However, you may opt out of tracking through your cookie preferences or browser settings.
10. Data Retention
We retain personal information only for as long as necessary to fulfill the purposes for which it was collected, comply with our legal and regulatory obligations, resolve disputes, and enforce our agreements.
| Data Category | Retention Period |
|---|---|
| Client account data | Duration of the client relationship plus 3 years following termination, unless a longer period is required by law. |
| Prospect / lead data | Up to 2 years from last meaningful interaction, unless consent is renewed. |
| Website analytics data | Aggregated analytics retained indefinitely. Identifiable session data retained for up to 26 months. |
| Client Data (IDW processing) | As specified in the applicable Master Services Agreement. Deleted or returned upon contract termination within 30 days unless legal retention obligations apply. |
| Financial / billing records | 7 years as required by tax and accounting regulations. |
| IDW analytics / metrics | Aggregated operational metrics retained indefinitely for benchmarking. Raw performance logs retained for 12 months. |
| Lead-generation data | Up to 2 years from collection or last meaningful interaction, unless consent is renewed or a business relationship is established. |
| Communication records | Up to 3 years from the date of communication, or longer if related to an ongoing business relationship or legal matter. |
When personal information is no longer needed, we securely delete or anonymize it using industry-standard methods.
11. Your Privacy Rights
Depending on your jurisdiction, you may have certain rights regarding your personal information. We respect these rights and will respond to valid requests in accordance with applicable law.
11.1 Rights Under GDPR (EEA and UK Residents)
If you are a resident of the European Economic Area or the United Kingdom, you have the following rights under the General Data Protection Regulation:
| Right | Description |
|---|---|
| Right of Access | Request a copy of the personal data we hold about you, along with information about how it is processed. |
| Right to Rectification | Request correction of inaccurate or incomplete personal data. |
| Right to Erasure | Request deletion of your personal data where there is no compelling reason for continued processing. |
| Right to Restrict Processing | Request that we limit how we use your data in certain circumstances, such as while we verify its accuracy. |
| Right to Data Portability | Receive your personal data in a structured, commonly used, machine-readable format, and transmit it to another controller. |
| Right to Object | Object to processing based on legitimate interests or for direct marketing purposes at any time. |
| Right to Withdraw Consent | Withdraw consent at any time where processing is based on consent. Withdrawal does not affect the lawfulness of prior processing. |
| Right to Lodge a Complaint | Lodge a complaint with your local data protection authority if you believe your rights have been violated. |
We will respond to your request within 30 days of receipt. In certain complex cases, we may extend this period by an additional 60 days, and we will notify you of any extension.
11.2 Rights Under CCPA/CPRA (California Residents)
If you are a California resident, you have the following rights under the California Consumer Privacy Act and the California Privacy Rights Act: Right to Know; Right to Delete; Right to Correct; Right to Opt-Out of Sale/Sharing (HachiAI does not sell personal information and does not share personal information for cross-context behavioral advertising); Right to Limit Use of Sensitive Personal Information; Right to Non-Discrimination. You will not receive a different level or quality of service for exercising your rights. To exercise your rights, contact us at hello@hachiai.com. We will verify your identity before processing your request and respond within 45 days. We may extend this period by an additional 45 days if reasonably necessary, and we will notify you of any extension.
11.3 Rights Under PIPEDA (Canadian Residents)
If you are a Canadian resident, you have rights under the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy legislation. These include the right to access personal information we hold about you, the right to request correction of inaccurate information, the right to withdraw consent (subject to legal or contractual restrictions), and the right to file a complaint with the Office of the Privacy Commissioner of Canada. We will respond to access and correction requests within 30 days of receipt.
11.4 Rights Under Other Frameworks
If you are located in Brazil (LGPD), Australia (Privacy Act 1988), or another jurisdiction with applicable data protection laws, you may have similar rights. We will honor your requests in accordance with the applicable local law. Please contact us at hello@hachiai.com to exercise any rights available to you.
12. Children's Privacy
Our Website and Services are not intended for individuals under the age of 18 (or the applicable age of majority in your jurisdiction). We do not knowingly collect personal information from children. If we become aware that we have inadvertently collected personal information from a child without appropriate consent, we will take steps to delete that information as promptly as possible. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at hello@hachiai.com so we can take appropriate action.
13. Third-Party Links and Services
Our Website may contain links to third-party websites, services, or platforms that are not operated or controlled by HachiAI. This Privacy Policy does not apply to such third-party sites. We encourage you to review the privacy policies of any third-party services before providing them with your personal information. HachiAI is not responsible for the privacy practices or content of third-party websites.
14. Automated Decision-Making and Profiling
Our IDW platform uses artificial intelligence and automation to process data and perform tasks within client enterprise systems. When acting as a data processor on behalf of clients, HachiAI's IDWs may engage in automated processing of personal data as directed by the client. HachiAI does not currently use automated decision-making that produces legal effects or similarly significant effects on individuals in relation to our Website visitors or marketing contacts. However, we may implement automated lead-scoring and lead-qualification tools (such as HubSpot lead scoring) to prioritize sales outreach. Such scoring is used solely for internal sales prioritization and does not produce legal effects or restrict your access to our Services. No decisions about service eligibility, pricing, or contractual terms are made solely on the basis of automated processing. If we implement automated decision-making with legal or similarly significant effects in the future, we will update this Privacy Policy, provide appropriate notice, and where required, obtain consent or provide a mechanism to request human review. If you are subject to automated decision-making as an end-user of a client's systems, please contact the relevant enterprise client (the data controller) to exercise your rights.
15. Data Breach Notification
In the event of a personal data breach that is likely to result in a risk to the rights and freedoms of individuals, HachiAI will notify the relevant supervisory authority without undue delay and, where feasible, within 72 hours of becoming aware of the breach, in compliance with GDPR Article 33. Where the breach is likely to result in a high risk to the rights and freedoms of affected individuals, we will also notify those individuals directly without undue delay. For breaches involving Client Data processed on behalf of enterprise clients, we will notify the affected client in accordance with the timelines specified in our Data Processing Agreement. Under PIPEDA and Canadian breach notification regulations, HachiAI will report breaches of security safeguards involving personal information that create a real risk of significant harm to the Office of the Privacy Commissioner of Canada and to affected individuals as required.
16. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our data protection practices, you may contact us using the following information:
| Method | Details |
|---|---|
| hello@hachiai.com | |
| Mailing Address | HachiAI Inc., 207 Queens Quay W, Toronto, ON M5J 1A7, Canada |
| Website | https://hachiai.com/contact/ |
HachiAI does not currently have a dedicated Data Protection Officer (DPO). All privacy-related inquiries, including GDPR requests, are handled by our operations team at hello@hachiai.com. As we expand into the EU/UK market, we will appoint a DPO and/or an Article 27 representative as required, and their contact details will be published here and on our Website.
If you are not satisfied with our response to your inquiry or complaint, you have the right to lodge a complaint with the appropriate data protection authority in your jurisdiction. For Canadian residents, complaints may be filed with the Office of the Privacy Commissioner of Canada (www.priv.gc.ca). For EEA residents, contact your local supervisory authority. For California residents, you may contact the California Attorney General's office.
17. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will notify you by posting the updated policy on our Website with a revised "Effective Date" at the top, sending an email notification to clients and registered contacts for significant changes, and providing a summary of key changes. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information. Your continued use of our Website or Services after the posting of changes constitutes your acceptance of the updated Privacy Policy.
18. Supplementary Provisions
18.1 GDPR Representative
HachiAI does not currently have an establishment in the European Economic Area or the United Kingdom. As HachiAI expands into the EU/UK market, we will appoint a representative under Article 27 of the GDPR as required. Upon appointment, the representative's name and contact details will be published in this section and on our Website. In the interim, all privacy-related inquiries from EEA or UK residents should be directed to hello@hachiai.com.
18.2 CCPA Metrics
As required by the CCPA, HachiAI will publish annual metrics regarding the number of data subject requests received, complied with (in whole or in part), and denied, along with the median response time. These metrics will be made available on our Website.
18.3 Accessibility
This Privacy Policy is available in accessible formats upon request. If you require this document in an alternative format, please contact us at hello@hachiai.com.
18.4 Governing Law
This Privacy Policy is governed by and construed in accordance with the laws of the Province of Ontario, Canada, without regard to its conflict of law provisions, except where superseded by mandatory applicable data protection legislation in your jurisdiction.