Privacy Policy

Introduction

ProGuardXAi ("ProGuard", "we", "our", "us") provides biosecurity risk intelligence services for the poultry sector, including outbreak monitoring, location-aware alerts, route risk assessment, trade restriction tracking, and periodic reporting. This Privacy Policy describes how we collect, use, store, and protect information in connection with our website at proguardxai.com, our client portal, and our alert delivery services (collectively, the "Services").

By using our Services, you acknowledge that you have read and understood this Privacy Policy. If you are a client representative acting on behalf of your organization, you confirm that you are authorized to accept these terms on your organization's behalf.

Information We Collect

2.1 Client Account Information

When your organization subscribes to ProGuard, we collect business contact details necessary to set up and operate your account:

• Company name, business address, and registration details
• Contact person name, role, email address, and phone number
• Preferred language, timezone, and delivery channel preferences
• Billing contact and payment information (processed through third-party payment providers)

2.2 Farm and Site Location Data

To provide location-aware monitoring, we collect operational site information:

• Farm or facility geographic coordinates (latitude and longitude)
• Configured monitoring radius for each location
• Site type (e.g., production farm, slaughterhouse, feed mill)
• Country and region identifiers

This data is used exclusively to calculate proximity to outbreak events and to generate location-relevant alerts. We treat all client site location data as commercially sensitive and confidential.

2.3 Alert Delivery Data

To deliver alerts through your chosen channels, we process:

• Telegram chat IDs, Viber identifiers, WhatsApp numbers, or email addresses designated for alert receipt
• Alert delivery timestamps, read receipts (where available), and delivery status

2.4 Portal Usage Data

When you access the client portal, we automatically collect:

• Authentication events (login times, session duration)
• Features accessed (e.g., alert history, route checker, reports)
• Browser type, operating system, screen resolution, and IP address

2.5 Contact Form Submissions

When you submit a form on our website (e.g., demo requests, general inquiries), we collect the information you provide, including your name, email address, company, country, and message content.

2.6 Information We Do Not Collect

We do not collect personal health information, financial account details (beyond billing contacts), employee personal data, farm production volumes, or any data beyond what is necessary to operate the Services.

How We Use Information

We use the information we collect for the following purposes:

• Service delivery: To monitor outbreak sources, calculate proximity to your sites, generate alerts, and deliver them through your configured channels
• Report generation: To compile weekly intelligence reports tailored to your monitoring profile
• Route risk assessment: To evaluate transport routes against active outbreak zones when you use the route checker
• Account management: To manage subscriptions, communicate about service changes, and provide technical support
• Service improvement: To analyze usage patterns, diagnose technical issues, and improve platform reliability and performance
• Security: To detect unauthorized access, prevent abuse, and maintain the integrity of our infrastructure

We do not use your data for advertising, profiling, or any purpose unrelated to providing and improving the Services.

Legal Basis for Processing

We process your information on the following legal bases under applicable data protection law:

• Contract performance: Processing necessary to fulfill our service agreement with your organization, including alert delivery and report generation
• Legitimate interests: Processing necessary for service improvement, security monitoring, and business operations, balanced against your privacy rights
• Consent: Where you voluntarily submit information through contact forms or demo requests
• Legal obligation: Where we are required to retain or disclose information under applicable law

Data Sharing and Disclosure

We do not sell, rent, license, or trade client data to any third party. We share information only in the following limited circumstances:

5.1 Service Providers

We use third-party services to operate parts of the platform. These providers receive only the minimum data necessary to perform their function:

• Messaging platforms (Telegram, Viber, WhatsApp): Receive alert content and recipient identifiers for delivery
• Email delivery services: Receive email addresses and report content for delivery
• Authentication provider (Clerk): Processes login credentials and session management for the client portal
• Hosting infrastructure (Hetzner, EU): Hosts the platform, database, and processing pipeline

All service providers are contractually required to protect your data and use it only for the purpose for which it was shared.

5.2 Outbreak Data Sources

The outbreak data displayed in our alerts and reports is sourced from publicly available government and intergovernmental databases. No client data is shared with these sources.

5.3 Legal Requirements

We may disclose information if required by law, court order, or regulatory authority, or if necessary to protect our legal rights, enforce our terms of service, or protect the safety of our users.

Data Security

We implement appropriate technical and organizational measures to protect your information:

• All data in transit is encrypted using TLS 1.2 or higher (HTTPS)
• Client data is stored on servers located within the European Union (Hetzner, Germany)
• Database access is restricted to authenticated, authorized processes only
• The client portal uses industry-standard authentication with session management
• We maintain automated backups and disaster recovery procedures
• Administrative access to production systems is limited to authorized personnel using secure protocols

While we take commercially reasonable steps to protect your data, no method of electronic transmission or storage is completely secure. We cannot guarantee absolute security but commit to promptly addressing any security incident.

Data Retention

• Account and site data: Retained for the duration of your active subscription, plus 90 calendar days after termination to allow for account reactivation or data export
• Alert delivery logs: Retained for 12 months from the date of delivery, for audit and service quality purposes
• Portal usage logs: Retained for 6 months, then automatically purged
• Contact form submissions: Retained for 12 months or until the inquiry is resolved, whichever is later
• After retention periods expire: Data is permanently deleted from production systems. Backup copies are overwritten within 30 days of the retention period ending

If you request early deletion, we will process your request within 30 days, subject to any legal retention obligations.

Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you or your organization
• Rectification: Request correction of inaccurate or incomplete data
• Erasure: Request deletion of your data, subject to legal retention requirements
• Data portability: Request export of your data in a structured, machine-readable format
• Restriction: Request that we limit processing of your data in certain circumstances
• Objection: Object to processing based on legitimate interests
• Withdraw consent: Where processing is based on consent, you may withdraw it at any time

To exercise any of these rights, contact us at privacy@proguardxai.com. We will respond within 30 days. We may request verification of your identity and authority to act on behalf of your organization before processing requests.

Cookies and Tracking

We use a minimal set of cookies, limited to what is necessary for the platform to function:

• Authentication cookies: Used to maintain your login session in the client portal. These are strictly necessary and cannot be disabled while using the portal.
• Security cookies: Used for CSRF protection and session integrity.

We do not use advertising cookies, analytics trackers, social media pixels, or any third-party tracking technology on our website or client portal. We do not participate in cross-site tracking or behavioral advertising networks.

International Data Transfers

Our primary infrastructure is located within the European Union. Where data is processed by third-party messaging platforms (e.g., Telegram, WhatsApp) for alert delivery, data may be transferred to servers outside the EU. In such cases, we rely on the platform's own data protection commitments and applicable safeguards under data protection law.

If you are located outside the EU, your data will be transferred to and processed on our EU-based servers.

Children's Privacy

ProGuard is a business-to-business service designed for professional use by poultry industry organizations. We do not knowingly collect personal data from individuals under the age of 18. If you believe we have inadvertently collected such data, please contact us and we will promptly delete it.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes:

• Active clients will be notified by email at least 14 days before changes take effect
• The "Last updated" date at the top of this page will be revised
• Continued use of the Services after the effective date constitutes acceptance of the updated policy

We encourage you to review this page periodically.

Contact

For privacy-related inquiries, data access requests, or to report a concern:

• Email: privacy@proguardxai.com
• General: info@proguardxai.com

ProGuardXAi
Sofia, Bulgaria

We aim to respond to all privacy-related inquiries within 30 calendar days.