Effective Date: June 1, 2024
Last Updated: January 15th, 2025

This Privacy Policy ("Policy") governs the privacy practices of M87 Labs, Inc. ("M87 Labs," "we," "us," or "our") regarding the collection, use, disclosure, and protection of information about users ("you" or "your") of the moondream.ai website and associated services (collectively, the "Service"). This Policy is legally binding and describes our practices for collecting, using, maintaining, protecting, and disclosing user information.

M87 Labs provides artificial intelligence and machine learning services, including but not limited to model access, processing capabilities, and related technical services through our Service. By accessing or using our Service, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with our practices described in this Policy, you should not use our Service.

This Privacy Policy applies to all information collected through our Service, regardless of how it is collected or stored. This includes information collected through:

a) The moondream.ai website and all associated domains;
b) Our services and technical infrastructure;
c) Customer support and communication channels;
d) Any other services or features we offer through the Service.

This Policy addresses how we handle data processing, service interactions, and usage patterns in the context of our artificial intelligence and machine learning services.

Throughout this Policy, we use certain defined terms that have specific meanings in the context of our Service:

"Personal Data" means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

"Service Data" means any data transmitted to, processed by, or generated through our service, including but not limited to authentication credentials, request metadata, and usage statistics.

"Input Data" refers to any data that you submit to our Service for processing.

"Output Data" means any results, predictions, analyses, or other data generated by our Service in response to Input Data.

"Technical Data" encompasses all technical information generated through your use of the Service, including performance metrics, error logs, and debugging information.

We collect and maintain certain information necessary to provide you with access to our Service. This information may include:

a) Contact information necessary for account management and service delivery;
b) Authentication credentials required for service access;
c) Account preferences and settings;
d) Service configuration information.

In the course of providing our Service, we automatically collect certain technical information that is necessary for operation and security:

a) Connection and usage information;
b) Service interaction data;
c) Browser and device information when accessing our interfaces;
d) Performance and usage statistics;
e) System logs and debugging information.

We use the information we collect to provide, maintain, and improve our Service. This includes:

a) Delivering and operating our Service;
b) Processing your Input Data and generating Output Data;
c) Maintaining and improving Service performance;
d) Developing new features and capabilities;
e) Ensuring technical integration and compatibility;
f) Understanding Service usage patterns and trends.

We use information to protect our Service and our users, including:

a) Detecting and preventing security incidents;
b) Debugging to identify and repair errors;
c) Protecting against malicious, deceptive, or fraudulent activity;
d) Verifying and authenticating user access.

We may use your information to:

a) Respond to your inquiries and requests;
b) Provide technical support and assistance;
c) Send service-related notifications and updates;
d) Communicate about your account and Service usage.

We use cookies and similar tracking technologies to operate and improve our Service. These technologies may include:

a) Essential cookies required for Service functionality
b) Analytics cookies to understand Service usage
c) Performance cookies to optimize Service delivery

You can control cookie preferences through your browser settings.

We may engage third-party service providers to assist in providing our Service. These providers:

a) Only access information needed to perform their functions
b) Are contractually bound to protect your information
c) Are prohibited from using information for other purposes
d) Must comply with applicable data protection laws

All data processing and storage occurs in secure facilities located in the United States. We implement appropriate safeguards for any international data transfers in accordance with applicable law.

We implement and maintain reasonable security measures appropriate to the nature of the information we store, including:

a) Industry-standard encryption for data transmission;
b) Access controls and authentication requirements;
c) Regular security assessments and monitoring;
d) Incident detection and response procedures.

We retain different categories of data for different periods as necessary to provide our Service:

a) Account information is retained while your account remains active;
b) Technical logs are retained as needed for security and operational purposes;
c) Service usage data is retained as required for operational and analytical purposes.

M87 Labs, Inc. acts as a data controller for personal information collected through our Service. As a data controller, we determine the purposes and means of processing personal data.

We process your information as necessary to perform our contract with you to provide the Service, including:

a) Operating and maintaining the Service;
b) Processing your Input Data;
c) Providing technical support;
d) Managing your account.

We process information in furtherance of our legitimate interests, including:

a) Improving and developing the Service;
b) Protecting the security of the Service;
c) Understanding Service usage and trends;
d) Preventing fraud and abuse.

We process information as necessary to comply with our legal obligations, including:

a) Responding to legal requests and government inquiries;
b) Complying with applicable laws and regulations;
c) Enforcing our terms and policies;
d) Establishing, exercising, or defending legal claims.

If you are located in the EEA, you have these additional rights under GDPR:

a) Withdraw consent at any time where we rely on consent for processing
b) Object to processing of your personal data where we rely on legitimate interests
c) Receive your personal data in a structured, commonly used format
d) Lodge a complaint with your local data protection authority
e) Object to automated decision-making, including profiling
f) Request information about the existence of automated decision-making
g) Obtain information about third parties with whom we share your data

California residents have additional rights under CCPA/CPRA:

a) Right to know what personal information we collect and disclose
b) Right to delete personal information
c) Right to opt-out of the sale of personal information
d) Right to correct inaccurate personal information
e) Right to limit use of sensitive personal information
f) Right to non-discrimination for exercising these rights

To exercise your rights:

a) Email us at contact@m87.ai;
b) Provide sufficient information to identify your request;
c) Allow us reasonable time to respond in accordance with applicable law.

We provide the Service on an "as is" and "as available" basis. We do not guarantee:

a) Uninterrupted access to the Service;
b) Any specific level of performance or functionality;
c) The accuracy or reliability of Output Data;
d) The retention of any specific data beyond stated periods.

You agree not to use the Service:

a) For any unlawful purpose or activity;
b) In any way that violates the rights of others;
c) To submit unauthorized personal or sensitive information;
d) In any manner that could damage or impair the Service.

You are solely responsible for:

a) Any Input Data you submit to the Service;
b) Ensuring you have all necessary rights to submit Input Data;
c) Compliance with applicable laws and regulations;
d) Any consequences resulting from your use of the Service.

We may update this Privacy Policy from time to time at our discretion. Material changes will be notified through:

a) Service notifications;
b) Email communications;
c) Website announcements.

Updates to this Policy will become effective upon posting unless otherwise stated. Your continued use of the Service after any changes indicates your acceptance of the updated Policy.

The Service is not directed to individuals under the age of 13 (or other applicable age of digital consent). We do not knowingly collect personal information from children.

If we learn that we have collected personal information from a child under the applicable age of digital consent, we will take steps to delete such information. Parents or guardians who believe we might have collected information from a child should contact us immediately.

If you access our Service from outside the United States, you acknowledge that your information may be transferred to, stored, and processed in the United States and other countries where we or our service providers maintain facilities.

We aim to comply with applicable data protection laws when transferring personal information across international borders. By using our Service, you consent to any such transfer of information outside of your country.

For questions about this Privacy Policy or our privacy practices:

Email: contact@m87.ai

For security-related issues:

Email: contact@m87.ai

For data protection and rights requests:

Email: contact@m87.ai

For users in the European Economic Area:

Data Protection Officer: contact@m87.ai

This Privacy Policy is governed by and construed in accordance with the laws of the State of California, United States, without regard to its conflict of law provisions.

Any dispute arising from or relating to this Privacy Policy or our privacy practices shall be subject to the exclusive jurisdiction of the state and federal courts located in San Francisco, California.

In the event of a personal data breach, we will:

a) Notify relevant supervisory authorities within 72 hours of becoming aware of the breach, where feasible
b) Inform affected users without undue delay if the breach is likely to result in a high risk to their rights and freedoms
c) Provide information about the breach and steps taken to address it
d) Maintain records of all data breaches and remedial actions taken

If any provision of this Privacy Policy is found to be unenforceable or invalid, that provision shall be limited or eliminated to the minimum extent necessary so that this Policy shall otherwise remain in full force and effect and enforceable.

M87 Labs, Inc.