Legal
Privacy Policy
Last updated: February 10, 2026
This Privacy Policy explains how AI Soup Technologies ("AI Soup," "we," "us," or "our") collects, uses, and shares information in connection with our websites, products, and AI-native managed engineering delivery services (collectively, the "Services"). We are a B2B provider headquartered in Fremont, California, USA.
1. Who we are
AI Soup Technologies provides AI-native managed engineering delivery services to help mid-size enterprises ship faster without scaling headcount. For some data, we act as an independent controller (for example, when you visit our website or sign up for updates). For data we process on behalf of our customers, we act as a service provider or processor, and our use of that data is governed by our agreement with the relevant customer (such as a Master Services Agreement and Data Processing Addendum).
2. Information we collect
2.1 Information you provide
- Account and contact data: name, business email, job title, company, authentication credentials, and communication preferences.
- Customer content and inputs: data, prompts, files, and other content you or your organization submit to the Services ("Input"), as well as AI-generated responses ("Output").
- Support and sales communications: information you provide when you contact us for support, evaluations, or other business discussions.
2.2 Information we collect automatically
- Usage data: log data about how you and your organization use the Services, such as IP address, browser type, pages viewed, timestamps, and feature usage.
- Device and technical data: device identifiers, operating system, browser settings, and similar information.
- Cookies and similar technologies: we use cookies and similar tools to operate the Services, keep sessions secure, and understand usage patterns.
3. How we use information
- To provide, operate, and secure the Services.
- To configure and operate AI deployments for our customers.
- To monitor and prevent fraud, abuse, and security incidents.
- To analyze usage and improve the performance and reliability of the Services.
- To communicate with you about updates, security notices, and support.
- To comply with legal obligations and enforce our agreements.
We rely on legitimate interests (such as providing secure B2B infrastructure and improving our offerings), contract performance, and compliance with legal obligations as our primary legal bases for processing. Where required, we will obtain consent.
4. Customer data, Inputs, and Outputs
For our B2B deployments, we generally operate inside or adjacent to our customers' secure environments. Customer data, including Inputs and Outputs processed under a specific engagement, is used only:
- to deliver and support the contracted Services,
- to monitor and maintain security and reliability, and
- to comply with applicable law or enforce our agreements.
By default, we do not use customer Inputs or Outputs from private deployments to train generalized models that are shared across customers. Where a customer explicitly opts in to contribute de-identified or aggregated data for model and product improvement, that arrangement will be documented in the applicable agreement.
5. How we share information
We do not sell personal information. We share information only with:
- Service providers: trusted vendors who provide infrastructure, analytics, and other operational support under confidentiality commitments.
- Business partners: where you or your organization choose to integrate our Services with third-party tools.
- Legal and safety: where we believe disclosure is reasonably necessary to comply with law or protect rights, safety, and security.
- Corporate transactions: in connection with a merger, acquisition, or similar transaction, subject to continued protection of the data.
6. International transfers
AI Soup Technologies is based in the United States, and we may process data in the U.S. and other countries where we or our service providers operate. When we transfer personal data, we take appropriate measures to comply with applicable data protection laws, such as implementing contractual protections for cross-border transfers.
7. Data retention
We retain information only for as long as necessary to provide the Services, comply with legal obligations, resolve disputes, and enforce our agreements. Specific retention periods may be defined in customer contracts and internal policies. We may anonymize or aggregate data so that it no longer identifies an individual and use that information for legitimate business purposes.
8. Your rights and choices
Depending on your location and applicable law, you may have rights such as access, correction, deletion, restriction, objection, or portability with respect to your personal data. If you are an end user of one of our customers, you should direct your request to that customer. We may refer or coordinate with the relevant customer to respond.
9. Security
We employ technical and organizational measures designed to protect information against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. No system can be perfectly secure, and we encourage customers to pair our controls with their own internal security and access management practices.
10. Children's privacy
Our Services are designed for business and professional use and are not directed to children. We do not knowingly collect personal information from children under 13 (or other age as defined by local law). If we learn that such information has been collected, we will take steps to delete it.
11. Changes to this Privacy Policy
We may update this Privacy Policy from time to time. We will change the "Last updated" date above and may provide additional notice where required by law. Your continued use of the Services after an update means you accept the revised policy.
12. Contact us
If you have questions or requests related to this Privacy Policy or our data practices, you can contact us at: