Privacy Policy

Personal Information

When you create an account or use our services, we collect personal information that identifies you or can be used to contact you. This includes:

• Name and contact information including email address, phone number, and mailing address
• Company information including company name, industry, size, and your job title or role
• Communication preferences including how you want to receive updates and notifications
• Account credentials including username, password (encrypted), and profile information
• Billing information including payment method details (processed securely through third-party payment processors)

We use this information to create and manage your account, provide customer support, process payments, send important service updates, and communicate with you about your account and our services.

Usage Information

When you use Semawork, we automatically collect information about how you interact with our platform. This includes:

• Service usage patterns including which features you use, how often you use them, and workflow execution data
• Technical data including IP address, browser type and version, device information, operating system, and screen resolution
• Log data including access times, pages viewed, actions taken, and error messages encountered
• Analytics information including performance metrics, workflow success rates, and system performance data
• Cookies and similar tracking technologies that help us understand user behavior and improve our services

This information helps us understand how our platform is being used, identify areas for improvement, troubleshoot technical issues, and optimize performance. We use aggregated, anonymized usage data for analytics and product development purposes.

Workflow and Integration Data

When you use Semawork to orchestrate workflows, we collect data necessary to execute those workflows:

• Workflow configuration data including workflow definitions, triggers, conditions, and actions
• Integration credentials and connection settings (stored securely and encrypted)
• Data processed through workflows including the content of messages, records, and files that workflows operate on
• Workflow execution logs including step-by-step execution data, decisions made, and outcomes achieved

This data is essential for Semawork to orchestrate your workflows correctly. We treat this data as confidential and use it only to provide our services. Workflow execution data is stored securely and can be accessed only by authorized users in your organization.

Service Provision

We use your information to provide and maintain our AI workflow orchestration services. This includes:

• Creating and managing your account and user profile
• Executing workflows you configure and orchestrating actions across integrated tools
• Storing workflow configurations, execution logs, and historical data
• Providing observability features including step-level logs and audit trails
• Managing integrations with third-party tools and services

Without this information, we cannot provide our core services. Workflow execution requires access to your integration credentials and the data your workflows process.

Communication and Support

We use your contact information to communicate with you about:

• Service updates, new features, and important announcements
• Technical notices, security alerts, and system maintenance notifications
• Support requests, troubleshooting assistance, and account-related communications
• Product updates, best practices, and educational content
• Billing and payment information, invoices, and subscription management

You can control your communication preferences through your account settings. We respect your preferences and will not send marketing communications if you opt out.

Service Improvement

We use aggregated, anonymized data to improve our services:

• Analyzing usage patterns to identify popular features and areas for improvement
• Monitoring system performance to optimize reliability and speed
• Developing new features and capabilities based on user needs
• Conducting research and analytics to understand workflow automation trends
• Testing new functionality and measuring its effectiveness

When we use data for improvement purposes, we aggregate and anonymize it so that individual users and organizations cannot be identified. This helps us improve the platform for all users while protecting your privacy.

Technical Security Measures

We employ multiple layers of security to protect your data:

• Encryption in transit using TLS/SSL for all data transmission
• Encryption at rest for sensitive data including credentials and workflow execution data
• Secure authentication including multi-factor authentication options
• Regular security audits and vulnerability assessments
• Access controls and role-based permissions to limit data access
• Network security including firewalls, intrusion detection, and DDoS protection
• Secure coding practices and regular security training for our development team

While we implement robust security measures, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security, but we continuously work to improve our security posture and respond quickly to any security incidents.

Data Handling and Storage

We handle your data with care and store it securely:

• Data is stored in secure, geographically distributed data centers with redundant backups
• We retain your data only as long as necessary to provide our services and comply with legal obligations
• When data is deleted, it's removed from active systems and securely purged from backups according to our retention schedule
• We use secure, encrypted connections for all data transfers between systems
• Integration credentials are encrypted and stored separately from other data
• Workflow execution data is stored securely and accessible only to authorized users

For Enterprise customers with specific data residency or storage requirements, we offer options including on-premise deployment and custom data handling agreements. Contact us to discuss your specific requirements.

Third-Party Service Providers

We work with trusted third-party service providers who help us operate our platform. These providers are carefully selected and required to maintain appropriate security measures:

• Cloud infrastructure providers with SOC 2 compliance and security certifications
• Payment processors that handle billing information securely
• Analytics providers that help us understand platform usage (using anonymized data)
• Customer support tools that help us respond to your inquiries

All third-party service providers are contractually required to protect your information and use it only for the purposes we specify. We regularly review our service providers to ensure they meet our security and privacy standards.

Data Breach Notification

In the unlikely event of a data breach that affects your personal information, we'll notify you and relevant authorities as required by law. We'll provide information about what happened, what data was affected, what we're doing to address it, and what steps you can take to protect yourself. We maintain incident response procedures and regularly test our ability to detect and respond to security incidents.

Access and Portability

You have the right to access the personal information we hold about you and receive a copy of your data in a portable format. This includes:

• Account information including profile data, preferences, and settings
• Workflow configurations and execution history
• Integration connection data and credentials (securely provided)
• Usage data and analytics information
• Communication history and support interactions

You can access most of this information through your account dashboard. For additional data or data portability requests, contact us at privacy@semawork.com. We'll provide your data in a commonly used, machine-readable format within 30 days of your request.

Correction and Updates

You have the right to correct inaccurate or incomplete personal information. You can update most information directly through your account settings, including:

• Contact information and profile details
• Communication preferences and notification settings
• Account settings and security preferences
• Workflow configurations and integration settings

If you need to correct information that cannot be updated through your account settings, or if you believe we have inaccurate information about you, contact us and we'll update it promptly.

Deletion and Right to be Forgotten

You have the right to request deletion of your personal information, subject to certain limitations. When you request deletion:

• We'll delete your account and personal information from our active systems
• We'll remove your data from our production databases within 30 days
• We may retain certain information as required by law or for legitimate business purposes
• Backup copies may be retained for a limited time as part of our disaster recovery procedures

Note that deleting your account will also delete all workflows, integrations, and execution history associated with your account. This action cannot be undone, so ensure you have exported any data you want to keep before requesting deletion.

Objection and Restriction

You have the right to object to certain types of processing and request restriction of how we use your information:

• You can opt out of marketing communications at any time
• You can object to processing based on legitimate interests
• You can request restriction of processing while disputes are resolved
• You can control cookie preferences through your browser settings

Some processing is necessary for us to provide our services, so restricting certain types of processing may limit your ability to use some features. We'll work with you to find a balance that respects your preferences while maintaining service functionality.

Withdrawal of Consent

Where we rely on your consent to process personal information, you have the right to withdraw that consent at any time. Withdrawing consent may affect your ability to use certain features or services. You can withdraw consent by:

• Updating your account preferences and communication settings
• Disabling specific features or integrations through your account dashboard
• Contacting us directly to request withdrawal of consent for specific processing activities

Withdrawing consent does not affect the lawfulness of processing that occurred before your withdrawal. We'll stop processing your information for the purposes you've withdrawn consent for, but may continue processing for other lawful purposes.

Data Protection Authority

If you're located in the European Economic Area (EEA) or other jurisdictions with data protection authorities, you have the right to lodge a complaint with your local data protection authority if you believe we've violated your privacy rights. We encourage you to contact us first so we can address your concerns directly.