Privacy Policy

ai-dm is a provider of an AI-powered decision and execution platform for marketing agencies, businesses and D2C brand owners. Our platform helps brand owners, businesses, and marketing agencies plan content, run campaigns, manage brand knowledge, and act on growth opportunities across connected social, search, and advertising channels, while maintaining human approval at every consequential step.

ai-dm is a SaaS product by:

EUPHORICA VENTURES PRIVATE LIMITED Floor No.: Second Floor Building No./Flat No.: No 07 Road/Street: 22nd Cross Locality/Sub Locality: Cubbonpet Main Road City/Town/Village: Bengaluru District: Bengaluru Urban State: Karnataka, India PIN Code: 560002

GST: 29AAGCE3637A1ZV PAN: AAGCE3637A TAN: BLRE11387F CIN: U74999KA2021PTC145032

Email for all Privacy Policy, Data Deletion and Terms of Service: ai-dm@ai-dm.ai

While the purposes for which we may process personal information will vary depending upon the circumstances, in general, we use personal information for the business and commercial purposes set forth below:

• Provide and Improve Our Services: We create and maintain your accounts, fulfill your requests for resources and support, build and update your brand's Knowledge Graph, answer your questions through the conversational chat interface, generate and present content through our AI workflows, surface AI-driven recommendations and input field suggestions, and operate our Products and Websites efficiently.
• Communicate with You: Whether it is responding to your inquiries, sending you information about our Products or events, or providing updates and support, we are here to keep you informed and connected. This includes marketing content if you have opted to receive it, and includes Budget Cap notifications and other PAYG account alerts.
• Manage Customer Relationships: We ensure your account is serviced, your commercial contracts are managed, and billing (including PAYG metered usage aggregation) and credit balances are facilitated smoothly.
• Ensure Safety and Security: We monitor for suspicious activity, fraud, and legal compliance, fix bugs, and maintain the overall integrity and security of our Products and Websites.
• Business Purposes: We analyze usage trends and performance to improve our offerings, personalize your experience, market our Products, conduct internal research, ensure quality, and keep our business records up to date.
• Legal Compliance: We meet our legal obligations, enforce our Terms of Service and other policies, and manage any corporate transactions such as mergers or acquisitions.
• Legitimate Business Interests: We balance our business needs with your interests, processing your information with care and, where necessary, with your consent.

ai-dm is a decision-support and execution-assistance platform. We do not autonomously execute consequential actions on your behalf. Every consequential action surfaced by ai-dm — whether through the conversational chat interface, agentic reasoning, content modules, or any other surface — including but not limited to publishing content, launching or modifying advertising campaigns, sending direct messages, allocating budgets, or sharing data with third-party platforms, requires explicit approval by an authorized user of your account before it is executed.

ai-dm does not engage in solely automated decision-making that produces legal effects concerning you or similarly significantly affects you.

ai-dm operates a Knowledge Graph for each brand customer. Each brand's Knowledge Graph is logically isolated from every other brand's Knowledge Graph.

We do not share, expose, or propagate one brand customer's raw data, identifiable creatives, identifiable campaign data, audience data, chat conversations, or messages to any other brand customer. Brand A will never see Brand B's data.

ai-dm may derive abstracted, aggregated, and anonymized learnings, patterns, benchmarks, and statistical signals from data across the platform. These abstracted learnings may be used to improve our Services and, where appropriate, to surface category-level benchmarks or pattern-level insights to our customers. Such learnings:

• Do not identify any individual brand, customer, end-user, or audience member;
• Cannot be reverse-engineered to reconstruct any individual brand's raw data, creatives, audiences, campaign details, or chat conversations;
• Are governed by minimum-cohort thresholds (a minimum number of contributing brands or records per insight, sufficient to prevent re-identification) and other technical and organizational safeguards designed to prevent re-identification. These safeguards include the removal of all direct and indirect identifiers, aggregation to ranges or buckets rather than precise values where appropriate, k-anonymity-style cohort sizing, and contractual prohibitions on attempted re-identification by our employees, contractors, and service providers.

Once data is properly anonymized and aggregated to meet these thresholds and safeguards, it no longer constitutes personal data under GDPR, CCPA/CPRA, the DPDP Act, or equivalent laws, and is retained by ai-dm in perpetuity for the purposes described in this section.

We do not sell raw platform data sourced from connected social, search, or advertising platforms, and we do not use such data for independent advertising, ad targeting, or audience-building purposes outside the scope of the brand customer that owns the data. We do not use raw platform data, your inputs, your chat messages, or Your Content to train large language models — whether ours or third parties'.

Pursuant to the EU General Data Protection Regulation (GDPR), the UK Data Protection Act 2018, the California Consumer Privacy Act (CCPA), the California Privacy Rights Act (CPRA), the Colorado Privacy Act (CPA), the Delaware Personal Data Privacy Act (DPDPA), the Iowa Consumer Data Protection Act (ICDPA), the Montana Consumer Data Privacy Act (MTCDPA), the Nebraska Data Privacy Act (NDPA), the New Hampshire Data Privacy Act (NHDPA), the New Jersey Data Privacy Act (NJDPA), the Oregon Consumer Privacy Act (OCPA), the Tennessee Information Protection Act (TIPA), the Texas Data Privacy and Security Act (TDPSA), the Utah Consumer Privacy Act (UCPA), the Virginia Consumer Data Protection Act (VCDPA), the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA), the Indian Digital Personal Data Protection Act (DPDP Act), and other privacy laws and regulations, in general, we process your personal information for the following legal bases:

• Performance of our contract with you.
• To comply with a legal obligation to which ai-dm is subject.
• For our legitimate business interests.
• With your consent.

We share your information in accordance with the practices described in this Privacy Policy. We may share your information with:

• Affiliates: We may share your Personal Information with ai-dm affiliates so that they can help provide our Services, service your account, or troubleshoot concerns or support legitimate business operations.
• Authorized Service Providers: We share your Personal Information with authorized third-party vendors and service providers which support the delivery of our Websites and Services, enable our marketing activities, support our business operations, as well as professional advisors or auditors. This category currently includes:
• Cloud infrastructure providers (currently Amazon Web Services for the core platform; the Next.js frontend may be hosted on Vercel) for compute, storage, databases, and network services;
• AI providers (currently Anthropic and OpenAI) for large language model inference, embedding generation, and related AI capabilities;
• Workflow automation providers (currently Make.com) for the orchestration of certain content workflows;
• Data providers (including but not limited to DataForSEO, Bright Data, Apify, Firecrawl, and Perplexity) for search intelligence, web scraping, and AI-search visibility data;
• Payment processors (currently PayU and Stripe) for subscription and PAYG metered billing;
• Identity providers for authentication services;
• Email and communication service providers for transactional and notification emails. The specific list of underlying providers may change over time; the current list is reflected here and may be updated in subsequent revisions of this Policy.
• Social Networks, Advertising Platforms, and Integrated Applications: We share Personal Information with social networks, advertising platforms, and integrated applications that you have chosen to authenticate and connect with ai-dm — including Meta, Google, LinkedIn, TikTok, X, Pinterest, and others — and only to the extent necessary to execute actions you have explicitly approved.
• Marketing Agency–Brand Relationships: If you are a brand owner or business whose account is managed by a marketing agency on ai-dm, your authorized marketing agency users will have access to your account data in line with the permissions you have granted them. If you are a marketing agency, the brand owners and businesses you onboard will have access to their own account data and not to the data of any other brand or business on your account.
• Legal Purposes: We may disclose Personal Information in response to legal demands such as subpoenas, court orders, law enforcement requests, legal claims or government inquiries, to detect fraud, or to protect the rights, interests, safety, and security of ai-dm, our users, or the public.
• Business Transfers: We may share your Personal Information with third parties in connection with corporate transactions, such as sales, mergers, or consolidations.
• With Your Consent and Instruction: We will also share your Personal Information where you have consented to such sharing, or as otherwise authorized.

We contractually prohibit our service providers from retaining, using, or disclosing information about you for any purpose other than performing the services for us, although we may permit them to use information that does not identify you for their own business purposes. We do not authorize our AI providers to train their models on your inputs or our outputs delivered through their commercial APIs; by default, the commercial terms of these providers prohibit such training.

ai-dm, and third parties we interact with, use cookies, web beacons, local shared objects (sometimes called flash cookies), and similar technology in connection with your use of our Services and third-party websites (collectively referred to in this policy as "Cookies"). Cookies are small data files that may have unique identifiers, and reside, among other places, on your computer or mobile device, in emails we send to you, and on our Service.

When we use Cookies, we do so to further Services features and processes, facilitate relevant advertising, and help learn more about how users engage with our Service. Cookies may be persistent or stored only during an individual session.

We use Cookies to:

• Transmit information about you and your use of our Service;
• Allow us to help you navigate the Service, track your preferences, conduct product research, improve the Service, troubleshoot issues, and monitor performance;
• Display relevant advertising;
• Help understand your preferences and usage of our Services.

You can manage your Cookie preferences through your browser settings or by clicking on the "Cookie Preferences" link in the footer of our website. When you manage your cookie preferences, this may impact your experience using our Services as certain features may not function properly without cookies.

ai-dm is dedicated to protecting children's privacy online and ensuring compliance with COPPA and all relevant laws. Our Services are intended for a general audience and not directed at children under eighteen (18). If we find that we have inadvertently collected personal information from a child under eighteen, we will promptly delete it or inform the relevant customer.

The security of your Personal Information is of paramount importance to us. ai-dm intends to protect your personal information and to maintain its accuracy. We implement reasonable physical, administrative, and technical safeguards to help us protect your personal information from unauthorized access, use and disclosure. For example, we encrypt sensitive personal information such as payment information and OAuth tokens when at rest and in transit, we enforce access controls in our databases including tenant-level data isolation, and we enforce least-privilege access to brand data.

We also require that our suppliers protect such information from unauthorized access, use and disclosure. We will also take reasonable precautions to ensure that our staff and employees who have access to Personal Information have received adequate training and are subject to confidentiality obligations. All employees who are permitted to handle Personal Information are subject to statutory or contractual confidentiality obligations and may only get access to Personal Information in accordance with ai-dm's access control policies.

We retain information we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested, to keep your brand's Knowledge Graph up to date, to maintain chat conversation history for your reference, or to comply with applicable legal, tax or accounting requirements).

When we have no ongoing legitimate business need to process your information, we will either delete or anonymize it in accordance with our data retention policy, or, in the limited circumstances where this is not possible (for example, because your information has been stored in backup archives), then we will securely store your information and isolate it from any further processing until deletion is possible.

If you wish to cancel your account or request that we no longer use your personal information to provide the Services to you, please visit our Data Deletion page at https://www.ai-dm.ai/data-deletion or contact us as set forth below, in the Contact Details section. However, if you withdraw consent or otherwise object to our collection, use and disclosure of your personal information, you may not be able to use the Services. Further, to the extent permitted by applicable law, we will retain and use your personal information as necessary to comply with our legal obligations, resolve disputes, maintain appropriate business records, and enforce our agreements.

Subject to the conditions set out in the applicable law, Users in the European Union/European Economic Area, and the United Kingdom (as well as in other jurisdictions where similar rights apply) have the following rights regards our processing of their personal information:

• Right of access: If you ask us, we will confirm whether we are processing your personal information and, if necessary, provide you with a copy of that personal information (along with certain other details).
• Right to correction (rectification): If the personal information we hold about you is inaccurate or incomplete, you are entitled to request to have it corrected. If you are entitled to have information corrected and if we have shared your personal information with others, we will let them know about the rectification where possible.
• Right to erasure: You can ask us to delete your personal information in some circumstances, such as where we no longer need it or if you withdraw your consent (where applicable). If you request that we delete your personal information, we may do so by deleting your account(s) with us. You may submit a deletion request via our Data Deletion page at https://www.ai-dm.ai/data-deletion or by emailing ai-dm@ai-dm.ai.
• Right to restrict (block) processing: You can ask us to restrict the processing of your personal information in certain circumstances, such as where you contest the accuracy of that personal information, or you object to our use or stated legal basis.
• Right to data portability: You have the right, in certain circumstances, to receive a copy of personal information we have obtained from you in a structured, commonly used, and machine-readable format, and to reuse it elsewhere or to ask us to transfer this to a third party of your choice.
• Right to object: Where our processing is based on our legitimate interests, we must stop such processing unless we have compelling legitimate grounds that override your interest or where we need to process it for the establishment, exercise, or defense of legal claims. Where we are relying on our legitimate interests, we believe that we have a compelling interest in such processing, but we will individually review each request and related circumstances.
• Right to object to marketing: You can ask us to stop processing your personal information to the extent we do so based on our legitimate interests for marketing purposes. If you do so, we will stop such processing for our marketing purposes.
• Right not to be subject to automated decision-making: You have the right not to be subject to a decision when it is based on automatic processing if it produces a legal effect or similarly significantly affects you. ai-dm does not engage in automated decision-making of this kind. All consequential actions taken via ai-dm require explicit human approval.
• Right to withdraw your consent: In the event your personal information is processed based on your consent, you have the right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
• Right to lodge a complaint: You also have the right to lodge a complaint with a supervisory authority if you consider that our processing of your personal information infringes the law.

Please note that some of these rights may be limited, such as where we have an overriding interest or legal obligation to continue to process the data. Please contact us using the information set out in the Contact Details section, if you wish to exercise any of your rights or if you have any enquiries or complaints regarding the processing of your personal information by us.

Your information may be transferred to, and processed in, countries other than the country in which you are resident. These countries may have data protection laws that are different to the laws of your country.

Specifically, our cloud infrastructure providers operate data centers in multiple regions, and our group companies and third-party service providers and partners (including AI providers, data providers, and payment processors) operate around the world. This means that when we collect your information we may process it in any of these countries.

However, we have taken appropriate safeguards to ensure that your information will remain protected in accordance with this Privacy Policy and applicable legal requirements. These include our use of European Commission-approved Standard Contractual Clauses (along with the UK Addendum, where appropriate) and, as applicable, our commitment (and commitments made by third-party transferees) to honor the principles set forth in the applicable data privacy frameworks, to the extent each such framework is accepted as a lawful mechanism under which personal data can transfer in compliance with applicable laws.

The data protection laws of the countries to which we send Personal Information may vary from those in your country of residence. When we transfer Personal Information outside of your country of residence, where required by law, we carry out transfer impact assessments and ensure that there is an adequate transfer mechanism in place, such as standard contractual clauses. We also make sure that recipients of your Personal Information, especially third-party recipients, have an adequate transfer mechanism in place as well. This is to ensure an equivalent level of protection of your Personal Information is provided in those countries.

ai-dm is, by design, an AI-driven decision-support and execution-assistance platform. We use artificial intelligence (AI) — including large language models, agentic reasoning graphs, tool-using agents, retrieval-augmented systems, our proprietary Knowledge Graph, a conversational chat interface, AI-driven Knowledge Graph slicing for input field suggestions, and an AI-driven output presentation layer — to enhance our services and user experience. We collect data during AI interactions in order to provide the Services, to support your usage and billing records, and to derive abstracted, aggregated learnings as described in the Cross-Brand Learning and Anonymized Insights section.

We commit to the following AI practices:

• Transparency. AI is in continuous use across substantially all features and workflows of ai-dm. By using the Services, you understand that AI is always active and that you will not receive a separate notification for each individual use of AI. We notify you of this continuous AI use in this Policy, in our Terms of Service, and in our product interface.
• Human Oversight. Every consequential action surfaced by our AI requires explicit human approval before execution. ai-dm will never autonomously publish content, launch campaigns, send messages, allocate budgets, or share data with third parties without your approval. This applies whether the action originated in our conversational chat interface, an agentic reasoning flow, a content module job, or any other surface.
• Agentic Safeguards. Our agentic AI reasoning is constrained by architectural safeguards enforced at the runtime level, including bounded tool registries, maximum iteration caps, per-session token budgets, mandatory entity citation, sparse-context disclosure, structured tool result validation, mandatory human-in-the-loop pauses on consequential tools, full audit trails per agent step, and deterministic fallback when an agent fails to produce a valid result. These safeguards mitigate but do not eliminate the risks inherent in AI.
• Brand Data Isolation. Each brand customer's raw data, creatives, audiences, Knowledge Graph entries, and conversational chat history are logically isolated from those of other brand customers. Cross-brand learning is performed only on abstracted, aggregated, and anonymized data, as described in the Cross-Brand Learning and Anonymized Insights section.
• No LLM Training on Customer Data. We do not use Your Content, your inputs, your chat messages, your Knowledge Graph entries, or any data sourced from Connected Platforms to train large language models, whether ours or third parties'. Our AI providers' commercial terms, by default, prohibit them from training their models on our API inputs and outputs.
• User Control. Users have control over their personal data, including access, management, and deletion options. PAYG users additionally control their monthly Budget Cap and may adjust it at any time within the platform's published constraints.
• Compliance. We comply with applicable data protection regulations, such as GDPR, CCPA, PIPEDA, and the Indian DPDP Act, and we align our AI systems with applicable AI governance standards, including the EU Artificial Intelligence Act, through measures like transparency, human oversight, risk assessments, data protection, and accountability.

To the extent your data is sourced from, or actions are executed through, third-party platforms (including Meta (Facebook, Instagram, Meta Business Suite, Meta Business Manager, Meta Ads Manager, Meta Pixel), Google (Google Ads, YouTube, Google Business Profile, Google Analytics, Google Tag Manager, Google Merchant Center, Google Search Console), LinkedIn, TikTok, X, Pinterest, or any other connected platform), our use of such data is also governed by the developer terms, platform terms, and data use policies of those platforms.

We do not use data sourced from these platforms for any purpose other than to provide our Services to the brand customer that authorized the connection. We do not sell or independently monetize data sourced from these platforms. We do not use data sourced from these platforms to train large language models. We collect data from these platforms on the recurring cadence that you configure within your plan's permitted range, and we delete such data in accordance with our Data Deletion page upon disconnection or account termination, except for anonymized aggregated learnings governed by the Cross-Brand Learning and Anonymized Insights section.

For platforms requiring formal developer or business app approval — including Meta App Review, Google OAuth Verification, LinkedIn Partner Program, X Developer Access, and Pinterest Business Access — ai-dm undertakes and maintains compliance with the conditions of those approvals.

ai-dm collects data from many third-party data sources on a recurring schedule. For most sources — including but not limited to keyword rank tracking, SERP data, backlink data, competitor advertising data, organic search performance, paid advertising insights, AI-search visibility panels, organic social media performance, and competitor content monitoring — you may configure the frequency of collection per data source, within the limits permitted by your subscription plan or PAYG tier and within the rate limits imposed by the upstream data providers.

More frequent collection produces more current data and consumes more credits or PAYG units. ai-dm publishes default cadences for each plan tier, and may modify minimum or maximum cadence limits with reasonable notice.

If any provision of this Policy is found to be unlawful, void, or for any reason unenforceable, then that provision shall be deemed severable from this Policy and shall not affect the validity and enforceability of any remaining provisions.

This Policy, along with the Terms of Service and the Data Deletion page, constitute the entire terms with respect to the relationship between ai-dm and you and supersedes all prior agreements, whether written or oral, concerning such relationship. This Policy may not be changed, waived, or modified except by ai-dm as provided herein or otherwise by written instrument signed by ai-dm.

We may update this Policy from time to time in response to changing legal, technical or business developments. When we update our Policy, we will take appropriate measures to inform you, consistent with the significance of the changes we make. For material changes, we will provide notice by posting the updated Policy at https://www.ai-dm.ai/privacy-policy, updating the "Last Updated" date at the top of this Policy, and where appropriate sending notice to the email address on your account or displaying an in-app notice at least thirty (30) days before the changes take effect. We will obtain your consent to any material Privacy Policy changes if and where this is required by applicable data protection laws.

You can see when this Privacy Policy was last updated by checking the "Last Updated" date displayed at the top of this Privacy Policy.

This section applies only to California consumers and describes how we collect, use, and share California consumers' Personal Information in our role as a business, and the rights applicable to such residents. If you are unable to access this Privacy Policy due to a disability or any physical or mental impairment, please contact us and we will arrange to supply you with the information you need in an alternative format that you can access.

California residents have the following rights:

• The right of access means that you have the right to request that we disclose what Personal Information we have collected, used and disclosed about you in the past 12 months.
• The right of deletion means that you have the right to request that we delete Personal Information collected or maintained by us, subject to certain exceptions. You may submit a deletion request via our Data Deletion page at https://www.ai-dm.ai/data-deletion or by emailing ai-dm@ai-dm.ai.
• The right to non-discrimination means that you will not receive any discriminatory treatment when you exercise one of your privacy rights.

As a California Resident, you can exercise your rights yourself or you can alternatively designate an authorized agent to exercise these rights on your behalf. Please note that to protect your Personal Information, we will verify your identity by a method appropriate to the type of request you are making. We may also request that your authorized agent have written permission from you to make requests on your behalf, and we may also need to verify your authorized agent's identity to protect your Personal Information.

This section applies to users resident in India and describes rights available under the Digital Personal Data Protection Act, 2023 (the "DPDP Act"). Subject to the conditions set out under the DPDP Act, India residents have the right to access, correct, update, and erase their personal data, the right to grievance redressal, and the right to nominate another individual to exercise these rights in the event of death or incapacity.

To exercise these rights or to raise a grievance, please contact our Grievance Officer using the Contact Details section below, or submit a deletion request via our Data Deletion page at https://www.ai-dm.ai/data-deletion.

If you have any questions, complaints or comments regarding our Policy or practices, please submit a request by emailing ai-dm@ai-dm.ai (or the email address listed on our website at the time of your request).

For postal correspondence, please write to the address listed on the "Contact Us" page of our website, marked: Attn: Legal / Privacy. Or:

EUPHORICA VENTURES PRIVATE LIMITED Floor No.: Second Floor Building No./Flat No.: No 07 Road/Street: 22nd Cross Locality/Sub Locality: Cubbonpet Main Road City/Town/Village: Bengaluru District: Bengaluru Urban State: Karnataka, India PIN Code: 560002

GST: 29AAGCE3637A1ZV PAN: AAGCE3637A TAN: BLRE11387F CIN: U74999KA2021PTC145032

Email for all Privacy Policy, Data Deletion and Terms of Service: ai-dm@ai-dm.ai

Data Deletion: To request deletion of your personal information, please visit https://www.ai-dm.ai/data-deletion or email ai-dm@ai-dm.ai.

Data Controller: Sanjay Srivastava, Director and Employee at Euphorica Ventures Private Limited

Grievance Officer: Sanjay Srivastava, Director, Euphorica Ventures Private Limited

This Agreement shall be governed in all respects by applicable law in the jurisdiction in which Euphorica Ventures Private Limited is incorporated, which is Bengaluru, Karnataka in India. The courts of that jurisdiction shall be the exclusive forum for any mediation, arbitration, litigation, or dispute resolution, subject to mandatory rights granted to consumers under their local laws.