Privacy Policy — Ardra AI

This Privacy Policy outlines how Ardra AI collects, processes, shares, and safeguards data. It applies to all users, enterprise clients, and authorized personnel interacting with our platform or hardware. Our mission is to make data intelligence safe, secure, and transparent for every organization we serve.

2.1 Personal Data

Depending on your interaction with Ardra AI, we may collect:

• ●Name, email address, phone number
• ●Account credentials and authentication data
• ●Organization details (facility IDs, utility identifiers, department info)
• ●Role-based access permissions

2.2 Operational & Facility Data (Enterprise Data)

This includes:

• ●Facility sensor data (energy, water, environmental, asset telemetry)
• ●Utility consumption, feeder data, operational metrics
• ●Equipment performance, machine analytics, control logs
• ●Infrastructure-related metadata supplied by enterprise clients

This data belongs to the enterprise, and Ardra AI only processes it per contract.

2.3 Usage Data

• ●User interactions within Ardra EMS and Genie
• ●Query logs, voice interactions, and command history
• ●GenAI-assisted insights and associated metadata
• ●Device information (IP address, browser/device type, OS version)

2.4 Sensitive Data

Collected only with clear consent:

• ●Microphone access for voice queries
• ●Location data for facility-based analytics or GPS-enabled deployments
• ●Any camera/visual input (for future modules) with explicit opt-in

3.1 Service Delivery

• ●Provide core functionalities of Hypernova, EMS, and Genie
• ●Generate analytics, insights, predictions, and reports
• ●Enable real-time monitoring and AI-driven automation

3.2 Platform Performance & Improvement

• ●Improve model accuracy and intelligence
• ●Enhance user experience
• ●Conduct system diagnostics and troubleshooting

Usage data may be aggregated and anonymized for product research.

3.3 Compliance & Security

• ●Ensure adherence to enterprise policies and regulatory frameworks
• ●Monitor platform health, detect anomalies, and prevent misuse

4.1 Third-Party Services

We use trusted service providers for:

• ●Cloud hosting and data storage
• ●Analytics, reporting, and AI compute
• ●Security monitoring and threat detection

These third parties adhere to ISO 27001, SOC 2, GDPR, CCPA, and relevant global compliance standards. No third party may use Ardra data for advertising or external profiling.

4.2 User & Enterprise Consent

We request consent for:

• ●Microphone access
• ●Location access
• ●Hardware-based data collection (in enterprise deployments)

Permissions can be managed via device settings or enterprise control panels.

4.3 Cross-Border Data Transfer

Ardra AI may process data in servers located in:

• ●United States
• ●India
• ●EU data regions

All transfers comply with international data protection laws and enterprise agreements.

5.1 Security Measures

We use industry-leading security protocols:

• ●AES-256 encryption at rest
• ●TLS/SSL encryption during transit
• ●Role-based access controls (RBAC)
• ●Multi-factor authentication (MFA)
• ●Zero-trust architecture for enterprise deployments

5.2 AI & Model Safety

• ●Genie and automated systems apply enterprise-grade guardrails
• ●No model is trained on identifiable user data without explicit agreement
• ●All enterprise data remains confidential and segregated

5.3 Threat Monitoring

Real-time detection of:

• ●Unauthorized access
• ●Malware
• ●Anomalous usage
• ●Data tampering
• ●Hardware threats (for Hypernova deployments)

6.1 Individual User Rights

• ●Access your personal information
• ●Update incorrect data
• ●Request deletion of your account
• ●Withdraw microphone/location permissions

6.2 Enterprise Client Rights

• ●Full ownership of facility/utility data
• ●Right to export or delete operational data
• ●Control over Genie's access within the organization
• ●Role-based user management

Requests may be submitted through enterprise admins or support.

• ●Personal data is retained as long as your account remains active.
• ●Enterprise data is retained per contract terms.
• ●Anonymized operational data may be used for AI improvements unless prohibited by contract.

Deletion requests are executed within 30 days unless regulatory requirements mandate otherwise.

Ardra AI conforms to:

• ●GDPR (EU)
• ●CCPA (California)
• ●DPDP Act 2023 (India)
• ●SOC 2 & ISO 27001 security standards
• ●NIST AI governance best practices
• ●Industry-specific compliance for utilities and defense (as applicable)

We conduct periodic internal reviews to maintain evolving standards.

Ardra AI is not intended for individuals under 16. We do not knowingly collect children's data.

We may update this policy to reflect:

• ●New platform features
• ●Regulatory changes
• ●Security improvements

Revisions will be posted with the updated date. Significant changes will be communicated to users and enterprise clients.

For requests, concerns, or compliance queries: