Last Updated: March 1, 2025
Thank you for using Taavia. Please read this Privacy Policy carefully before using our Services, to understand how we collect, use, disclose, and protect your personal data. This Policy also explains the legal bases on which we process your data, in compliance with applicable data protection laws (including GDPR).
Scope:
This Privacy Policy applies to your access and use of services provided by FLEXINEXA Inc., through taavia.ai and related digital platforms.
By accessing the Services or clicking “Agree” during registration, you consent to the collection, use, processing, and sharing of your personal data by Taavia and its authorized representatives as described herein.
If you do not agree to this Privacy Policy, please do not access or use our Services.
Supplementary Nature:
This Privacy Policy does not supersede or replace any prior consents you may have given us regarding your personal data. All consents granted here are cumulative and without prejudice to our other lawful bases for processing under applicable law.
Third-Party Services:
This Policy does not apply to products or services independently provided by third parties via our Services (e.g., external links or search results).
We are not responsible for the privacy practices of such third parties, and you should consult their respective privacy policies before using those services.
This Privacy Policy helps you understand how we handle your personal data. It is organized into the following sections:
- How Do We Collect and Process Your Personal Data
II. How Do We Use Your Personal Data
III. How Do We Use Cookies and Similar Technologies
IV. How Do We Disclose Your Personal Data
V. How’s Your Personal Data Transferred Globally
VI. How Do We Retain Your Personal Data
VII. How Do We Protect Your Personal Data
VIII. How Do We Process Children’s Personal Data
IX. Your Rights to Your Personal Data
X. How to Update the Privacy Policy
XI. How to Contact Us
For the purposes of this Privacy Policy, “personal data” refers to any information relating to an identified or identifiable natural person.
We collect personal data to enable more efficient operation of our Services and to offer you the best possible experience.
We may collect personal data in the following ways:
(a) When you provide personal data directly to us (e.g., during account registration, contact forms, support requests)
(b) When you access or use the Services (e.g., usage patterns, interaction logs, device or location information, settings)
(c) When we obtain personal data from authorized third parties (e.g., business partners, identity providers, or social media platforms – with your consent)
| Data Type | Description | Source |
| Account Information | Includes name, email address, or similar data provided when signing up or requesting services. | Information directly provided by you. |
| User Content | Any data you upload or provide when using our Services, including prompts, text, files, images, or audio (if any). | Information directly provided by you. |
| Feedback | Ideas, suggestions, or rating responses (e.g., thumbs up/down) which are stored as part of your usage history. | Information directly provided by you. |
| Communication Information | Messages you send via email or social media channels, including name, contact details, and message contents. | Information directly provided by you. |
| Log Data | Automatically collected device and usage information such as device brand/model, IP address, browser type, and timestamps. | Information automatically collected during your use of the Services. |
| Usage Data | Includes types of content viewed, features used, session details, location (by country), device type, and browser/system details. | Information automatically collected during your use of the Services. |
| Cookies | Used to enhance your experience. See Section III of this Privacy Policy for full details. | Information automatically collected via cookies and similar technologies. |
| SNS Login Data | If logging in with platforms like Google or GitHub, we may collect info (name, email, profile picture) as permitted by your SNS privacy settings. | Information received from third parties with your consent. |
If you provide us with any personal data relating to a third party (e.g., your spouse, children, parents, or friends), by doing so you represent and warrant to Taavia that:
- You have obtained the explicit consent of such third party to provide us with their personal data,
- That the third party is informed of and agrees to the purposes outlined in this Privacy Policy,
- And consents to the collection, use, and disclosure of their personal data by or for the benefit of the parties referenced herein.
You must ensure that all personal data you submit to us is complete, accurate, true, and up-to-date.
Failure to do so may result in our inability to provide you with the products and/or services you have requested.
We may collect, use, process, and/or disclose your personal data for the purposes described below:
| Purpose/Activity | Types of Personal Data | Lawful Basis for Processing |
| To provide, maintain, and facilitate our Services | Account Info, User Content, Feedback, Communication Info, Log Data, Usage Data, Cookies | To perform a service contract with you |
| To send marketing communications (where subscribed) | Account Info, Communication Info | Consent (where required under applicable law) |
| To prevent fraud, illegal activity, or misuse, and protect the security of our systems | Account Info, User Content, Log Data, Usage Data, Cookies | Legitimate interests (security) / Legal obligation |
| To provide technical support and improve our Services | Account Info, Feedback, Log Data, Usage Data, Cookies | Legitimate interests (security & maintenance) |
| To improve the accuracy and quality of our services (including AI models) | User Content, Feedback | Legitimate interests (better user experience) |
| To comply with legal obligations and protect rights, privacy, and safety | All relevant data categories | Legitimate interests and legal obligations |
In addition to the purposes described above, and where permitted under applicable law, we may also collect, use, and disclose your personal data for the following purposes:
(a) Responding to, processing, and handling your queries, feedback, or suggestions, and providing customer support
(b) Verifying your identity
(c) Managing the administrative and business operations of Taavia and complying with internal policies
(d) Facilitating business asset transactions, such as mergers, acquisitions, or sales
(e) Issuing media statements and responding to press inquiries
(f) Managing legal claims, documentation, and dispute resolution processes, including legal advice and contract enforcement
(g) Managing and preparing reports of incidents and accidents
(h) Any other purpose reasonably related to or necessary for the above activities
Additionally, subject to applicable law, you will be deemed to have consented to the collection, use, and disclosure of your personal data in the following situations:
(a) Where you voluntarily provide your personal data in response to a specific request for an identified purpose, and it is reasonable to assume your intention was to share that data
(b) Where the collection, use, and/or disclosure is reasonably necessary for the formation or performance of a contract between you and us (or a third party requested by you), even if such third parties are not specifically named in this Privacy Policy
In certain cases involving specific products or services, we may notify you of additional purposes for which your data is being processed. Where so notified, we will process your data accordingly.
1. Cookies and Similar Technologies We Use
We may use cookies and similar technologies to gather information resulting from your access and/or use of the Taavia platform. These technologies may include:
1.1 Cookies or Browser Cookies
Cookies are small text files stored on your device when you visit our website or platform, helping us retain information such as your preferences.
Cookies can be either:
- Persistent Cookies, which remain across sessions, or
- Session Cookies, which are deleted when you close your browser.
We may use both types for the purposes listed below:
| Cookie Type | Duration | Administered By | Purpose |
| Necessary / Essential Cookies | Session | Taavia | Required for proper functioning of our Services, used to authenticate users and prevent fraudulent use. |
| Cookies Policy / Notice Acceptance Cookies | Persistent | Taavia | Detects whether the user has accepted the use of cookies. |
| Functionality Cookies | Persistent | Taavia | Remembers choices like login details, language preferences, to enhance user experience. |
Additionally, we may use cookie and similar tracking technologies to:
- Analyze user trends
- Manage our platform
- Track engagement and navigation
- Enhance service quality
The information collected may include your IP address, browser type, ISP, referring/exit pages, files viewed (e.g., HTML, graphics), operating system, timestamp, and clickstream data.
1.2 Web Beacons
Some parts of our Services may contain small electronic files known as web beacons (also called clear gifs, pixel tags, or single-pixel gifs). These help us:
- Count how many users have visited certain pages,
- Analyze the popularity and usage of certain features and content,
- Improve the performance and reliability of our Services.
2. Clear or Disable Cookies
You may manage cookies through your browser settings. We will respect your cookie preferences and only use cookies and similar technologies accordingly.
🔔 Please note that some functions of our Services rely on cookies. If you do not accept or disable cookies, some features may not work as intended.
Here are links to documentation for common browsers (for reference only – Taavia is not liable for accuracy or updates):
- Microsoft Internet Explorer
- Microsoft Edge
- Mozilla Firefox
- Google Chrome
- Safari for macOS
- Safari for iOS
3. More Information About Cookies
To learn more about cookies, including how to accept, delete, or disable them, you may visit:
We may disclose your personal data to the following categories of recipients:
- Our affiliated companies within the Taavia Group, and/or their designated service providers, who process personal data to help us provide our Services to you;
- Third-party service providers and business partners, who process data on our behalf for purposes outlined in this Privacy Policy or as required for the delivery of our Services;
- Analytics providers, search engine operators, or similar third-party platforms that assist in improving, optimizing, or operating our websites, platforms, or services;
- Any business partner, investor, assignee, or transferee (actual or prospective) in the context of a business transaction involving a merger, acquisition, or asset/debt transfer involving Taavia or any of its entities;
- Competent law enforcement agencies, regulators, courts, government bodies, or our professional advisors, where disclosure is necessary:
- (i) under applicable laws and regulations,
- (ii) to establish, exercise or defend our legal rights or those of third parties, or
- (iii) to protect your vital interests or those of another individual;
- (i) under applicable laws and regulations,
- Any other party, where you have explicitly consented to such disclosure.
Depending on your location and the features of the Services you access or use, your personal data may be transferred to and processed in countries outside your jurisdiction, such as to a Taavia Group affiliate or third-party service provider (as outlined in Section IV).
These countries may have different data protection laws from those in your country (and in some cases, may not offer the same level of protection).
🔐 Nevertheless, we implement appropriate safeguards to ensure that your personal data remains protected in accordance with this Privacy Policy and applicable law. We only transfer personal data internationally in compliance with relevant data protection laws and using legally valid data transfer mechanisms.
📍 Generally, our Services are operated from Canada, and our group companies and service providers are primarily based in Canada and/or Germany. Therefore, your personal data is typically processed in one or both of these jurisdictions.
We retain your personal data only for as long as we have a legitimate business or legal reason to do so—such as to fulfill a service you have requested or to comply with applicable legal, tax, or accounting obligations.
In some situations, we may also retain your personal data after your account has been deleted, including:
- Where we are legally obligated to do so (e.g., by court order)
- To respond to user complaints or requests
- For ongoing legal proceedings or regulatory compliance matters
⏳ The retention period depends on the nature of the personal data, its purpose, and any legal requirements associated with it.
🗑 Once we no longer need to retain your personal data, we will securely delete it or anonymize it so that it can no longer be associated with you.
We implement appropriate technical and organizational measures to safeguard the personal data we collect, use, disclose, and process. These safeguards are designed to provide a level of security appropriate to the risk of the data processing involved.
Our security measures include:
- Encrypting your personal data both in transit and at rest
- Developing and implementing an Information Security Programme based on recognized industry standards
- Using advanced malware protection tools
- Applying reasonable security measures, including vulnerability management, access controls, and recovery/resilience protocols
However, no method of data transmission over the Internet or any wireless network is completely secure. Therefore, while we strive to protect your data, we cannot fully guarantee the security of any personal data you transmit to us, and you do so at your own risk.
We also do not guarantee the security of your devices, accounts, or personal data when using our Services. If you create an account with us and choose a password, you are solely responsible for keeping that password secure and confidential.
Our Services are not directed to, or intended for, individuals under the age of 18.
We do not knowingly collect personal data from children under the age of 13.
If you believe that a child under 13 has provided personal data to us through the Services, please contact our Data Protection Officer (DPO) using the contact details provided at the end of this policy.
📌 Upon receiving such notice, we will investigate and, if appropriate, promptly delete the child’s personal data from our systems.
Depending on the jurisdiction in which you reside, you may have the following rights concerning your personal data:
1.1 Access your personal data and information regarding its processing
1.2 Request deletion or erasure of your personal data
1.3 Request updates or corrections to your data
1.4 Request a copy of your data in a portable format (Data Portability)
1.5 Restrict or object to the way we process your personal data
1.6 Withdraw previously given consent
1.7 File a complaint with the data protection authority in your country
📌 Some of these rights may be exercised directly via your account on the Taavia Services.
If you are unable to exercise them through your account, please contact us at:
We will review and respond to all data rights requests in accordance with applicable data protection laws.
We may update this Privacy Policy from time to time in response to legal, regulatory, technical, or business developments.
✅ Any changes to this Privacy Policy will be communicated by updating the version available through our Services. The revised Privacy Policy becomes effective immediately upon update or on a specified effective date.
At our discretion, we may also provide notice of significant changes through channels such as email (to the email address in your account) or via notifications within the Taavia platform before the changes take effect.
📌 To the extent permissible by law, you agree to be bound by the latest version of this Privacy Policy as updated from time to time. Please review this policy regularly to stay informed about how your personal data is being handled.
🕓 You can check when this Privacy Policy was last updated by referring to the “last updated” date shown at the top of this document.
Admin Access to End-User Data
Website administrators using Taavia may be granted access to certain data collected through the AI assistant, such as frequently asked questions or messages submitted by end-users. This level of access is fully configurable, and Taavia provides tools that allow website owners to define exactly which types of data can be accessed, and by whom (e.g., admin, support agent, consultant, etc.).
Taavia recommends configuring access controls in line with the principle of least privilege, ensuring end-user privacy is respected at all times.
User & Organization Data Deletion Policy
taavia provides both end-users and enterprise clients the ability to request account deletion and removal of their associated data at any time.
Users may initiate this process via their settings panel or by contacting our support team. The deletion process includes:
- Removal of personally identifiable information (PII) from active databases
- Deletion of stored conversations (upon request)
- Termination of access to all related services
For enterprise clients, taavia is committed to erasing relevant data within 30 business days of receiving a formal request, unless retention is legally required.
If you have any questions about this Privacy Policy, or if you have any complaints, inquiries, or requests concerning your personal data, you may contact our Data Protection Officer (DPO) via the following contact information:
📨 Attention: Data Protection Officer (DPO)
Company: FLEXINEXA
Address: 19 Tannery Court, Richmond Hill, Ontario, L4C7V5, Canada
Email: [email protected]
📌 Please note: If your personal data was submitted to us by a third party, you should contact them directly for any requests, feedback, or access/correction actions on your behalf.
📌 You may withdraw your consent at any time in accordance with applicable law. However, depending on the nature of your withdrawal, this may affect our ability to continue providing services to you, maintain existing contracts, or fulfill ongoing obligations. This may result in termination of your agreements or a breach of contract on your part. All legal rights of Taavia remain expressly reserved.
