Privacy Policy

1. Introduction

Thox.ai Inc. ("Thox.ai," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our edge AI device, website, and related services (collectively, the "Services").

By using our Services, you agree to the collection and use of information in accordance with this policy. Thox.ai™ and the Thox.ai logo are trademarks of Thox.ai Inc. (trademark pending).

2. Information We Collect

2.1 Device Usage Data

Our edge device operates primarily offline. We do NOT collect:

• Your source code or prompts
• AI model inputs or outputs
• File contents or project data
• Any data processed by the AI models

2.2 Optional Analytics

With your explicit consent, we may collect anonymized usage statistics to improve our products:

• Device health metrics (temperature, memory usage)
• Firmware version information
• Aggregate usage patterns (no personal data)
• Error logs for troubleshooting

2.3 Website and Account Data

When you use our website or create an account, we may collect:

• Name and email address
• Billing and shipping information
• Communication preferences
• Support ticket contents

3. How We Use Your Information

We use the information we collect to:

• Process and fulfill your orders
• Provide customer support
• Send important product updates and security notices
• Improve our products and services (with anonymized data only)
• Comply with legal obligations

4. Data Sharing and Disclosure

We do not sell your personal information. We may share data with:

• Service providers: Payment processors, shipping carriers, and cloud infrastructure providers who help us operate our business
• Legal requirements: When required by law or to protect our rights
• Business transfers: In connection with a merger, acquisition, or sale of assets

5. Data Security

We implement industry-standard security measures to protect your information, including:

• TLS encryption for all data in transit
• AES-256 encryption for stored data
• Regular security audits and penetration testing
• SOC 2 Type II compliance (in progress)

6. Your Rights

Depending on your location, you may have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your data
• Opt-out of marketing communications
• Data portability

7. Children's Privacy

Our Services are not intended for children under 16. We do not knowingly collect personal information from children under 16. If you believe we have collected information from a child, please contact us immediately.

8. International Data Transfers

Your information may be transferred to and processed in the United States. We ensure appropriate safeguards are in place to protect your data in compliance with applicable laws.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date.