Privacy Policy

Effective August 7, 2024

Updated September 15, 2024

We at The Understory (aka UnderstoryHq) respect your privacy and are strongly committed to keeping secure any information we obtain from you or about you. This Privacy Policy describes our practices with respect to Personal Information we collect from or about you when you use our website, applications, and services (collectively, “Services”). This Privacy Policy does not apply to content that we process on behalf of customers of our business offerings, such as our API. Our use of that data is governed by our customer agreements covering access to and use of those offerings.

1. Personal information we collect

We collect personal information relating to you (“Personal Information”) as follows:

Personal information you provide: We collect Personal Information if you create an account to use our Services or communicate with us as follows:

  • Account Information: When you create an account with us, we will collect information associated with your account, including your name, contact information, account credentials, payment card information, and transaction history, (collectively, “Account Information”).

  • User Content: When you use our Services, we collect Personal Information that is included in the input, file uploads, or feedback that you provide to our Services (“Content”). 

  • Communication Information: If you communicate with us, we collect your name, contact information, and the contents of any messages you send (“Communication Information”).

  • Social Media Information: For the pages on social media sites like Instagram, Facebook, Medium, Twitter, YouTube and LinkedIn. When you interact with our social media pages, we will collect Personal Information that you elect to provide to us, such as your contact details (collectively, “Social Information”). In addition, the companies that host our social media pages may provide us with aggregate information and analytics about our social media activity.

  • Other Information You Provide: We collect other information that you may provide to us, such as when you participate in our events or surveys or provide us with information to establish your identity (collectively, “Other Information You Provide”

Personal information we receive automatically from your use of the Services: When you visit, use, or interact with the Services, we receive the following information about your visit, use, or interactions (“Technical Information”):

  • Log Data: Information that your browser or device automatically sends when you use our Services. Log data includes your Internet Protocol address, browser type and settings, the date and time of your request, and how you interact with our Services.

  • Usage Data: We may automatically collect information about your use of the Services, such as the chat inputs, the features you use and the actions you take, as well as the dates and times of access.

  • Analytics: We may use a variety of online analytics products that use cookies to help us analyze how users use our Services and enhance your experience when you use the Services.

Anonymous information we receive automatically from your use of the Services: When you visit, use, or interact with the Services, we receive the following information anonymized about your visit, use, or interactions (“Technical Information”):

  • Log Data: Information that your browser or device automatically sends when you use our Services. Log data includes your Internet Protocol address, browser type and settings, the date and time of your visit to our website, and how you interact with our Services.

  • Device Information: Includes name of the device, operating system, device identifiers, and browser you are using. Information collected may depend on the type of device you use and its settings.

2. How we use personal information

We may use Personal Information for the following purposes:

  • To provide, administer, maintain and/or analyze the Services;

  • To improve our Services and conduct research;

  • To communicate with you; including to send you information about our Services and events;

  • To develop new programs and services;

  • To prevent fraud, criminal activity, or misuses of our Services, and to protect the security of our IT systems, architecture, and networks;

  • To carry out business transfers; and

  • To comply with legal obligations and legal process and to protect our rights, privacy, safety, or property, and/or that of our affiliates, you, or other third parties.

Aggregated or de-identified information. We may aggregate or de-identify Personal Information so that it may no longer be used to identify you and use such information to analyze the effectiveness of our Services, to improve and add features to our Services, to conduct research and for other similar purposes. In addition, from time to time, we may analyze the general behavior and characteristics of users of our Services and share aggregated information like general user statistics with third parties, publish such aggregated information or make such aggregated information generally available. We may collect aggregated information through the Services, through cookies, and through other means described in this Privacy Policy. We will maintain and use de-identified information in anonymous or de-identified form and we will not attempt to reidentify the information, unless required by law.

3. Disclosure of personal information

We do not share any user personal information to third parties.

4. Your rights

Depending on location, individuals may have certain statutory rights in relation to their Personal Information. For example, you may have the right to:

  • Access your Personal Information and information relating to how it is processed.

  • Delete your Personal Information from our records.

  • Rectify or update your Personal Information.

  • Transfer your Personal Information to a third party (right to data portability).

  • Restrict how we process your Personal Information.

  • Withdraw your consent—where we rely on consent as the legal basis for processing at any time. 

  • Object to how we process your Personal Information.

  • Lodge a complaint with your local data protection authority.

You can exercise some of these rights through your OpenAI account. If you are unable to exercise your rights through your account, please submit your request through The Understory contact us page.

A note about accuracy:You should not rely on the factual accuracy of output from our models. If you notice that The Understory output contains factually inaccurate information about you and would like us to correct the inaccuracy, you may submit a correction request through The Understory contact us page.

Given the technical complexity of how our models work, we may not be able to correct the inaccuracy in every instance. In that case, you may request that we remove your Personal Information from The Understory’s output by reaching us at The Understory contact us page.

5. Children

Our Service is not directed to children under the age of 13. The Understory does not knowingly collect Personal Information from children under the age of 13. If you have reason to believe that a child under the age of 13 has provided Personal Information to OpenAI through the Service, please contact us at The Understory contact us page.. We will investigate any notification and if appropriate, delete the Personal Information from our systems. If you are 13 or older, but under 18, you must have permission from your parent or guardian to use our Services.

6. Links to other websites

The Service may contain links to other websites not operated or controlled by The Understory, including social media services (“Third Party Sites”) and resources used for references in the The Understory chat responses. The information that you share with Third Party Sites will be governed by the specific privacy policies and terms of service of the Third Party Sites and not by this Privacy Policy. By providing these links we do not imply that we endorse or have reviewed these sites. Please contact the Third Party Sites directly for information on their privacy practices and policies.

7. Security and retention

We implement commercially reasonable technical, administrative, and organizational measures to protect Personal Information both online and offline from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. However, no Internet or email transmission is ever fully secure or error free. In particular, email sent to or from us may not be secure. Therefore, you should take special care in deciding what information you send to us via the Service or email. In addition, we are not responsible for circumvention of any privacy settings or security measures contained on the Service, or third-party websites.

We’ll retain your Personal Information for only as long as we need in order to provide our Service to you, or for other legitimate business purposes such as resolving disputes, safety and security reasons, or complying with our legal obligations. How long we retain Personal Information will depend on a number of factors, such as the amount, nature, and sensitivity of the information, the potential risk of harm from unauthorized use or disclosure, our purpose for processing the information, and any legal requirements.

8. Changes to the privacy policy

We may update this Privacy Policy from time to time. When we do, we will post an updated version on this page, unless another type of notice is required by applicable law.

9. How to contact us

Please contact us if you have any questions or concerns not already addressed in this Privacy Policy.