[Last updated: (on July 4, 2023)]

OUR APPROACH TO PRIVACY

CENTIFIC GLOBAL SOLUTIONS, Inc. and its affiliates ("CENTIFIC”"we," "our," or "us") are committed to protecting your privacy. This privacy policy sets out how we collect, store, process, transfer, share, and use data that identifies or is associated with you ("Information") and information regarding our use of cookies and similar technologies.

CENTIFIC operates a platform ("Pitaya") that enhances our customers’ existing security and inventory systems by leveraging the power of computer vision and generatively executed artificial intelligence, operated with a commitment to ethical and responsible practices. Pitaya delivers intelligent store solutions to address industry-wide challenges such as shrinkage, workplace safety, stockout, and customer behavior visibility. Users can visit our websites under the  https://www.pitaya.ai/ domain (our "Website") and browse and subscribe to the Pitaya solution.

This privacy policy applies to Pitaya and all the tools that are part of it. To the extent that your Information is collected by a Pitaya customer with whom you interact, that entity’s privacy policy applies to their processing of your Information. Terms used in this privacy policy have the same meaning as in our Terms of Service unless otherwise defined in this privacy policy.

Before accessing or using Pitaya, please ensure that you have read and understood our collection, storage, use, and disclosure of your Information as described in this privacy policy.

INFORMATION WE COLLECT ABOUT YOU

We collect Information from you directly, from the devices you use to interact with us, and from third parties. If you choose not to provide Information, we may not be able to provide certain services to you or respond to your requests. We may combine Information together and with other information we obtain from our business records. We may use and disclose information that we aggregate (compile to create statistics that cannot identify a particular individual) or de-identify (strip Information of all unique identifiers such that it cannot be linked to a particular individual) at our discretion.

Information you give us

You may provide the following Information to us directly:

  • Contact and professional information, including name, email address, telephone number, and job title, as well as company name and size.
  • Demographic information.
  • Audiovisual information.
  • Payment information, including credit card information.
  • Content you may include in survey responses.
  • Information contained in your communications to us.
  • Information you make available to us via a social media platform.
  • Information you provide when you register for an account, fill in a form, or create or edit your profile.
  • Any other information you submit to us.

Information we collect automatically

We and partners working on our behalf may use log files, cookies, or other digital tracking technologies to collect Information from the device you use to interact with us. Please review our cookie policy here for more information.

Information we collect from other sources

We may collect the following Information about you from third-party sources:

  • Contact information from lead generation and commercial data providers or from your employer or other individuals who connected you to our services.

HOW WE USE YOUR INFORMATION

We may use any of the Information we collect for the following purposes:

  • Service functionality: To provide you with our products and services, including to take steps to enter into a contract for sale or for services, process payments, fulfill orders, send service communications, and conduct general business operations, such as accounting, recordkeeping, and audits. We use Information for this purpose because it is necessary to perform a contract with you or take steps to enter into a contract with you, to comply with our legal obligations, and/or for our legitimate interests.
  • Service improvement: To improve and grow Pitaya and our products and services, including to develop new products and services and understand how our services are being used, our customer base and purchasing trends, and the effectiveness of our marketing. We use Information for this purpose because it is necessary for our legitimate interests and/or with your consent.
  • Advertising and marketing: To send you marketing communications and measure the effectiveness of our marketing and advertising. We may share your information with business partners for this purpose. We use Information for this purpose because it is necessary for our legitimate interests and/or with your consent, where required.
  • Security: To protect and secure Pitaya and our other products and services, assets, network, and business operations, and to detect, investigate, and prevent activities that may violate our policies or be fraudulent or illegal. We use Information for this purpose because it is necessary to comply with a legal obligation, to protect your or another individual’s vital interests, and/or for our legitimate interests.
  • Legal compliance: To comply with legal processes, such as warrants, subpoenas, court orders, and lawful regulatory or law enforcement requests and to comply with applicable legal requirements. We use Information for this purpose because it is necessary to comply with our legal obligations.

HOW WE SHARE YOUR INFORMATION

We may share any of the Information we collect with the following recipients.

  • Affiliates: We share Information with other members of our group of companies.
  • Service providers: We engage vendors to perform specific business purposes on our behalf, and they may receive Information about you from us or collect it directly. These vendors are obligated by contract to use Information that we share only for the purpose of providing these business functions, which include:
    • Supporting Pitaya functionality.
    • Auditing and accounting firms, such as firms that assist us in the creation of our financial records.
    • Professional services consultants, such as firms that perform analytics, assist with improving our business, provide legal services, or supply project-based resources and assistance.
    • Analytics and marketing services, including entities that analyze traffic on our online properties and assist with identifying and communicating with potential customers.
    • Security vendors, such as entities that assist with security incident verification and response, service notifications, and fraud prevention.
    • Information technology vendors, such as entities that assist with website design, hosting and maintenance, data and software storage, or network operation.
    • Marketing vendors.
  • Government entities/law enforcement: We may share Information when we believe in good faith that we are lawfully authorized or required to do so to respond to lawful subpoenas, warrants, court orders, or other regulatory or law enforcement requests, or where necessary to protect our property or rights or the safety of our employees, our customers, or other individuals.
  • Other businesses in the context of a commercial transaction: We may change our ownership or corporate organization while providing Pitaya. We may transfer to another entity or its affiliates or service providers some or all Information about you in connection with, or during negotiations of, any merger, acquisition, sale of assets or any line of business, change in ownership control, or financing transaction. We cannot promise that an acquiring party or the merged entity will have the same privacy practices or treat your information as described in this policy.

SECURITY AND TRANSFERRING YOUR INFORMATION

Security

We implement appropriate technical and organizational measures to protect your Information against accidental or unlawful destruction, loss, change, or damage. All Information we collect will be stored on secure servers. All electronic transactions entered into via our Website will be protected by SSL encryption technology. While we use these precautions to safeguard your Information, we cannot guarantee the security of the networks, systems, servers, devices, and databases we operate or that are operated on our behalf.

International Transfers of your Information

The Information we collect may be transferred to and stored in countries outside of the jurisdiction you are in where we and our third-party service providers have operations. CENTIFIC is a global company with affiliated companies across the world. As such, your Information may be transferred to our affiliated companies in other countries. We may also transfer your personal information to our third-party service providers, who may be located in a different country to you. We transfer information in order to operate efficiently, improve performance, and create redundancies in order to protect the information in the event of an outage or other problem. We will process your Information in a way that meets the commitments of this Privacy Policy and complies with the law wherever we transfer it. Whenever CENTIFIC transfers Information beyond the country of origin, we will do so in accordance with applicable laws.

If you are located in the European Union ("EU"), your Information will be processed outside of the EU; these international transfers of your Information are made pursuant to appropriate safeguards, such as standard data protection clauses adopted by the European Commission. If you wish to enquire further about these safeguards used, please contact us using the details set out at the end of this privacy policy.

Data Retention

We may store Information about you for as long as we have a legitimate business need for it.

YOUR OPTIONS AND RIGHTS IN RESPECT OF YOUR INFORMATION

Your Account: Please visit your account page to update your account information.

Email Unsubscribe: If you do not wish to receive marketing information from us or wish to opt out of future email promotions from us, please contact us. Please note that all promotional messages you receive from us will include an option to opt out of future email communications.

Jurisdiction-Specific Rights: You may have certain rights with respect to your Information depending on your location or residency. Please see “Privacy Disclosures for Specific Jurisdictions” below. Please contact us to exercise your rights.

PRIVACY DISCLOSURES FOR SPECIFIC JURISDICTIONS

European Economic Area, United Kingdom, and Switzerland

We process “personal data,” as that term is defined in the European Union’s General Data Protection Regulation (“GDPR”).

Your rights under the GDPR: If you are located in the European Economic Area (“EEA”), U.K., or Switzerland, you have the right to lodge a complaint to the Supervisory Authority in your jurisdiction. Contact details for Supervisory Authorities are available here: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.

If you are located in the EEA, U.K., or Switzerland, you have the following rights:

  1. Right of access and portability. The right to obtain access to your personal data or request transmission of your personal data to a third party.
  2. Right to rectification. The right to obtain rectification of your personal data where that personal data is inaccurate or incomplete.
  3. Right to erasure. The right to obtain the erasure of your personal data in certain circumstances, such as where the data is no longer necessary in relation to the purposes for which it was collected or processed.
  4. Right to restriction. The right to obtain the restriction of the processing undertaken by us on your personal data in certain circumstances, such as where the accuracy of the personal data is contested by you, for a period enabling us to verify the accuracy of that personal data.
  5. Right to Object. You have the right to object to the processing of your personal data based on our legitimate interests at any time. We will no longer process the personal data, unless there are compelling legitimate grounds for our processing that override the interests, rights, and freedoms of the data subject, or the processing serves the purpose of asserting, exercising, or defending legal claims. You also have the right to object at any time to the use of your personal data for direct marketing.
  6. Right to Withdraw Consent. If we are processing your personal data based on your consent, you have the right to withdraw your consent at any time.

If you wish to exercise one of these rights, please contact us using the contact details at the end of this privacy policy (“Contact Us”).

California

California Privacy Rights; “Shine the Light” Law: California residents are entitled once a year, free of charge, to request and obtain certain information regarding our disclosure, if any, of certain categories of personal information to third parties for their own direct marketing purposes in the preceding calendar year. Please contact us to obtain this information. We do not share your personal information with third parties for those third parties’ direct marketing purposes.

California Consumer Privacy Act

California law requires us to disclose information regarding the categories of personal information that we have collected about California consumers (as that term is defined in the California Consumer Privacy Act ("CCPA")), the categories of sources from which the information was collected, the business or commercial purposes (as those terms are defined by applicable law) for which the information was collected, and the categories of parties with whom we share personal information. You have the right to be free from discrimination based on exercise of your CCPA rights. To the extent we collect personal information that is subject to the CCPA, that information, our practices, and your rights are described below.

Notice at Collection Regarding the Categories of Personal Information Collected

You have the right to receive notice of certain information about our data collection, use, and disclosure. The following table summarizes the categories of personal information we collect; the categories of sources of that information; whether we disclose, sell, or share that information to service providers or third parties, respectively; and the criteria we use to determine the retention period for such information. The categories we use to describe personal information are those enumerated in the CCPA. We collect this personal information for the purposes described above in “How We Use Your Information.”

CategoryInformation TypeSourceWe disclose to:We sell to/share with:
Identifiers  Contact information or personal characteristics (name; email address; postal address; telephone number; signature)Social media handlesYou; our social media pages; third party lead generation and commercial data providersService Providers  Not sold/shared  
Financial InformationPayment card dataBank account informationCredit informationYouService ProvidersNot sold/shared
Protected Classifications and Other Sensitive DataGenderYouService ProvidersNot sold/shared
Commercial Information  Transaction information Billing and payment recordsOrder historyYouService ProvidersNot sold/shared
Geolocation InformationCoarse (information that describes location at ZIP code-level or less precision)You; our analytics partnersService ProvidersNot sold/shared
Internet or Electronic Network Activity InformationIP addressDevice identifier (e.g., MAC)Advertising identifier (e.g., IDFA, AAID)Information provided in URL string (e.g., search keywords)Cookie or tracking pixel informationInformation about your interaction with our website, app, email correspondence, or productsBrowsing historySearch historyDiagnostic information (e.g., crash logs, performance data)You; our analytics partnersService ProvidersNot sold/shared
Audio, Electronic, Visual, Thermal, Olfactory, or Similar InformationCall recordings PhotographsVideoYouService ProvidersNot sold/shared
Professional or Employment-Related InformationCurrent employerJob titleYouService ProvidersNot sold/shared
Inferences Drawn About YouUser profile reflecting preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudesYou; our analytics  partnersService ProvidersNot sold/shared
Content of CommunicationsContents of phone calls or emailsYouService ProvidersNot sold/shared
ContactsList of contacts that you supply to usYouService ProvidersNot sold/shared

We determine the retention period for each of the categories of personal information listed above based on (1) the length of time we need to retain the information to achieve the business or commercial purpose for which it was obtained, (2) any legal or regulatory requirements applicable to such information, (3) internal operational needs, and (4) any need for the information based on any actual or anticipated investigation or litigation.

Entities to whom we disclose information for business purposes are service providers, which are companies that we engage to conduct activities on our behalf. We restrict service providers from using personal information for any purpose that is not related to our engagement.

Entities to whom we “sell” or with whom we “share” information are third parties. Under the CCPA, a business “sells” personal information when it discloses personal information to a company for monetary or other benefit. A company may be considered a third party either because we disclose personal information to the company for something other than an enumerated business purpose under California law, or because its contract does not restrict it from using personal information for purposes unrelated to the service it provides to us.  A business “shares” personal information when it discloses personal information to a company for purposes of cross-context behavioral advertising. We do not “sell” or “share” personal information.

Your Rights Under the CCPA

If you are a California resident, you have the right to know and request access to and deletion of personal information. You have the right to requet access to personal information collected about you and information regarding the categories of sources of that information, the purposes for which we collect it, and the categories of third parties and service providers to whom we disclose it. You also have the right to request in certain circumstances that we correct personal ifnormation that we have collected about you and to delete perosnal information that we have collected directly from you.

To exercise your CCPA rights, please submit your request by using the contact details at the end of this privacy policy (“Contact Us”).

Colorado, Connecticut, Utah, and Virginia

Residents of the States of Colorado, Connecticut, Utah, and Virginia have the following rights:

  • Opt out of “sales” of personal information and use of their personal information for “targeted advertising,” as those terms are defined under applicable law.  We do not engage in “sales” of personal information or use personal information for “targeted advertising.”
  • Opt out of “profiling” under certain circumstances, as defined under applicable law. (Residents of Colorado, Connecticut, and Virginia only.) We do not use personal information for “profiling.”
  • Confirm processing of and access to personal information under certain circumstances.
  • Correct personal information under certain circumstances. (Residents of Colorado, Connecticut, and Virginia only.)
  • Delete personal information under certain circumstances.

Residents of these states can exercise their rights by contacting us at using one of the methods listed below. 

Nevada

If you are a Nevada resident, you may opt out of the sale of “Personally Identifiable Information” for monetary consideration to a person for that person to license or sell such information to additional persons. “Personally Identifiable Information” includes first and last name, address, email address, phone number, Social Security Number, or an identifier that allows a specific person to be contacted either physically or online.

We do not engage in such activity. However, if you are a Nevada resident who registers or uses Pitaya or has performed Services for us, you may submit a request to opt out of any potential future sales under Nevada law by using the contact details at the end of this privacy policy. Please note that we will take reasonable steps to verify your identity and the authenticity of the request. Once verified, we will maintain your request in the event our practices change.

LINKS TO THIRD-PARTY SITES

Our Website may, from time to time, contain links to and from third-party websites. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for their policies. Please check the individual policies before you submit any information to those websites.

OUR POLICY TOWARDS CHILDREN

Our Service is not directed at persons under 18, and we do not knowingly collect Information from children. If you become aware that your child has provided us with Information without your consent, then please contact us using the details below so that we can take steps to remove such information.

CHANGES TO THIS POLICY

We may update this privacy policy from time to time and so you should review this page periodically. When we change this privacy policy in a material way, we will update the "last modified" date at the end of this privacy policy. Changes to this privacy policy are effective when they are posted on this page.

CONTACT US

Questions, comments, and requests regarding this privacy policy are welcome and should be addressed to the Data Protection Officer at:

This privacy policy was last modified on July 4, 2023.