Privacy Policy

BirdiNova may process personal information in different roles depending on the context.

1.1 Information We Collect for Our Own Business Purposes

When we collect information through our website, sales process, marketing activities, account administration, billing, support, demos, or business communications, BirdiNova generally acts as the business, controller, or similar responsible party under applicable privacy laws.

This may include information about website visitors, prospects, customers, account administrators, billing contacts, support users, and business contacts.

1.2 Customer-Controlled Data Processed Through PULSE

When a customer uses PULSE to monitor, connect, analyze, or manage its own systems, BirdiNova generally processes Customer Data on behalf of that customer.

In that context, the customer determines what systems are connected, what data is submitted or processed, which users are authorized, which automations are enabled, and how PULSE is configured.

Customer-controlled data may include endpoint data, asset data, system health data, telemetry, logs, configurations, ticketing data, service records, diagnostic information, remediation history, user activity, event metadata, and other operational information connected to or generated by PULSE.

If you are an employee, contractor, technician, operator, or other user of one of our customers, please contact that customer directly for questions about how your information is used in PULSE.

The information we collect depends on how you interact with PULSE and how a customer configures the platform.

2.1 Website, Sales, and Contact Information

We may collect information you provide when you visit our website, complete a form, request a demo, contact us, subscribe to updates, communicate with sales, or otherwise interact with us.

This may include:

• name;
• work email address;
• phone number;
• company name;
• job title;
• business address;
• industry;
• company size;
• areas of interest;
• demo requests;
• message content;
• communication preferences;
• any other information you choose to provide.

2.2 Account and Administrative Information

When a customer creates or manages a PULSE account, we may collect information about customer administrators and authorized users.

This may include:

• name;
• work email address;
• phone number;
• company name;
• role or title;
• user permissions;
• login credentials or authentication identifiers;
• account settings;
• access roles;
• audit logs;
• support interactions;
• billing or purchasing contact information.

2.3 Platform, Telemetry, and Operational Data

PULSE may collect and process operational information needed to provide monitoring, diagnostics, lifecycle intelligence, alerting, workflow automation, and service assurance.

Depending on customer configuration, this may include:

• endpoint names, IDs, types, statuses, and locations;
• system health and availability data;
• device uptime and downtime;
• connectivity status;
• diagnostic results;
• error codes;
• service alerts;
• configuration metadata;
• ticketing data;
• remediation workflows;
• automation logs;
• action history;
• technician or operator activity;
• asset records;
• site and facility metadata;
• integration status;
• network or service performance information;
• event metadata from connected systems;
• API calls and integration activity.

PULSE is designed primarily to process operational health, service assurance, endpoint, and system metadata.

Unless expressly enabled by a customer under an applicable order form, statement of work, or written agreement, PULSE does not intentionally store raw video, biometric templates, full cardholder databases, full access control identity databases, intercom audio, or other highly sensitive security-system content.

2.4 AI, Diagnostics, and Automation Data

PULSE may include artificial intelligence, machine learning, rules-based analysis, predictive models, automation workflows, and diagnostic features.

We may process data related to:

• AI-assisted diagnostic summaries;
• root-cause suggestions;
• remediation recommendations;
• predicted failures;
• anomaly detection;
• workflow suggestions;
• automated or semi-automated remediation actions;
• customer-approved playbooks;
• service ticket generation;
• escalation history;
• action outcomes;
• feedback on recommendations or automated actions.

PULSE may log automated actions and related diagnostic events to provide the Services, maintain accountability, support troubleshooting, improve reliability, and assist customers in reviewing system activity.

2.5 Technical and Usage Information

When you use our website or platform, we may automatically collect technical and usage information.

This may include:

• IP address;
• device type;
• browser type;
• operating system;
• referring URLs;
• pages viewed;
• session activity;
• date and time of access;
• feature usage;
• error reports;
• log data;
• authentication events;
• security events;
• approximate location derived from IP address;
• cookies or similar identifiers.

2.6 Billing and Payment Information

If a customer purchases PULSE, we may collect billing and transaction-related information.

This may include:

• billing contact name;
• company billing address;
• invoice details;
• purchase order information;
• payment status;
• transaction history;
• tax information.

If payment is processed through a third-party payment provider, that provider may collect and process payment card, ACH, bank, or other payment details according to its own terms and privacy policy. BirdiNova does not intend to store full payment card numbers.

2.7 Support and Professional Services Information

When we provide support, implementation, training, professional services, customer success, or troubleshooting, we may collect:

• support tickets;
• emails and communications;
• diagnostic files;
• logs;
• screenshots;
• configuration information;
• meeting notes;
• recordings, if a meeting is recorded with notice;
• user-reported issues;
• technical contact information;
• information needed to resolve a support request.

2.8 Sensitive and Regulated Data

PULSE is not intended to collect or process classified information, export-controlled technical data, protected health information, payment card data, criminal justice information, biometric templates, Sensitive Security Information, Controlled Unclassified Information, or similar regulated data unless expressly agreed in writing and subject to any required additional terms.

Customers are responsible for determining whether data connected to or processed through PULSE is subject to special legal, contractual, security, public-sector, airport, transportation, privacy, retention, confidentiality, or regulatory requirements.

Customers must not submit or connect regulated data to PULSE unless they have confirmed that such use is authorized under their agreement with BirdiNova.

We may collect information from:

• you directly;
• your employer or organization;
• customer administrators;
• authorized users;
• connected customer systems;
• PULSE agents, APIs, connectors, integrations, and dashboards;
• service providers;
• implementation partners;
• ticketing systems;
• authentication providers;
• CRM or sales tools;
• analytics tools;
• public business sources;
• communications with us;
• events, demos, meetings, or conferences.

We use personal information and Customer Data for the following purposes:

4.1 To Provide and Operate PULSE

We use information to:

• create and manage accounts;
• authenticate users;
• provide access to the platform;
• monitor endpoint and system health;
• display dashboards;
• generate alerts;
• process telemetry;
• support integrations;
• execute customer-configured workflows;
• provide diagnostics;
• support automation and remediation;
• generate reports;
• maintain audit logs;
• provide customer support;
• perform implementation and professional services.

4.2 To Improve Reliability, Diagnostics, and Service Quality

We use information to:

• troubleshoot errors;
• improve uptime and platform performance;
• analyze service usage;
• improve user experience;
• improve diagnostic workflows;
• improve remediation logic;
• improve detection of common operational issues;
• develop new features;
• maintain platform security;
• identify and prevent misuse.

We may use aggregated, anonymized, or de-identified information to improve PULSE, including improving diagnostic accuracy, automation effectiveness, lifecycle intelligence, and operational insights.

4.3 To Support AI-Assisted Features

We may use information to provide AI-assisted diagnostics, summaries, recommendations, anomaly detection, predictive insights, and workflow suggestions.

We do not use customer-identifiable Customer Data to train third-party AI models or BirdiNova foundation models unless the customer expressly authorizes that use in writing.

We may use aggregated, anonymized, or de-identified operational patterns to improve PULSE, provided that such information does not identify a customer or disclose customer confidential information in a customer-identifiable form.

4.4 To Communicate With You

We may use information to:

• respond to inquiries;
• provide demos;
• send product updates;
• send administrative notices;
• send security notices;
• send support communications;
• send billing or account communications;
• provide customer success communications;
• send marketing communications, where permitted.

You may opt out of marketing emails at any time. Even if you opt out of marketing emails, we may still send transactional, security, legal, service, and account-related communications.

4.5 To Protect PULSE, Customers, and Others

We may use information to:

• detect, prevent, and investigate fraud, abuse, security incidents, unauthorized access, and misuse;
• protect the security and integrity of PULSE;
• enforce our agreements;
• protect customer environments;
• debug and repair errors;
• maintain logs for security and audit purposes;
• comply with legal obligations.

4.6 For Legal, Compliance, and Business Purposes

We may use information to:

• comply with applicable laws;
• respond to lawful requests;
• enforce contracts;
• resolve disputes;
• collect amounts owed;
• maintain business records;
• support audits;
• evaluate business transactions;
• protect legal rights.

We may use cookies, pixels, tags, local storage, and similar technologies on our website and platform.

These technologies may help us:

• operate the website and platform;
• remember preferences;
• authenticate users;
• maintain sessions;
• improve performance;
• analyze traffic;
• understand website engagement;
• measure marketing effectiveness;
• protect against fraud, abuse, and unauthorized access.

You can control cookies through your browser settings. Disabling certain cookies may affect website or platform functionality.

At this time, we do not intend to sell personal information or share personal information for cross-context behavioral advertising. If that changes, we will update this Privacy Policy and provide any legally required opt-out mechanisms.

We may disclose information in the following circumstances.

6.1 Service Providers and Subprocessors

We may disclose information to vendors, service providers, contractors, and subprocessors that help us operate, secure, support, deliver, and improve PULSE.

These may include providers of:

• cloud hosting;
• database infrastructure;
• authentication;
• security monitoring;
• logging and diagnostics;
• email delivery;
• customer support;
• payment processing;
• CRM and sales operations;
• analytics;
• AI processing;
• professional services;
• implementation support;
• data storage;
• communications tools.

These providers are authorized to process information only as needed to provide services to us and are expected to protect information appropriately.

6.2 Customer-Authorized Integrations

When a customer connects PULSE to third-party systems, such as ticketing platforms, cloud services, security systems, field service systems, communication tools, or vendor APIs, information may be shared with those systems according to the customer’s configuration and authorization.

Customers are responsible for reviewing and managing the privacy and security practices of third-party systems they choose to connect to PULSE.

6.3 Within Customer Accounts

Information may be visible to customer administrators, authorized users, technicians, operators, support teams, executives, integrators, or other personnel designated by the customer according to the customer’s account settings and access controls.

6.4 Professional Advisors

We may disclose information to lawyers, accountants, auditors, insurers, banks, consultants, and other professional advisors as needed for legitimate business purposes.

6.5 Legal and Compliance

We may disclose information if we believe disclosure is necessary or appropriate to:

• comply with applicable law;
• respond to subpoenas, court orders, legal process, or government requests;
• enforce our agreements;
• protect our rights, privacy, safety, or property;
• protect customers, users, or others;
• investigate or prevent fraud, security incidents, or misuse.

6.6 Business Transactions

We may disclose or transfer information in connection with a merger, acquisition, financing, corporate reorganization, sale of assets, bankruptcy, or similar business transaction.

6.7 Aggregated or De-Identified Information

We may disclose aggregated, anonymized, or de-identified information that does not identify a customer, user, or individual.

We do not sell personal information.

We also do not intend to share personal information for cross-context behavioral advertising as defined under California privacy law.

If our practices change, we will update this Privacy Policy and provide any legally required notice and opt-out rights.

We retain information for as long as reasonably necessary to provide PULSE, maintain business records, comply with legal obligations, resolve disputes, enforce agreements, maintain security, support audits, and fulfill the purposes described in this Privacy Policy.

Retention periods may vary depending on the type of information and context.

In general:

• website, sales, and contact information is retained as long as needed for business, sales, marketing, legal, and relationship management purposes;
• account and administrative information is retained while the account is active and for a reasonable period after termination;
• Customer Data is retained during the applicable subscription term and handled according to the customer agreement;
• following termination or expiration, Customer Data may be available for export for 30 days upon written request, unless otherwise stated in the applicable agreement;
• after the export period, Customer Data may be deleted, de-identified, or retained only as needed for backup, legal, security, audit, or compliance purposes;
• logs and security records may be retained as needed for security, audit, troubleshooting, and legal purposes;
• backups are deleted or overwritten according to standard backup rotation practices.

We use commercially reasonable administrative, technical, and organizational safeguards designed to protect the confidentiality, integrity, availability, and security of PULSE and the information we process.

These safeguards may include, as appropriate:

• encryption in transit;
• encryption at rest where supported;
• access controls;
• role-based permissions;
• authentication controls;
• audit logs;
• least-privilege access practices;
• secure credential handling;
• monitoring and logging;
• vulnerability management;
• vendor review;
• incident response procedures;
• logical separation of customer environments;
• backup and recovery practices.

No system, network, software platform, integration, or transmission method is completely secure. Customers are responsible for maintaining appropriate security controls for their own systems, networks, credentials, users, integrations, endpoints, and environments.

Customers should promptly notify us of any suspected unauthorized access, credential compromise, vulnerability, or security incident involving PULSE or systems connected to PULSE.

BirdiNova is based in the United States. Information may be processed in the United States and other countries where we or our service providers operate.

If information is transferred from outside the United States, we will take steps designed to protect that information consistent with applicable law, which may include contractual, technical, and organizational safeguards.

By using PULSE or providing information to us, you understand that your information may be processed in the United States and other locations that may have privacy laws different from those in your jurisdiction.

Depending on your relationship with us and applicable law, you may have choices regarding your information.

11.1 Marketing Communications

You may opt out of marketing emails by using the unsubscribe link in the email or by contacting us at contact@birdinova.com.

We may still send transactional, legal, security, account, support, and service-related communications.

11.2 Cookies

You can manage cookies through your browser settings. Some features may not work properly if certain cookies are disabled.

11.3 Account Information

Authorized users may be able to update certain account information through the PULSE platform or by contacting their customer administrator.

If your account is managed by your employer or organization, please contact that organization for changes to account access, role, or deletion requests.

Depending on your location and applicable law, you may have certain privacy rights regarding your personal information.

These may include the right to:

• request access to personal information;
• request correction of inaccurate personal information;
• request deletion of personal information;
• request portability of personal information;
• object to certain processing;
• restrict certain processing;
• withdraw consent where processing is based on consent;
• opt out of marketing communications;
• opt out of certain sales or sharing of personal information, where applicable;
• limit certain uses of sensitive personal information, where applicable;
• not be discriminated against for exercising privacy rights.

To exercise privacy rights, contact us at:

contact@birdinova.com

We may need to verify your identity before responding to a request. We may also need to confirm whether your request relates to information we control directly or information we process on behalf of a customer.

If your information is contained in Customer Data that we process on behalf of a customer, we may direct your request to that customer or assist the customer in responding, as appropriate.

We will respond to privacy requests as required by applicable law.

This section applies to California residents and is intended to supplement the rest of this Privacy Policy.

13.1 Categories of Personal Information We May Collect

Depending on your interaction with us, we may collect the following categories of personal information:

PULSE is not intended to collect sensitive personal information for the purpose of inferring characteristics about individuals.

13.2 Sources of Personal Information

We may collect personal information from:

• you;
• your employer or organization;
• customer administrators;
• authorized users;
• customer systems connected to PULSE;
• service providers;
• business partners;
• public business sources;
• website and platform technologies.

13.3 Purposes for Collection and Use

We collect and use personal information for the purposes described in this Privacy Policy, including:

• providing and operating PULSE;
• managing accounts;
• authenticating users;
• providing support;
• processing billing;
• communicating with customers and prospects;
• improving the Services;
• securing the platform;
• detecting and preventing fraud, abuse, and misuse;
• complying with legal obligations;
• enforcing agreements.

13.4 Disclosure of Personal Information

We may disclose the categories of personal information listed above to:

• service providers;
• subprocessors;
• customer-authorized integrations;
• customer administrators and authorized users;
• professional advisors;
• government authorities or other parties where legally required;
• parties involved in a business transaction.

13.5 Sale or Sharing

We do not sell personal information.

We do not intend to share personal information for cross-context behavioral advertising.

13.6 California Privacy Rights

California residents may have the right to:

• know what personal information we collect, use, disclose, sell, or share;
• request access to personal information;
• request correction of inaccurate personal information;
• request deletion of personal information;
• opt out of sale or sharing of personal information;
• limit certain uses and disclosures of sensitive personal information;
• not be discriminated against for exercising privacy rights.

To exercise California privacy rights, contact us at:

contact@birdinova.com

We may verify your request before responding. Authorized agents may submit requests on behalf of California residents where permitted by law, subject to verification.

If you are located in the European Economic Area, United Kingdom, Switzerland, or another jurisdiction with similar privacy laws, you may have additional rights.

Where applicable, our legal bases for processing personal information may include:

• performance of a contract;
• legitimate interests, such as operating, securing, improving, and supporting PULSE;
• consent, where required;
• compliance with legal obligations;
• protection of rights, safety, and security.

You may have rights to access, correct, delete, restrict, object to, or receive a copy of certain personal information. You may also have the right to withdraw consent where processing is based on consent.

You may contact us at contact@birdinova.com to exercise applicable rights.

If you believe your rights have been violated, you may have the right to lodge a complaint with your local data protection authority.

PULSE may be used by security integrators, enterprise security teams, airports, public-sector entities, utilities, transportation organizations, healthcare organizations, education institutions, and other critical infrastructure or security-sensitive customers.

Customers are responsible for:

• determining what data may lawfully be connected to PULSE;
• obtaining all required rights, consents, approvals, and authorizations;
• configuring integrations and automations appropriately;
• limiting access to authorized personnel;
• complying with applicable laws, contracts, policies, procurement requirements, and security requirements;
• identifying any regulated, confidential, public-sector, airport, transportation, security, or sensitive data before connecting it to PULSE.

Customers must not connect classified information, Sensitive Security Information, Controlled Unclassified Information, biometric templates, protected health information, criminal justice information, payment card data, or similar regulated data to PULSE unless expressly authorized in writing and subject to any required additional terms.

PULSE is not intended for children. We do not knowingly collect personal information from children under 13, or under the age required by applicable law.

If we learn that we have collected personal information from a child without appropriate consent, we will take reasonable steps to delete it.

Our website or platform may contain links to third-party websites, services, systems, or integrations.

We are not responsible for the privacy, security, or data practices of third parties. Customers and users should review the privacy policies and terms of third-party services before using or connecting them to PULSE.

We may update this Privacy Policy from time to time.

If we make material changes, we will provide notice by posting the updated Privacy Policy, updating the “Last Updated” date, notifying customers through the platform, or using another commercially reasonable method.

Your continued use of PULSE after the updated Privacy Policy becomes effective means you acknowledge the updated Privacy Policy.

Questions or requests regarding this Privacy Policy may be sent to:

BirdiNova, Inc.

601 Mission Street

Pasadena, CA 91030

Email: contact@birdinova.com

Attention: Privacy