Privacy Policy

1. Introduction

At Inso, we respect your privacy and are committed to protecting the personal and operational data you share with us. This Privacy Policy describes how Inso AI ("Inso", "we", "us", or "our") collects, uses, processes, and protects your information when you use our enterprise-grade AI and IoT platform, edge gateway devices, websites, dashboards, and associated services (collectively, the "Service").

By accessing or using the Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with the terms of this policy, please do not access or use the Service.

2. Information We Collect

To deliver our real-time asset intelligence and predictive maintenance solutions, we collect several categories of information depending on your interactions with us:

• Account Information: Full name, corporate email address, phone number, job title, and organization details provided during registration or Single Sign-On (SSO) integration via Microsoft Active Directory.
• IoT & Edge Telemetry: High-frequency sensor data, diagnostic logs, machine states, device temperatures, current/voltage measurements, and operation status captured from connected edge gateway hardware.
• Operational Records: Asset inventory logs, maintenance schedules, work order descriptions, vendor lists, and historical downtime logs uploaded or entered into our central CMMS database.
• Usage & Device Data: IP addresses, browser types, device operating systems, active session logs, and diagnostic telemetry from users navigating our central web dashboard.

3. How We Use Information

We process your data strictly to provide, maintain, and optimize our enterprise IoT and AI services. Specific use cases include:

• Delivering Predictive Insights: Training and executing our machine learning models to accurately forecast asset failures and trigger automated preventive work orders.
• Managing Platform Uptime: Ensuring reliable MQTT and HTTPS transit pipelines between physical gateways and our Azure cloud database, maintaining active-active multi-region redundancy.
• Customer Support: Troubleshooting hardware gateway connections, verifying Power BI dashboard integrations, and resolving operator system issues.
• Security & Compliance: Monitoring platform health, detecting potential security threats, auditing access logs, and upholding our SOC 2 Type II and ISO 27001 posture.

4. Data Security

Inso takes data protection extremely seriously. We have implemented standard administrative, technical, and physical security measures designed to shield your enterprise records and IoT telemetry from unauthorized access, loss, or manipulation:

• Encryption: All data is encrypted using AES-256 both in transit (via secure TLS/HTTPS and MQTT over TLS) and at rest within Microsoft Azure’s secure multi-region databases.
• Access Controls: Role-based access control (RBAC) and Single Sign-On (SSO) authentication limit data access to verified operations personnel only.
• Network Integrity: Active firewalls, DDoS protection layers, continuous penetration testing, and virtual private network (VPN) gateways for secure IoT telemetry streams.

5. Sharing & Retention

We do not sell, rent, or trade your operational telemetry or personal details to third parties. We share information only under the following limited circumstances:

• Cloud & Infrastructure Providers: With Microsoft Azure and similar enterprise hosting partners who provide secure cloud database structures, server capacity, and data transit pipelines.
• Enterprise Integrations: With third-party enterprise tools that you explicitly configure inside Inso, such as SAP, Oracle ERP, or Microsoft Power BI.
• Legal Compliance: When required by law, subpoena, or government authority to satisfy statutory regulations or protect system integrity.

We retain your data for as long as your corporate subscription is active, or as needed to comply with statutory retention timelines, maintain system performance audit trails, and resolve disputes.

6. Your Rights & Choices

Depending on your geographic location (such as the European Union under GDPR or California under CCPA), you and your operators may hold specific statutory rights regarding your data:

• Access & Portability: The right to request copies of the personal data we hold and export it in a structured, machine-readable format.
• Rectification & Deletion: The right to correct inaccurate profile data or request that we delete account information, subject to administrative operational limits.
• Consent Withdrawal: The right to revoke permissions for specific analytics trackers, subject to core platform functioning requirements.

7. Contact Information

For any questions, concerns, or requests regarding this Privacy Policy or Inso's data handling practices, please contact our dedicated security team:

Email: privacy@inso.ai
Address: Inso AI Technologies, Inc., Attn: Privacy & Compliance, 500 Enterprise Way, Suite 400, San Francisco, CA 94105