Privacy Policy

Effective Date: 3/6/2023
Last Updated: 3/6/2023

User privacy is of the utmost importance to us. At Flowdex, Inc., doing business as Maestro AI (“Maestro AI”, “we”, “us”, “our”), we respect your privacy and are committed to ensuring that you have the information you need about how we collect or process information.

This Privacy Policy (“Privacy Policy”) describes the types of information that we may collect from or about the visitors to and users of http://getmaestro.ai and/or other websites that we operate (our “Website(s)”), our knowledge management system or related products and services (including, without limitation, mobile application software and other software, tools, data, information, application programming interfaces, and their associated documentation) (collectively, the “Service”), as well as our practices for collecting, using, maintaining, protecting, and disclosing that information.

Your use of this Website and/or the Service is also subject to our Terms of Service and (if applicable) any other service agreement that we have effected with you which incorporates this Privacy Policy by reference (such as the Maestro AI Beta Test Agreement) (“Terms of Service”). Any terms we use in this Privacy Policy, unless otherwise defined, have the definitions given in the Terms of Service. To use or access our Service, you must accept the practices and policies outlined in this Privacy Policy.

We may need to change this Privacy Policy from time to time. Any changes to this Privacy Policy will be reflected in the "Last Updated” date provided at the top of this Privacy Policy. We will alert you to material changes by placing a notice on this page, by sending you an email, and/or obtaining consent regarding such changes as may be required by law.

Where We Collect Your Information

This Privacy Policy applies to the information we collect about you:

  • On the Website(s) where this Privacy Policy is posted.
  • In your correspondence with us (including any of our representatives) via email, text, social media, chat, and other channels for electronic messages or communications.
  • By interacting with our Service.
  • By interacting with other third-party services that integrate with our Service, such as Slack, Jira, Notion, Google, Github, or Linear.

Information That We Collect

When you interact with our Service, we may collect information that alone or in combination with other information could be used to identify you (“Personal Data”). The specific information that we collect from or about you depends on the context of your interactions with us and our Service, the choices you make, and the products and features that you use.  The general categories of the information that we collect are provided below:

  • Workspace and Account Data: When you or your organization create an account for the Service, we collect Personal Data to create a workspace and associated user accounts for your organization and its authorized users. Details that we collect in this process may include personal identifiers such as your first and last name, as well as your email address, phone number, password, domain, and/or other account setup details. For customers that purchase a paid subscription to our Service, we may also process billing details such as credit card information, banking information, and/or billing address.
  • Communications: If you communicate with us, for example, through emails, chats, or support channels and forums, we may collect your name, contact information, and any details included in the communications you send to us.
  • Social Media Interactions: We maintain social media accounts on platforms like Instagram, Facebook, Medium, Twitter, Substack, YouTube, and LinkedIn (“Social Media Profiles”). When you interact with our Social Media Profiles, we may collect Personal Data that you elect to provide to us, such as your contact details (“Social Information”). In addition, the companies that host our Social Media Profiles may provide us with aggregate information and analytics regarding how users interact with our Social Media Profiles. Note that content provided for and posted in these channels, including by you, is public and the information you provide is subject to the policies and notices of the third parties that make such channels available.
  • Participation in Research: We may conduct research to better understand how you use our Service. If you elect to participate in our research activities, for example by completing a survey that we send to you in an email, or joining our Slack channel(s) or Discord server, we may collect data in those research activities that can be used to identify you, such as your name, email address, location, or employer.
  • Third-party Service Data: Subscribers can choose to permit access to third-party services such as Slack, Jira, Linear, or Github for its workspace, and Maestro AI can receive and collect Personal Data from such third-party services. Typically, third-party services are software that integrates with our Service, and a subscriber can permit its authorized users to enable certain functionality. For example, users may grant Maestro AI access to their Slack workspace, permitting Maestro AI to access, collect, and otherwise process messages and communication data from their Slack workspace. Contact your organization’s designated representative if you wish to discuss the Personal Data provided through third-party services.
  • Automatically Collected Information: When you visit, use, and interact with the Service, we automatically collect data about those visits, uses, or interactions. We may use analytics service providers, including Google Analytics, to collect information regarding visitors to our Service, such as their behavior on our Service or information about their demographics. For more information about Google Analytics, see https://www.google.com/policies/privacy/partners/. You may opt out of Google Analytics by visiting https://tools.google.com/dlpage/gaoptout. Information collected may depend on the type of device you use and its settings; however, the types of information that we collect include the following:
    • Usage and Engagement Data: Metadata about your activities on and use of the Websites and Service, such as the types of content that you view or engage with, the features you use, and the actions you take, as well as your time zone, country, the dates and times of access, user agent and version, type of computer or mobile device, computer connection, your IP address.
    • Log Data: Information that your browser automatically sends whenever you visit our Website(s), such as your IP address, browser type and settings, the date and time of your request, and how you interacted with our Website(s).
    • Device Information: Name and model of your device, the operating system used, and (if you access the Service via a web browser) the browser that you are using.

How We Use the Information Collected

Maestro AI uses Personal Data we collect for the following purposes, in each case to the extent permitted by applicable law:

  • To provide, administer, maintain, improve and/or analyze our Websites and Service;
  • To provide you with information or services that you request from us;
  • To communicate with you about your interactions with our Service;
  • To research and develop new tools, features, and programs for our Service;
  • To mitigate and/or prevent fraud, criminal activity, or misuse of our Service, and to ensure the security of our Service (including the IT systems, architecture, and networks used to provide the Service);
  • To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection;
  • To notify you about changes to our Website(s) or Service;
  • To enable third parties to provide services to us in connection with another business purpose, including maintaining or servicing accounts, verifying customer information, processing payments, providing storage, or similar services; and
  • For any other purpose with your consent.

We may also retain and use your information in connection with potential legal claims, and for compliance, regulatory and auditing purposes. For example, we retain information where we are required by law, or if we are compelled to do so by a court order or regulatory body. In exceptional cases, we may also process your Personal Data to protect your vital interests or as further required for the public good.

We store Personal Data for as long as you use our Service or as may be necessary to fulfill the purposes for which the information was collected, provide our Service, resolve disputes or establish legal defenses, enforce our Terms of Service or other agreements, engage in audits, protect our Service, prevent fraud, comply with the law, or for legitimate business purposes.

We also use Personal Data to create de-identified, aggregated information such as information about demographics, de-identified location information, information about devices used to access our Service, and de-identified, aggregated information on uses of our Service. We use the aggregated information to analyze the effectiveness of our Service, to improve and add features to our Service, and for other similar purposes. From time to time, we may also analyze the general behavior and characteristics of users of our Service and share aggregated information like general user statistics, publish such aggregated information or make such aggregated information available to third parties. We may collect such aggregated information through cookies and through other means described in this Privacy Policy. Statistical, anonymized, and aggregated information derived from Personal Data is excluded from the definition of Personal Data because it does not personally identify you.

How We Disclose or Share Personal Data

We do not rent nor sell your Personal Data. We may share or disclose your Personal Data in an identifiable form as provided below.

  • Facilitating Collaboration With Others in Your Workspace: We may share information you share with us with others in your organization’s workspace—for example, when you elect to share content derived from your Personal Data with others in your workspace.
  • Facilitating Administration of Your Workspace: We may share certain Personal Data with the designated administrator account for your workspace so they can configure your workspace on behalf of your organization.
  • Third-Party Vendors and Service Providers: To assist us in providing our Service, we retain service providers to perform tasks on our behalf, at our instruction, and subject to the terms of a written agreement detailing how Personal Data will be processed. We may need to share your Personal Data with them in order to provide products or services to you. Service providers include providers of hosting services, cloud services, data analytics services, and other information technology services providers, email communication software and email newsletter services, advertising and marketing services, and web analytics services. We may also share business information to develop strategic partnerships with third-party service providers to support our common customers.
  • During a Change to Maestro AI’s Business: If Maestro AI engages in a merger, acquisition, bankruptcy, dissolution, reorganization, sale of some or all of Maestro AI’s assets or stock, financing, public offering of securities, acquisition of all or a portion of our business, we may share and/or transfer Personal Data in connection with the evaluation of and entry into such transactions. In such cases, Personal Data could also be one of the assets transferred to or acquired by a third party.
  • Legal Requirements: We will share Personal Data as required by law or in the good faith belief that such action is necessary to (i) comply with a legal obligation, including to meet national security or law enforcement requirements, (ii) protect and defend our rights or property, (iii) prevent fraud, (iv) act in urgent circumstances to protect the personal safety of users of the Service, or the public, or (v) protect against legal liability.
  • Law Enforcement and Regulators: If we receive a request for information, we may disclose other information if we reasonably believe disclosure is in accordance with or required by any applicable law, regulation or legal process.
  • To Enforce Our Rights, Prevent Fraud, and for Safety: We reserve the right to access, read, preserve, and disclose any information that we reasonably believe is necessary to comply with law or court order; enforce or apply our Terms of Service and other agreements; to protect the rights, property, or safety of our company, our employees, our users, or others; or in connection with investigating and preventing illegal activity, fraud, or security issues, including to prevent death or imminent bodily harm.
  • With Consent: We may offer features or promotions that involve sharing your information with a third party or with other users of our Service. If you request or agree to have your information shared with a third party as part of a feature or the Service, we will share that information with your consent.

Cookies; Do Not Track Signals

We use a variety of online analytics products that automatically deploy cookies, pixel tags, local storage, and other technologies to collect information through our Service in order to help us with analyzing how users use our Website(s) and other Services.

A “cookie” is a piece of data sent to your browser by a website you visit. Depending on the type of information collected, cookies may constitute Personal Data. Depending on your device specifications and settings, you may be able to configure your browser to accept all cookies, to reject all cookies, or to notify you whenever a cookie is offered so that you can decide each time whether to accept it. Note that refusing a cookie may in some cases preclude you from using, or negatively affect the display or function of, a website or certain areas or features of a website.

Our use of cookies and other automatic technologies falls into the following categories:

  • Strictly Necessary: Technologies that allow you to access our Service and use our features, and tools that help us identify irregular site behavior and prevent fraudulent activity or improve security.
  • Functionality: Technologies that collect information about your use of our Service, including measuring, understanding, and reporting on your usage of the Service. We may use these cookies to measure the effectiveness of that content, including information about what content was shown, how often or how long it was shown, when and where it was shown, and what actions, if any, you took on the content.
  • Performance: Technologies that store information or provide access to information that is already stored on your device, such whether you have logged into our site previously.

Your browser may offer you a “Do Not Track” option with respect to cookies and other scripts for collecting Personal Data; this option allows you to signal to operators of websites and web applications and services (including behavioral advertising services) that you do not wish to permit operators to use cookies to track certain of your online activities over time and across different websites.

There is no universally recognizable standard for Do-Not-Track signals as of the Last Updated date provided above. As such, the Service do not respond to Do-Not-Track signals at this time.

Opt-Outs

You may be able to opt out of providing certain categories of Personal Data to us by following the instructions below. Keep in mind, however, that some information may be needed to register with us, use our Service or to take advantage of some of our features.

Opting Out of Communications: If you no longer wish to receive electronic communications from us, click the unsubscribe link at the bottom of the email or follow opt-out instructions provided in our other communication channels. Your request may not be processed immediately, depending on the volume of existing requests and other factors at the time that your request is submitted. We process requests to be placed on do-not-mail and do-not-call lists as required by applicable law. You may continue to receive some communications from us during the processing period. Other communications that you may receive from us include responses to e-mails that you sent to us, notices of updates or changes to our policies and procedures, or other messages relating to your account and/or your use of the Service.

Opting Out of Cookies: You may stop or restrict the placement of cookies on your device or remove them as your browser or device permits.

Updating Your Account Information: Your account settings may allow you to edit or delete the following information you have provided to us:

  • name
  • email address
  • location

The information you can view, update, and delete may change as the Service change. If you have any questions about viewing or updating information we have on file about you, please contact us as described below.

Third-Party Websites

We may offer links to third-party websites or services, which are not controlled by us and not subject to the protections laid out in this Privacy Policy. We do not endorse nor approve any third-party website, and we encourage our users to read the privacy policy of each service with which they interact.

Additionally, you may be provided with the opportunity to connect your account on our Service to other user accounts that you have created and/or maintain on platforms and services offered by third parties (“Third-Party Account”). By connecting your account to any Third-Party Accounts, you consent to the continuous release of information about you to those third parties (in accordance with your privacy settings on those third-party sites). If you do not want your Personal Data, to be shared in this manner, do not use this feature.

If you wish to disconnect your account on the Service from your Third-Party Account, please contact [email protected]. Note that if you choose to disconnect your account on our Service from third-party platforms, we may no longer be able to provide the Service to you and functions relating to the integration of that third-party platform.

Security

We take commercially reasonable and appropriate measures to help us in protecting the Personal Data that we collect from unauthorized access, use, disclosure, alteration, or destruction. Data that we collect is encrypted, both in transit, when being communicated across different services, and at rest, when stored in our databases. We use industry-standard encryption and key storage protocols.

Note, however, that no data transmission or storage system is guaranteed to be 100% secure. As such, we are unable to guarantee the security of your Personal Data. Unauthorized entry or use, hardware or software failure, and other factors, may compromise the security of user information at any time.

You are advised to prevent unauthorized access to your Personal Data and other account details by selecting and protecting your password appropriately and limiting access to your computer or device and browser by signing off after you have finished accessing your account. You should use caution whenever submitting information online and take special care in deciding which information you provide.

No Users Under the Age of 18

We do not knowingly collect nor solicit Personal Data from anyone under the age of 18. If you are under 18, you are not permitted to register for the Service, and we ask that you do not send any Personal Data about yourself to us. If we learn that we have collected Personal Data from a child under the age of 18, we will delete that information as quickly as possible.

State Privacy Laws

As of the “Last Updated” date provided at the top of this page, Maestro AI is not subject to specific state consumer data privacy laws of the U.S., including the Virginia Consumer Data Privacy Act (“VCDPA”) or the California Consumer Privacy Act (“CCPA”). As such, we may not respond to data subject requests submitted under the VCDPA or the CCPA as those laws require.

Additionally, California's "Shine the Light" law (Civil Code Section § 1798.83) permits users of our Service that are California residents to request certain information regarding our disclosure of Personal Data to third parties for their direct marketing purposes. We do not collect or use Personal Data for targeted advertising, or otherwise share Personal Data with third parties for their direct marketing purposes.

For assistance with or information about how we process your Personal Data, you may contact us at [email protected].

Residents of the European Economic Area; General Data Protection Regulation

If you are a user of our Service, and you are subject to any one of (i) the General Data Protection Regulation, (ii) data protection laws implemented by member states of the EU in harmony with the General Data Protection Regulation, or (iii) the UK Data Protection Act of 2018, as amended and incorporated into UK law (collectively, the “GDPR”), we will process Personal Data from or relating to you that is subject to data protection laws in accordance with the terms below.

If you are not a “data subject” under the GDPR, the provisions below do not apply to you.

Lawful Grounds for Processing Personal Data of Data Subjects

For purposes of the GDPR, Flowdex, Inc., doing business as Maestro AI, is the data controller of Personal Data collected in connection with use of the Service. This means that we are responsible for deciding how and why we hold and use your Personal Data.

We rely upon the following legal grounds to process Personal Data under the GDPR: (a) your consent; (b) Maestro AI’s legitimate interests or the legitimate interests of a third party; or (c) at your request prior to entering a contract or performance of a contract.

Data Transfer Notice

We use servers located in the United States to process your Personal Data. By accessing our Service, you authorize the transfer of your Personal Data to the United States for processing in the United States. The transfer of your Personal Data to the United States in the absence of an adequacy decision by the European Commission is made because it is necessary for the performance of a contract with you or your organization, or else with your explicit consent.

Individual Rights and Data Subject Requests

If you are a “data subject” under the GDPR and we process your Personal Data, you may exercise certain rights under the GDPR, as described below.

  • You may object to processing: You may object to certain types of processing, including processing for direct marketing (i.e. if you no longer want to be contacted with potential opportunities).
  • You may request to be informed about our processing: You may request information about how we process your Personal Data and your rights under the GDPR. This Privacy Policy is intended to provide you with such information, but you may contact us if you believe this Privacy Policy does not do so.
  • You may obtain access to your Personal Data: You may obtain access to your Personal Data that we process.
  • You may request rectification: if you believe that any Personal Data that we process about you is incorrect or incomplete, you may request that we correct it.
  • You may request deletion of your Personal Data: Under certain conditions, you may request that we remove or delete your Personal Data, for example if there is no legitimate reason for us to continue processing it. We may retain certain Personal Data to keep a record of our compliance with your request.
  • You may restrict our processing of your Personal Data: You may request that we cease further processing of your Personal Data. If you make such a request, we may continue to store your Personal Data but will not make further use of it.
  • You may withdraw consent: If we are relying on consent as the lawful ground to process your Personal Data, you may withdraw your consent for such processing at any time without affecting the lawfulness of processing based upon your consent before it is withdrawn.

In order to exercise any of the rights described above, please contact us at [email protected] and provide specific and detailed information about your request necessary for us to respond to and carry out your request.

We will endeavor to address your request within 30 days from receipt, but in some instances it may take longer. We will inform you within 30 days from receipt of your request if an extension is necessary and the reason for the delay.

Retention of Personal Data

Pursuant to the GDPR, we will permanently erase your Personal Data at such time there is no lawful basis or legal obligation for us to store or process the Personal Data.

Contact Us

If you have any questions or concerns regarding our Privacy Policy, you may contact us at [email protected].