Ornn Data Privacy Policy

This Privacy Policy describes how Ornn Data LLC ("Ornn Data," "Company," "we," "us," or "our") collects, uses, discloses, and otherwise processes Personal Information in connection with the websites located at ornn.com and related Ornn Compute webpages, platforms, applications, dashboards, application programming interfaces, onboarding flows, communications, GPU compute services, infrastructure services, and other products or services that link to or reference this Privacy Policy (collectively, the "Services").

This Privacy Policy applies to Personal Information that we process as a business, controller, or similar role under applicable law. Where we process Personal Information on behalf of a customer, supplier, partner, or other entity under a separate written agreement, that agreement, and any applicable data processing addendum, will govern that processing to the extent of any conflict.

This Privacy Policy does not constitute legal, tax, security, compliance, or professional advice. It also does not modify any separate terms of service, customer agreement, order form, data processing agreement, service level agreement, acceptable use policy, or other written agreement between you and Ornn Data.

(a) "Personal Information" means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked to an identified or identifiable individual or household, as defined under applicable law.

(b) "Customer Data" means content, data, files, datasets, submissions, messages, API payloads, usage records, workloads, configurations, logs, outputs, or other materials that a customer or authorized user submits to, uploads to, transmits through, or otherwise provides to the Services, to the extent such information is processed by Ornn Data on behalf of that customer or authorized user.

(c) "Service Data" means Personal Information collected or generated by Ornn Data in connection with the administration, operation, security, billing, support, compliance, and improvement of the Services, excluding Customer Data processed solely on behalf of a customer under a separate agreement.

(d) "Sensitive Personal Information" means Personal Information treated as sensitive under applicable law, which may include government identifiers, account credentials, precise geolocation, financial account data, certain communications content, biometric information, health information, or information revealing protected classifications.

3.1 Information You Provide Directly

1. Account and contact information, including name, email address, phone number, company name, job title, mailing address, account identifiers, username, password, and user preferences.
2. Business and organization information, including employer, role, business address, website, jurisdiction, beneficial ownership or control information, and information provided by account administrators.
3. Onboarding, eligibility, and compliance information, including information needed for know-your-customer, know-your-business, sanctions screening, fraud prevention, export control, tax, billing, supplier eligibility, or other compliance purposes.
4. Transaction, commercial, and billing information, including subscription details, order history, invoices, payment status, billing address, product interests, services purchased or considered, and records maintained by payment processors or financial service providers.
5. Communications and support information, including inquiries, messages, feedback, attachments, support tickets, call or meeting details, survey responses, and correspondence with us.
6. Marketing, event, and relationship information, including conference registration, event attendance, referral information, marketing preferences, and other information you provide when engaging with our team.
7. Applicant information, if you apply for a role with Ornn Data, including resume, employment history, education history, references, interview notes, work authorization information, and information submitted during the recruiting process.

3.2 Information Collected Automatically

1. Device and log information, including IP address, browser type, device identifiers, operating system, referring URLs, pages viewed, dates and times of access, clickstream data, feature usage, diagnostics, crash reports, and similar technical information.
2. Service usage and configuration information, including API usage, authentication events, organization identifiers, resource identifiers, settings, permissions, GPU or infrastructure usage statistics, performance metrics, diagnostics, telemetry, and security event records.
3. Approximate location information, such as country, region, or city inferred from an IP address or other technical information.
4. Cookies and similar technologies, including cookies, local storage, pixels, software development kits, log files, and similar tools used to operate, secure, analyze, personalize, and improve the Services.

3.3 Information We Receive From Third Parties

1. Information from your organization, account administrator, sponsor, supplier, infrastructure provider, integration provider, or other party involved in providing, administering, or supporting the Services.
2. Information from identity verification, sanctions screening, fraud prevention, compliance, payment, analytics, security, marketing, and customer-support providers.
3. Information from public sources, regulatory sources, commercially available databases, social or professional networks, event co-sponsors, business partners, and data licensors.
4. Information from third-party services that you connect to, authorize, or use with the Services.

1. To provide, operate, administer, maintain, and improve the Services, including websites, onboarding flows, APIs, dashboards, Ornn Compute marketplace functionality, GPU compute resources, infrastructure services, support, and account functionality.
2. To create, authenticate, authorize, manage, and secure user accounts, organizations, permissions, credentials, access controls, and service settings.
3. To process orders, subscriptions, renewals, invoices, payments, credits, refunds, usage records, and related commercial transactions.
4. To perform onboarding, eligibility review, customer due diligence, know-your-customer, know-your-business, sanctions, export control, fraud prevention, supplier eligibility, billing, and other compliance checks.
5. To communicate with you about the Services, including service notices, support messages, security alerts, legal notices, policy updates, product updates, and administrative communications.
6. To respond to inquiries, provide customer, technical, business, and legal support, and troubleshoot issues.
7. To monitor usage, measure performance, conduct analytics, maintain reliability, debug errors, develop new products and features, and improve the quality and functionality of the Services.
8. To detect, investigate, prevent, and address fraud, abuse, unauthorized access, capacity hoarding, circumvention, security incidents, policy violations, and unlawful or harmful activity.
9. To comply with applicable law, regulation, legal process, regulatory inquiries, reporting obligations, recordkeeping obligations, and enforceable governmental requests.
10. To enforce our agreements, protect our rights, preserve evidence, resolve disputes, collect amounts owed, and defend against claims.
11. To send marketing communications, event invitations, research, newsletters, product information, and other non-transactional communications, subject to applicable opt-out rights.
12. To create aggregated, anonymized, or de-identified information that does not identify you and to use such information for lawful business, analytics, reporting, research, reliability, security, and product-development purposes.
13. For any other purpose disclosed at the time of collection or with your consent, where consent is required.

Ornn Data may process Customer Data under separate customer, order, services, or data processing agreements. When Ornn Data processes Customer Data on behalf of a customer or other entity, that entity is responsible for providing required notices, obtaining required consents, establishing a lawful basis for processing, and ensuring that Customer Data may be submitted to the Services.

Ornn Data may use Service Data to provide, secure, bill, support, monitor, maintain, and improve the Services; to detect and prevent fraud, abuse, manipulation, outages, and security risks; to comply with legal, regulatory, and recordkeeping obligations; and to develop aggregated, anonymized, or de-identified analytics and reporting.

Ornn Data may generate or receive service, pricing, capacity, availability, telemetry, reliability, usage, support, and operational information in connection with Ornn Compute and the Services. Ornn Data may use aggregated, anonymized, or de-identified Platform Data, benchmarks, analytics, and derived data where permitted by applicable agreements and law.

Ornn Data does not sell Customer Data for money. Ornn Data does not use Customer Data for cross-context behavioral advertising. Ornn Data does not use confidential Customer Data to train generally available artificial intelligence models unless expressly authorized by the applicable customer or agreement.

We and our service providers may use cookies, local storage, pixels, tags, software development kits, log files, and similar technologies to operate and secure the Services, maintain sessions, remember preferences, authenticate users, understand usage, measure performance, improve functionality, detect fraud or abuse, and support marketing or analytics where permitted by law.

You may be able to control certain cookies through your browser settings, device settings, consent-management tools, or other controls we make available. Blocking or deleting cookies may affect the availability or functionality of the Services. Where required by law, we honor applicable opt-out preference signals, including Global Privacy Control signals, for the browser or device through which the signal is sent.

1. Affiliates and related entities within the Ornn Data corporate group.
2. Service providers, contractors, processors, vendors, and advisors that perform services on our behalf, including hosting, cloud infrastructure, security, analytics, customer support, communications, billing, payment processing, identity verification, sanctions screening, legal, audit, accounting, insurance, and professional services.
3. Business, infrastructure, supplier, integration, or technology partners where necessary to provide functionality, access, integrations, support, capacity, or services that you request or authorize.
4. Payment processors and financial service providers that process payments, billing information, and related transactions.
5. Your organization, account owner, administrator, sponsor, or authorized representative, including for account administration, access management, billing, compliance, security, and support purposes.
6. Regulators, law enforcement, courts, governmental authorities, compliance bodies, or other parties where required or permitted by law or where reasonably necessary to protect rights, safety, property, security, infrastructure, or the Services.
7. Professional advisors, including lawyers, auditors, accountants, consultants, insurers, bankers, and other advisors acting under appropriate confidentiality obligations.
8. Relevant parties in connection with an actual or proposed merger, acquisition, financing, reorganization, bankruptcy, receivership, sale of assets, joint venture, investment, or other corporate transaction.
9. Other parties with your consent, at your direction, or as otherwise disclosed at the time of collection.

We retain Personal Information for as long as reasonably necessary to fulfill the purposes described in this Privacy Policy, including to provide the Services, maintain business and financial records, support audits, comply with legal and regulatory obligations, resolve disputes, enforce agreements, preserve evidence, maintain security, prevent fraud or abuse, and protect our rights. Retention periods vary depending on the nature of the information, the context in which it was collected, contractual requirements, legal requirements, regulatory requirements, and operational needs.

When Personal Information is no longer reasonably required, we may delete, anonymize, de-identify, aggregate, or securely isolate it, subject to applicable law and backup, archival, regulatory, or legal hold requirements.

We use reasonable administrative, technical, physical, and organizational safeguards designed to protect Personal Information against unauthorized access, use, alteration, disclosure, and destruction. These safeguards may include access controls, authentication, logging, monitoring, encryption, vendor review, employee confidentiality obligations, incident response processes, and security review procedures appropriate to the nature of the information and the relevant processing activity.

No method of transmission, storage, or processing is completely secure. We cannot guarantee absolute security, and you are responsible for maintaining the confidentiality of your credentials, access tokens, keys, devices, and account settings.

Depending on where you live and subject to applicable limitations and exceptions, you may have the right to request access to, correction of, deletion of, or portability of your Personal Information; to request information about our collection, use, disclosure, sale, or sharing of Personal Information; to opt out of certain sales, sharing, targeted advertising, or profiling; to limit certain uses or disclosures of Sensitive Personal Information; to object to or restrict certain processing; to withdraw consent where processing is based on consent; and to appeal certain decisions regarding your privacy request.

To submit a privacy request, contact us at contact@ornn.com with the subject line "Privacy Request." We may need to verify your identity and authority before responding. If you submit a request through an authorized agent, we may require proof of authorization and may ask you to verify your identity directly with us where permitted by law.

You may opt out of promotional emails by using the unsubscribe link included in those emails or by contacting us. Even if you opt out of promotional communications, we may still send service, account, legal, security, billing, and transactional communications.

We will not discriminate against you for exercising privacy rights, except as permitted by applicable law.

Certain U.S. state privacy laws require additional disclosures. The table below describes categories of Personal Information we may collect, examples of such information, business or commercial purposes for collection and use, and categories of recipients to whom we may disclose such information. The examples are illustrative and may not apply to every user or service.

We do not sell Personal Information for money. We do not knowingly sell or share Personal Information of individuals under 16 years of age. If our use of advertising, analytics, or similar technologies is considered a sale, sharing, or targeted advertising under applicable law, you may exercise opt-out rights by using tools we make available or by contacting us at contact@ornn.com.

Where the General Data Protection Regulation, UK GDPR, Swiss Federal Act on Data Protection, or similar laws apply, Ornn Data may act as a controller for Service Data and as a processor or service provider for Customer Data processed on behalf of a customer under a separate agreement.

Our legal bases for processing Personal Information may include performance of a contract, compliance with legal obligations, consent, protection of vital interests, and our legitimate interests, including operating, securing, improving, marketing, and protecting the Services; conducting compliance, fraud prevention, and security activities; supporting customers; and enforcing legal rights, except where those interests are overridden by your rights and interests.

Subject to applicable law, you may have the right to access, rectify, erase, restrict, or port your Personal Information; to object to certain processing; to withdraw consent; and to lodge a complaint with your local data protection authority. If we process your Personal Information on behalf of a customer, we may direct your request to that customer or require you to contact that customer directly.

We may process and store Personal Information in the United States and other countries where we, our affiliates, service providers, or partners operate. Those countries may have data protection laws that differ from the laws of your jurisdiction. Where required by law, we use appropriate safeguards for cross-border transfers, which may include standard contractual clauses, data processing agreements, transfer impact assessments, or other lawful transfer mechanisms.

The Services are not directed to children under 18, and we do not knowingly collect Personal Information from children under 18. If you believe a child has provided Personal Information to us, contact us at contact@ornn.com so that we can review and take appropriate action.

The Services may link to, integrate with, or enable access to third-party websites, applications, services, platforms, data sources, payment processors, identity providers, or other services. This Privacy Policy does not apply to third-party services, and we are not responsible for their privacy, security, or data practices. You should review the applicable third party's privacy policy before using or connecting such services.

We may update this Privacy Policy from time to time. If we make material changes, we may provide notice through the Services, by posting the updated Privacy Policy on our website, by email, or by another reasonable method. The updated Privacy Policy will be effective as of the stated effective date or as otherwise required by law.

Questions, requests, and notices relating to this Privacy Policy or our privacy practices should be sent to:

Ornn Data LLC
Email: contact@ornn.com
Website: https://ornn.com