Privacy Policy

Introduction

At S.O.T.A. SYSTEMS ("we," "our," or "us"), we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our services.

We are committed to building in public and being transparent about our practices. This extends to how we handle your data.

Information We Collect

Information You Provide

• Waitlist Information: Email address and preferred pricing tier when you join our waitlist
• Account Information: Email, name, and authentication credentials when you create an account (post-launch)
• Payment Information: Billing details processed securely through our payment processor (post-launch)
• Communications: Any information you provide when contacting us via email or support channels

Automatically Collected Information

• Usage Data: API request metadata, response times, and service performance metrics
• Log Data: IP addresses, browser type, access times, and pages visited
• Cookies: Session cookies for authentication and preference storage

How We Use Your Information

We use the collected information for:

• Service Delivery: Providing and maintaining our AI infrastructure services
• Account Management: Creating and managing your account, processing payments, and handling subscriptions
• Communication: Sending updates about our launch, service changes, and responding to inquiries
• Improvement: Analyzing usage patterns to improve performance and user experience
• Security: Detecting and preventing fraud, abuse, and security incidents
• Legal Compliance: Meeting our legal obligations and protecting our rights

Data Storage and Security

We implement industry-standard security measures to protect your data:

• Encryption: All data in transit is encrypted using TLS 1.3
• Infrastructure: Our services run on secure, isolated Kubernetes clusters
• Access Control: Strict role-based access controls and authentication
• Monitoring: 24/7 security monitoring and incident response
• Backups: Regular encrypted backups with geographic redundancy

Your data is stored on servers located in the United States. We retain your data only as long as necessary to provide our services or as required by law.

Data Sharing and Disclosure

We do not sell your personal information. We may share your data only in these circumstances:

• Service Providers: With trusted third-party vendors who assist in operating our services (e.g., payment processing, email delivery)
• Legal Requirements: When required by law, court order, or government request
• Business Transfers: In connection with a merger, acquisition, or sale of assets (with notification)
• Protection: To protect the rights, property, or safety of S.O.T.A. SYSTEMS, our users, or others

All third-party service providers are contractually obligated to maintain the confidentiality and security of your information.

Your API Usage Data

Since we offer flat-rate unlimited tokens, we do not track or store the content of your API requests or responses. We only collect:

• Request timestamps and response times (for performance monitoring)
• Model IDs and endpoint types used
• HTTP status codes and error types
• Aggregate usage statistics per API key

Your prompts and completions are never logged, stored, or used for model training.

Your Rights

You have the following rights regarding your personal information:

• Access: Request a copy of the personal data we hold about you
• Correction: Request correction of inaccurate or incomplete data
• Deletion: Request deletion of your personal data (subject to legal obligations)
• Portability: Request your data in a machine-readable format
• Opt-Out: Unsubscribe from marketing communications at any time
• Objection: Object to processing of your data for certain purposes

To exercise these rights, email us at privacy@sota.systems

Cookies and Tracking

We use minimal cookies necessary for site functionality:

• Essential Cookies: Required for authentication and session management
• Preference Cookies: Remember your theme preference and settings

We do not use advertising cookies or third-party analytics trackers.

International Users

Our services are operated in the United States. If you access our services from outside the U.S., your information will be transferred to, stored, and processed in the United States.

For users in the European Economic Area (EEA) and United Kingdom, we comply with GDPR requirements and provide appropriate safeguards for international data transfers.

Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will notify you of significant changes via:

• Email notification to registered users
• Prominent notice on our website
• Updates to our blog and public roadmap

The "Last updated" date at the top of this policy indicates when it was most recently revised.

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices:

• Email: privacy@sota.systems
• General Inquiries: hello@sota.systems
• Security Issues: security@sota.systems