Privacy Policy

1. Information We Collect

We collect information that you provide directly to us and information collected automatically when you use the Services.

• Account & contact information: name, company name, job title, email address, phone number, and password (stored in hashed form).
• Company & audit information: details you provide in audit applications and pre‑audit forms, including systems used, operational workflows, and other business information.
• Usage information: log data such as IP address, browser type, pages viewed, referring URLs, and timestamps when you use our website or members area.
• Cookies and similar technologies: we use cookies and similar tools to remember your preferences, secure your session, and understand how our website is used. You can usually control cookies through your browser settings.

2. How We Use Your Information

We use the information we collect for purposes including:

• Providing, operating, and improving the Services, including our audit programs and members dashboard.
• Processing audit applications and communicating with you about your application, audit status, and deliverables.
• Creating and managing your user account, including authentication and security.
• Sending transactional messages such as confirmations, security alerts, and important updates.
• Responding to your questions, support requests, or feedback.
• Monitoring and protecting the security, integrity, and availability of the Services.
• Analyzing usage trends and improving our website, user experience, and offerings.
• Complying with legal obligations and enforcing our agreements and policies.

3. Legal Bases (EEA/UK Users)

If you are located in the European Economic Area or the United Kingdom, we process your personal data where we have a legal basis to do so, including: (a) to perform a contract with you (for example, to provide audit or subscription services); (b) with your consent (for example, certain marketing communications); and (c) for our legitimate interests (such as improving the Services and maintaining security), provided those interests are not overridden by your rights and interests.

4. How We Share Information

We do not sell your personal information. We may share information in the following limited circumstances:

• Service providers that help us operate the Services (for example, hosting, analytics, email delivery, and payment processing). These providers are allowed to use your information only to perform services on our behalf.
• Professional advisors such as lawyers, accountants, and auditors, where necessary for legitimate business purposes.
• Business transfers in connection with a merger, acquisition, financing, or sale of all or a portion of our business.
• Legal and safety when we believe disclosure is reasonably necessary to comply with law, protect our rights, or protect any person's safety.

5. Data Retention

We retain information for as long as necessary to provide the Services, comply with our legal obligations, resolve disputes, and enforce our agreements. When information is no longer needed, we will delete or anonymize it in accordance with our data retention practices.

6. Security

We use reasonable administrative, technical, and physical safeguards to protect your information. However, no method of transmission over the internet or method of electronic storage is completely secure. We cannot guarantee absolute security, but we work continuously to protect your data.

7. Your Rights & Choices

Depending on where you live, you may have certain rights regarding your personal information, such as:

• Accessing the personal information we hold about you.
• Requesting corrections to inaccurate or incomplete information.
• Requesting deletion of certain information, subject to legal and contractual obligations.
• Objecting to or restricting certain processing activities.
• Withdrawing consent where we rely on your consent.

To exercise these rights, please contact us using the details in the Contact Us section. We may need to verify your identity before completing your request.

8. International Transfers

ChiefAIO is based in the United States and your information may be processed and stored in the U.S. and other countries that may have different data protection laws than your country. Where required by applicable law, we implement appropriate safeguards to protect such transfers.

9. Children's Privacy

Our Services are not directed to individuals under 18, and we do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us so we can take appropriate action.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of the page and, where appropriate, provide additional notice. Your continued use of the Services after any changes signifies your acceptance of the updated policy.

11. Contact Us

If you have any questions about this Privacy Policy or our data practices, you can contact us at:

Email: [email protected]
Headquarters: Fort Lauderdale, Florida, United States