PRIVACY POLICY

Last updated: 4th Jan 2025

1. Introduction

This Privacy Policy explains how Juicelabs AI Private Limited (“Company”, “we”, “us”, or “our”) collects, uses, discloses and protects information in connection with your use of ourwebsites, applications, platforms, AI tools and related services (collectively, the “Services”).

We are a company incorporated in India and are committed to handling personal informationin accordance with applicable data protection laws in India and, where relevant, otherjurisdictions in which our users are located.

This Privacy Policy describes our general practices as of the “Last updated” date above. It isnot a guarantee or contract that we will process personal information in a particular way; ourpractices may evolve as our Services and legal requirements change, as described in thisPolicy

By accessing or using the Services, you agree to the terms of this Privacy Policy. If you donot agree, please do not use the Services.

2. Who we are and how to contact us

Grievance Officer / Data Protection Contact:
Support@juicelabs.ai

If you have any questions or concerns about this Privacy Policy or our data practices, pleasecontact us using the details above.

3. Scope of this Privacy Policy

This Privacy Policy applies to:

Visitors to our websites and marketing pages
Users who create accounts or use the platform (including trial users)
Workspace members invited by an organisation
Customers, partners and prospects who interact with us for sales, support ormarketing

This Privacy Policy does not apply to:

Third-party websites, apps or services that link to or from our Services
Data that we process solely as a processor on your instructions under a separate agreement and/or Data Processing Addendum (for example, certain end-customer datasets you connect or upload for analysis)

Where we act as a processor on your instructions, your organisation is responsible for ensuring that the processing is lawful and for providing any required notices and consents.

4. Key concepts used in this Policy

“Inputs”: prompts, briefs, assets, data or other content you or your authorised users provide to the Services.
“Generated Content”: any and all content, outputs, data, materials, or intellectual property generated, created, or produced by the AI tools as a result of your use of the Services, including, but not limited to, deliverables, reports, documents, images, text, or other digital assets. Generated Content has two main parts:

“Creative Outputs”: production-ready deliverables created and supplied byus, including (i) scripts (final copy/VO/subtitles); (ii) images (final stills,artwork, layered production files); and (iii) video (final edits, project files,renders, and cut-downs).
“Creative Strategies”: non-production materials such as ideas, themes,mood boards, prompts, frameworks, routes, treatments, strategy decks, andconcept notes. Creative Strategies are for ideation only and are not CreativeOutputs.

As used in this Privacy Policy, “personal information” or “personal data” generally meansinformation that identifies or can reasonably be used to identify a natural person.

5. Information we collect

We collect the following categories of information, depending on how you interact with us:

5.1 Account and contact information

Name and contact details (such as email address, phone number)
Juicelabs AI Private Limited, job title, role, department or team
Workspace, brand and project associations (e.g., which brands you work on)
Authentication details such as passwords or SSO identifiers

5.2 Billing and transaction information

Billing contact and postal address
Tax or registration details (such as GSTIN, VAT number, other registration IDs)
Subscription plan details, invoices, payment status
Partial payment card information (e.g., last 4 digits, expiry month/year) processed via our payment partners

We do not store full payment card details on our own systems. These are handled by
secure, compliant payment processors.

5.3 Workspace, brand and creative data

To provide the Services, we process the content you upload, connect, or create, including:

Briefs, insights, audience definitions, strategic documents
Brand playbooks, guidelines, tone-of-voice documents, positioning and territories
Creative assets and content (text, scripts, storyboards, images, videos and relatedfiles)
Generated Content, including Creative Outputs and Creative Strategies
Feedback, ratings, comments, tags, and other metadata you apply to content
Structures such as projects, campaigns, brands, sub-brands and workspaces

This may include information about individuals (for example, if such information appears inyour briefs or creative assets). You are responsible for ensuring that you have a lawfulbasis and all necessary rights to upload, share or otherwise process such personal information through the Services, and for providing any required notices to andobtaining any required consents from the individuals concerned.

5.4 Usage, device and technical data

When you use the Services, we automatically collect certain technical and usage
information, such as:

IP address, approximate location (city/country)
Device and browser information (type, version, operating system)
CreaLog data (timestamps, pages viewed, features used, referring/exit URLs)tive assets and content (text, scripts, storyboards, images, videos and relatedfiles)
Interaction data (clicks, workflows used, time spent on features, error logs)
Session data and diagnostics used to improve performance and reliability

We may use cookies, web beacons and similar technologies to collect this information (seeSection 8).

5.5 Data from connected services and third parties

When you connect third-party services to the platform (for example, ad platforms, analytics
tools, CRMs, DAMs or file storage services), we may receive information such as:

Campaign, creative and performance data
Audience segments and targeting configurations
Audience segments and targeting configurations
Assets, metadata and taxonomies
User identifiers permitted by those services

The specific data we receive depends on the permissions and settings you configure in
those third-party services

We may also receive:

Business contact data and company information from public sources and businessinformation providers
Information from partners and resellers who help promote or integrate our Services
Contact details and interaction history from email, sales and customer support tools

5.6 Support, feedback and communications

When you contact us or interact with us via support channels, email, surveys, or events, we
may collect:

The content of your communications (emails, chat transcripts, support tickets)
Details of issues raised, including screenshots or files you choose to share
Survey responses, feature requests and feedback
Recordings of calls or meetings, where legally permitted and, where required, withappropriate notice or consent

6. How we use your information

We use personal information for the following purposes, as permitted by applicable law:

1.To provide and operate the Services

Creating and managing accounts and workspaces
Authenticating users and managing access rights
Generating, storing and managing Inputs and Generated Content
Providing collaboration, review, evaluation and workflow features

2. To personalise and improve the Services

Tailoring suggestions, templates and recommendations to your brand,industry or prior usage
Configuring experiences for different roles (e.g., strategists, creatives,marketers)
Analysing usage to inform product development and improve performance

3. To communicate with you

Sending service-related communications (security alerts, technical notices,updates, invoices)
Responding to your requests, questions and support tickets
Sending marketing communications (product updates, newsletters, events,surveys) where permitted by law; you can opt out of marketing at any time

4. For analytics, research and development

Monitoring and analysing usage, performance and trends
Testing and developing new features, models and workflows
Creating aggregated and anonymised or pseudonymised statistics that do notreasonably identify individuals

5. For security and misuse prevention

Detecting, preventing and investigating fraud, abuse or security incidents
Protecting the integrity of our systems, models and Services
Enforcing our Terms & Conditions and other policies

6. To comply with legal obligations

Responding to lawful requests and legal process
Fulfilling contractual and regulatory requirements
Maintaining business and financial records as required by law

Where required by law, we may rely on your consent for certain uses (for example, for somemarketing communications or optional features) and you may withdraw such consent at anytime

7. How our AI systems use Inputs and Generated Content

Because we operate AI-based tools, it is important to explain how we handle Inputs and
Generated Content:

1. Use for your account and organisation

We use your Inputs and Generated Content primarily to provide the Servicesto you and your organisation.
This includes maintaining context within your workspace, enablingcollaboration, showing your brand playbooks and history, and providing recommendations and variants based on your own data.

2. Model operation and configuration

We may use a combination of internally developed models and third-party AImodels to generate Generated Content.
We configure and contract with our AI infrastructure providers so that yourInputs and Generated Content are not used to train their base models that areshared across unrelated customers, except where you or yourorganisation explicitly opt in or provide specific instructions to the contrary.
While we take reasonable technical and contractual measures to achieve this,we cannot control or guarantee the internal practices of all third-partyproviders.

3. Improving the Services

We may analyse Inputs and Generated Content to improve the quality,relevance and performance of the Services for you and your organisation.
Where we use data to improve the Services more broadly (for example, toimprove features that benefit multiple customers), we use techniques such asaggregation, anonymisation and/or pseudonymisation so that the informationdoes not reasonably identify individuals or your organisation.
We do not use such data for unrelated third-party advertising, and we do notattempt to re-identify individuals from data that we have taken steps toaggregate, anonymise or pseudonymise.

4. Human review and quality assurance

In limited cases, authorised personnel may review specific Inputs orGenerated Content for support, troubleshooting, abuse investigation, orquality assurance purposes.
Such access is strictly controlled and logged, and reviewers are bound byconfidentiality obligations.

We do not sell your Inputs or Generated Content to third parties.

8. Cookies and similar technologies

We use cookies and similar technologies (such as pixels, tags and local storage) to:

Keep you signed in and maintain your session
Remember your preferences and settings
Improve security and detect suspicious activities
Analyse usage of pages and features
Support marketing and measure the effectiveness of campaigns

You can manage cookies via your browser settings and, where applicable, through consentmanagement tools provided on our website. If you disable certain cookies, some parts of theServices may not function properly.

9. How we share information

We do not sell your personal information. We may share personal information in thefollowing circumstances:

1. Service providers (processors)

We engage third-party service providers to perform services on our behalf, such as:

Cloud hosting and infrastructure
Payment processing and billing
Email, notifications and customer support tools
Analytics, monitoring and diagnostics
Security and fraud prevention

2. These service providers are authorised to process personal information only asnecessary to provide services to us and are subject to appropriate contractual andsecurity obligations

3. Third-party integrations you enable
When you connect the Services to other platforms (for example, advertisingplatforms, analytics tools, CRMs or storage services), we share and receive data asnecessary to provide the integration according to the settings you configure. You cantypically disconnect such integrations at any time through our platform or thethird-party platform.

4. Your organisation and collaborators

Workspace owners, admins and other authorised users within yourorganisation may have access to information associated with that workspace
Content shared into collaborative projects (including Inputs and GeneratedContent) may be visible to other users in the same workspace or project, asdetermined by your organisation’s settings.

5. Professional advisers and auditors
We may share information with our professional advisers (such as legal, tax andfinancial advisers) and auditors where reasonably necessary for the purposes ofobtaining advice, managing risk and ensuring compliance

6. Legal and regulatory disclosures
If we are involved in a merger, acquisition, reorganisation, sale of assets, or similartransaction, personal information may be transferred as part of that transaction,subject to confidentiality and applicable law.

7.Business transfers
We may disclose information if required to do so by law or where we reasonablybelieve that such disclosure is necessary to:

Comply with applicable laws or respond to valid legal process
Protect the rights, property or safety of the Company, our users or the public
Detect, prevent or otherwise address fraud, security or technical issues

10. International transfers

We are based in India, but we may transfer, store and process personal information incountries other than India through our service providers and infrastructure.

Where we transfer personal information across borders, we take appropriate steps to ensurethat such transfers comply with applicable law and that the information remains protected inline with this Privacy Policy

11. Data retention

We retain personal information for as long as necessary to:

Provide and operate the Services
Fulfil the purposes described in this Privacy Policy
Comply with legal, accounting or reporting obligations
Resolve disputes and enforce our agreements

Retention periods may vary depending on the type of data and context. For example:

Account and profile information is retained for the life of your account and areasonable period thereafter.
Billing and transaction records are generally kept for a number of years as requiredby financial and tax laws.
Logs and technical data may be kept for a shorter period and then aggregated,anonymised or pseudonymised.
Support communications are kept for as long as necessary for support and recordpurposes.

We may retain anonymised or aggregated data that does not reasonably identify you forlonger periods.

12. Your rights and choices

Depending on applicable law and where you are located, you may have some or all of thefollowing rights regarding your personal information:

Access: to request confirmation whether we process your personal information andto receive a copy of such information.
Correction: to request correction of inaccurate or incomplete information
Deletion: to request deletion of certain information, subject to legal or contractualretention obligations.
Restriction or objection: to request restriction of certain processing or to object tocertain uses (for example, for direct marketing)
Data portability: to request a copy of your personal information in a structured, commonly used format, where technically feasible and required by law.
Withdrawal of consent: where processing is based on consent, to withdraw your consent at any time without affecting the lawfulness of processing prior to withdrawal.

To exercise your rights, please contact us at support@juicelabs.ai. We may requestadditional information to verify your identity and to help us respond to your request.

Where we process personal information on behalf of one of our customers (for example, asa processor of end-customer data), we may redirect your request to that customer, as theyare responsible for handling such requests.

You may also have the right to lodge a complaint with the relevant data protection authorityin your jurisdiction.

13. Data security

We implement reasonable technical and organisational measures designed to protectpersonal information from loss, misuse, unauthorised access, disclosure, alteration anddestruction. These measures include, where appropriate:

Encryption in transit and at rest
Access controls and authentication
Logging, monitoring and intrusion detection
Regular backups and disaster recovery measures
Employee confidentiality obligations and training

No method of transmission over the internet or method of electronic storage is completelysecure, and we cannot guarantee absolute security. If you have reason to believe thatyour account or interaction with us is no longer secure, please contact us immediately.

14. Children’s privacy

Our Services are designed for business and professional use and are not intended for children. We do not knowingly collect personal information from children under the age of18

If we become aware that we have collected personal information from a child in violation ofthis Policy or applicable law, we will take steps to delete such information. If you believe thata child has provided us with personal information, please contact us.

15. Third-party sites and services

The Services may contain links to or integrations with third-party websites, apps or services.We are not responsible for the privacy practices, content or policies of such third parties.

We encourage you to review the privacy policies of any third-party sites or services you usein connection with our Services

Your continued use of the Services after the effective date of any changes constitutes youracceptance of the revised Privacy Policy. If you do not agree to the changes, you shouldstop using the Services.

16. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices,technologies, legal requirements or other factors.

When we make material changes, we will provide notice by:

Updating the “Last updated” date at the top of this Policy, and/or
Providing additional notice (for example, by email or in-product notification)

17. Contact us

If you have any questions, concerns or complaints about this Privacy Policy or our datapractices, please contact us at:

Email: support@juicelabs.ai