Terms and Conditions
Last updated: February 17, 2025
Introduction
- Welcome to the allumni Platform. Please read these Terms and Conditions ("Terms") carefully before using the allumni Platform and our Services.
- These Terms and Conditions constitute a legally binding agreement made between you ("You" or "Your") and Emblem Consulting DMCC ("Company," "We," "Us," or "Our"), concerning your access to and use of the allumni Platform and related Services, Software and Documentation.
1. Interpretation and Definitions
1.1 Interpretation
- The interpretation provisions set out in the SaaS Agreement (as defined below) shall apply to these Terms.
1.2 Definitions
- The words of which the initial letter is capitalised have the meanings defined in the SaaS Agreement. Capitalised words which are not defined in the SaaS Agreement are defined as follows:
- "Account" means a unique account created for You to access our allumni Platform and Services.
- "Affiliate" means an entity that controls, is controlled by or is under common control with a party, where "control" means ownership of 50% or more of the shares, equity interest or other securities entitled to vote for election of directors or other managing authority.
- "Country" refers to: United Arab Emirates
- "Derived Data" means the data, insights, responses, or outputs generated by the allumni Platform using Customer Material.
- "Enterprise Account" means a business account created by an organisation for the purpose of using the Service for business operations.
- "LLM" means Large Language Model.
- "SaaS Agreement" means the SaaS Agreement entered into between You and the Company in relation to the allumni Platform.
2. Acknowledgment and Eligibility
- By accessing or using the allumni Platform, You agree to be bound by these Terms, which are incorporated to and form part of the SaaS Agreement. If You disagree with any part of these Terms, You may not access the allumni Platform or use the Services.
3. Data Rights and Protection
3.1 Customer Material Ownership
- The rights and obligations relating to the Customer Materials is detailed in the SaaS Agreement...
- We explicitly commit not to share or disclose Customer Material or generated content except as required to provide the Services or by applicable law.
- Key points include:
- We acquire no ownership rights in Customer Material.
- We will not use Customer Material for any purpose other than providing Services.
- We will not disclose or sell Customer Material except as necessary to process and analyse information securely.
- Third-party processors are bound by confidentiality and data protection obligations.
3.2 Derived Data
- When using the allumni Platform, You must not provide Customer Material that violates the rights of others or applicable laws.
- You own the Derived Data generated from Your use of the platform, subject to applicable intellectual property rights and the SaaS Agreement.
- We may use anonymised usage statistics solely to improve the Platform.
3.5 Data Security
- We implement security measures including encryption, isolated environments, regular audits, access control, and continuous monitoring.
3.6 Non-Disclosure
- All user-generated content remains private and confidential. It will not be shared or disclosed to any other user or third party.
3.7 User Privacy and Content Security
- We prioritise Your privacy and ensure all data is encrypted and protected. We do not use Your content beyond providing the Services.
3.8 Third Party Data Handling
- The allumni Platform uses third-party services, each with its own data policies.
- By using the Platform, You consent to data storage and processing by third-party services detailed in Appendix A.
4. Data Processing and Storage
- All Customer Material will be processed in secure data centres located in the United Arab Emirates or as permitted by law.
- Upon termination or written request, data will be returned or deleted within 30 days, and deletion certified.
- Customer Material shared with third-party providers may be stored outside the UAE, subject to recipient country laws.
5. Maintenance
5.1 Service Availability
- We maintain 99.9% uptime monthly, excluding scheduled maintenance (48-hour notice).
5.2 Security Incidents
- We will notify You within 24 hours of discovering any Security Incident affecting Customer Material.
5.3 Contact Information
- Email: [email protected]
- Address: Emblem Consulting DMCC, Indigo Icon Tower Suite 2204, Jumeirah Lake Towers, Dubai, PO Box 390306, United Arab Emirates
Appendix A: Third-Party Policies and Data Policies
A.1 Overview
- We carefully select third-party LLM providers based on their security standards, data handling practices, and explicit commitments regarding customer data protection.
A.2 Current LLM Providers
A.2.1 OpenAI (ChatGPT API)
- Data Usage Policy: OpenAI's API does not use customer data to train or improve their models.
- Data Retention: API requests are retained for abuse and monitoring purposes only, for a maximum of 30 days.
- Security Certifications: SOC 2 Type 2 certified.
- API Data Protection: All data is encrypted in transit and at rest.
- Reference: https://platform.openai.com/docs/api-reference/authentication
A.2.2 Anthropic (Claude API)
- Data Usage Policy: Does not train on API customers' data.
- Data Privacy: Strict controls preventing API inputs from being used for model training.
- Security Standards: Enterprise-grade security protocols.
- API Data Protection: End-to-end encryption for all API communications.
- Reference: https://www.anthropic.com/legal/privacy-policy
A.3 Other Third Party Providers
A.3.1 Clerk
- Implemented as a user management platform.
- The allumni Platform stores user's first name, last name, and email.
- References:
- Clerk Terms of Use: https://clerk.com/legal/terms
- Clerk Privacy Policy: https://clerk.com/legal/privacy
A.3.2 Weaviate
- Used as an AI-native vector database.
- The allumni Platform stores user's submitted information including company website URLs, documents, prompt conversations, rules, brands, and brand descriptions.
- References:
- Weaviate Cloud Agreement: https://weaviate.io/service/weaviate-cloud-agreement
- Weaviate Enterprise Agreement US: https://weaviate.io/service/weaviate-enterprise-agreement-us
- Weaviate Enterprise Agreement non-US: https://weaviate.io/service/weaviate-enterprise-agreement-nonus
- Weaviate Service Level Agreement: https://weaviate.io/sla
- Weaviate Data Processing Agreement: https://weaviate.io/dpa
- Weaviate Data Subprocessors: https://weaviate.io/subprocessors
- Weaviate Support Terms: https://weaviate.io/weaviate-support-terms
- Weaviate End of Life Policy: https://weaviate.io/weaviate-eol-policy
- Weaviate Cookie Policy: https://weaviate.io/cookie-policy
- Weaviate Privacy Policy: https://weaviate.io/privacy
- Update to Terms & Policies: https://weaviate.io/service/updates-to-terms-and-policies
A.3.3 Vercel
- Utilised as a cloud platform to deploy and host allumni Platform web services.
- The allumni Platform stores user IP addresses on Vercel.
- References:
- Vercel Terms of Service: https://vercel.com/legal/terms
- Vercel Privacy Policy: https://vercel.com/legal/privacy-policy
A.3.4 AWS (Amazon Web Services)
- S3 storage service is used to host user-submitted files that are saved as datasets on the allumni Platform.
- The storing of such datasets is governed by AWS's security protocols applicable to the AWS region in the Republic of Ireland.
- References:
- AWS Privacy Notice: https://aws.amazon.com/privacy/
- AWS Site Terms: https://aws.amazon.com/terms/
A.3.5 OneSignal
- Utilised to send emails to users regarding dataset sources that users have added to their allumni Platform account.
- As part of this process, We handle the following user data:
- - User email
- - User name
- - Dataset source name (voluntarily submitted by the user upon uploading the source to their account dataset).
- References:
- OneSignal Privacy Policy: https://onesignal.com/privacy_policy
- OneSignal Terms of Service: https://onesignal.com/tos
A.4 Third Party Provider Updates
- We will notify You of any material changes to the third party providers that we use by updating this Appendix and providing you with notice of such changes.
- We emphasise that the third party providers are responsible for their own policies and reserve the discretion to amend these from time to time, and do not assume responsibility for their policies or any changes thereto.
- You can opt out of specific providers through Your account settings.
A.5 Data Processing Safeguards
- For all LLM provider interactions:
- - Data is processed only within Your secure environment.
- - No persistent storage of queries or responses on provider systems.
- - Regular audits of provider compliance with stated policies.
- - Monitoring of all API interactions for security purposes.
A.6 Compliance and Certifications
- Our LLM providers maintain various security certifications and compliance standards, including:
- - SOC 2 Type 2
- - ISO 27001
- - GDPR compliance (for EU data processing)
- - Regional data protection regulations as applicable