Privacy Policy

Last Updated: February 11, 2026

At Jandojegs, your privacy is paramount. This policy explains how we collect, use, protect, and share your information.

Quick Summary

We only collect data necessary to provide our services
Your data is never sold to third parties
All data is encrypted with AES-256 at rest and TLS 1.3 in transit
You can request access, correction, or deletion of your data anytime
Fully compliant with GDPR, CCPA, and SOC 2 Type II

1. Information We Collect

Account Information

When you create an account, we collect your name, email address, company name, phone number (optional), and payment information (processed securely via Stripe).

Usage Data

We collect information about how you use our services, including API requests, feature usage, timestamps, IP addresses, browser type, and device information for analytics and service improvement.

Supply Chain Data

To provide AI forecasting and optimization, we process shipment data, inventory levels, supplier information, and operational metrics you provide. This data is strictly used for your account and never shared with competitors.

Cookies & Tracking

We use essential cookies for authentication and session management, analytics cookies (Google Analytics) to understand usage patterns, and performance cookies to optimize load times. You can disable non-essential cookies via your browser settings.

2. How We Use Your Information

Service Delivery: Process AI predictions, generate reports, manage your account, and provide customer support

Communication: Send transactional emails (invoices, system alerts), product updates, and security notifications

Improvement: Analyze aggregate (anonymized) usage patterns to improve AI models and platform features

Security: Detect fraud, prevent unauthorized access, and ensure platform integrity

Legal Compliance: Meet regulatory requirements (SOC 2, GDPR, CCPA)

3. Data Sharing & Disclosure

We NEVER sell your data to third parties. Period.

We only share data in these limited circumstances:

Service Providers: Cloud infrastructure (AWS, Vercel), payment processing (Stripe), email delivery (SendGrid) under strict data processing agreements

Legal Obligations: If required by law, court order, or government request (we will notify you unless legally prohibited)

Business Transfers: In the event of a merger or acquisition (you will be notified and can opt out)

4. Data Security

Our Security Measures:

AES-256 Encryption for all data at rest
TLS 1.3 for all data in transit
Multi-Factor Authentication (MFA) for all admin access
Annual Penetration Testing by certified third-party firms
SOC 2 Type II Compliance (in progress)
Automatic PII Redaction from system logs

5. Your Rights (GDPR & CCPA)

You have the following rights regarding your personal data:

Right to Access

Request a copy of all data we hold about you (delivered within 30 days)

Right to Rectification

Correct inaccurate or incomplete data via account settings

Right to Deletion

Request complete data deletion (processed within 30 days, purged within 90 days)

Right to Portability

Export your data in CSV, JSON, or Parquet format

Right to Object

Opt out of non-essential data processing (e.g., marketing emails)

Right to Withdraw Consent

Revoke consent for data processing at any time

To exercise any of these rights, email privacy@jandojegs.com

6. Data Retention

Active Accounts: Data retained as long as your account is active and for 90 days after cancellation (for recovery purposes)

Deleted Accounts: All personal data purged from production systems within 90 days of deletion request. Backups purged within 180 days.

Legal Requirements: Financial records retained for 7 years per tax law. Security logs retained for 2 years per SOC 2 requirements.

7. International Data Transfers

Regional Data Residency: EU customer data is stored on AWS servers in Frankfurt, Germany. US customer data stored in AWS US-East-1 (Virginia).

Cross-Border Transfers: When necessary for service delivery, we use Standard Contractual Clauses (SCCs) approved by the European Commission.

Privacy Shield: While Privacy Shield has been invalidated, we comply with GDPR requirements for EU-US data transfers.

8. Children's Privacy

Our services are not intended for individuals under 18 years old. We do not knowingly collect data from children. If you believe a child has provided us with personal information, please contact us at privacy@jandojegs.com and we will delete it immediately.

9. Changes to This Policy

We may update this policy periodically. Material changes will be communicated via email 30 days in advance. Continued use after changes constitutes acceptance. Historical versions available upon request.

10. Contact Us

For privacy-related questions, concerns, or requests:

Email: privacy@jandojegs.com

Data Protection Officer: dpo@jandojegs.com

Mailing Address: Jandojegs Inc., 123 AI Boulevard, San Francisco, CA 94105, USA

EU Representative (for GDPR inquiries): [To be appointed prior to EU launch]

Questions About Privacy?

Our team is here to help clarify any privacy concerns

Contact Privacy Team

Loading…