Privacy Policy

STACKSONA PRIVACY POLICY
Last Updated: February 11, 2026

This Privacy Policy describes how Stacksona LLC (“Stacksona,” “we,” “us,” or “our”) collects, uses, discloses, and protects information in connection with the Stacksona platform and related websites, applications, APIs, and services (collectively, the “Services”).

This Privacy Policy is incorporated into and forms part of the Stacksona Terms of Use. If you do not agree to this Privacy Policy, do not access or use the Services.

1. SCOPE
1.1 This Privacy Policy applies to:
(a) visitors to Stacksona websites;
(b) individuals who create or administer accounts;
(c) authorized users accessing the Services on behalf of a customer organization (“Customer”); and
(d) business contacts and prospective customers.

1.2 Customer Data. The Services enable Customers to submit, store, transmit, and otherwise process data within workspaces, including prompts, inputs, files, content, configurations, policies, and outputs (collectively, “Customer Data”). Customer Data is processed solely on Customer instruction and is governed by the applicable agreement(s) between Stacksona and the Customer (including any Data Processing Addendum, if applicable).

2. ROLES (CONTROLLER / PROCESSOR)
2.1 Customer Data. For Customer Data, the Customer is the controller (or “business”) and Stacksona acts solely as a processor/service provider to provide the Services to the Customer.

2.2 Account and Business Data. For information Stacksona collects and processes for account creation, billing, marketing, security, and service operations (“Service Data”), Stacksona acts as the controller.

3. INFORMATION WE COLLECT
3.1 Service Data. Stacksona may collect:
(a) Account and Contact Information: names, email addresses, phone numbers, organization name, job title, and authentication factors;
(b) Billing and Transaction Information: subscription plan, invoices, payment status, and limited payment instrument metadata (payment processing is typically performed by third-party processors);
(c) Technical and Usage Information: IP address, device identifiers, browser type, operating system, approximate location derived from IP, timestamps, and interaction logs;
(d) Security and Audit Metadata: authentication events, access logs, approvals, policy gate events, administrative actions, and workspace event metadata;
(e) Support and Communications: support tickets, correspondence, and feedback.

3.2 Cookies and Similar Technologies. Stacksona may use cookies and similar technologies to operate, secure, and improve its websites and Services, and to remember preferences. You can control cookies through browser settings, subject to limitations.

3.3 Customer Data. Stacksona processes Customer Data only to provide and secure the Services and as otherwise instructed by the Customer under the applicable agreement(s).

4. HOW WE USE INFORMATION
4.1 We use Service Data to:
(a) provide, operate, maintain, and secure the Services;
(b) authenticate users (including multi-factor authentication where enabled);
(c) administer accounts, permissions, and access controls;
(d) enforce governance controls (including approvals, policy gates, audit trails, and rollback mechanisms);
(e) monitor performance, detect fraud, prevent abuse, and troubleshoot issues;
(f) communicate with you regarding the Services, updates, and support;
(g) comply with applicable law and enforce our legal rights.

4.2 We do not sell personal information.

5. HOW WE DISCLOSE INFORMATION
5.1 Subprocessors and Service Providers. We may disclose Service Data to vendors and service providers (“Subprocessors”) that support the Services (e.g., hosting, logging, analytics, security, customer support, and payment processing), subject to contractual obligations consistent with this Privacy Policy and applicable law.

5.2 Legal and Safety. We may disclose information if we reasonably believe disclosure is required by law, legal process, or governmental request, or is necessary to protect the rights, property, or safety of Stacksona, our Customers, users, or the public.

5.3 Business Transfers. We may disclose information in connection with a merger, acquisition, financing, reorganization, or sale of assets, subject to appropriate confidentiality protections.

6. SECURITY
6.1 Stacksona maintains administrative, technical, and organizational safeguards designed to protect information, including measures such as:
(a) encryption in transit;
(b) encryption at rest;
(c) workspace isolation mechanisms;
(d) centralized logging and audit trail capabilities; and
(e) multi-factor authentication support.

6.2 SOC 2. Stacksona plans to pursue SOC 2 alignment/certification; however, SOC 2 certification is not currently represented as achieved unless explicitly stated in a written agreement signed by Stacksona.

6.3 No system is completely secure. You are responsible for maintaining the confidentiality of your credentials and for appropriate security controls on your side.

7. DATA RETENTION
7.1 Stacksona retains Service Data as needed to provide the Services, meet legal and accounting obligations, resolve disputes, enforce agreements, and maintain security.

7.2 Customer Data retention is governed by Customer configuration and the applicable agreement(s).

8. INTERNATIONAL TRANSFERS
Information may be processed in the United States and other jurisdictions where Stacksona or its service providers operate. Where required, Stacksona will implement appropriate safeguards for such transfers.

9. YOUR RIGHTS
9.1 Depending on your jurisdiction, you may have rights to access, correct, delete, or restrict processing of personal information.

9.2 Requests regarding Customer Data must be directed to the applicable Customer (your employer or organization).

10. CHILDREN
The Services are not directed to individuals under eighteen (18), and Stacksona does not knowingly collect personal information from children.

11. CHANGES
We may update this Privacy Policy from time to time. Changes are effective upon posting, unless otherwise stated. Your continued use of the Services after changes become effective constitutes acceptance.

12. CONTACT
Privacy inquiries: [email protected] (or such other contact method designated by Stacksona from time to time).