Hero background

Privacy Policy

Last updated February 20, 2025

This Privacy Notice for Secure AI Project ('we', 'us', or 'our'), describes how and why we might access, collect, store, use, and/or share ('process') your information when you use our services ('Services'), including when you:

  • Visit our website at secureaiproject.org, or any website of ours that links to this Privacy Notice
  • Engage with us in other related ways, including any marketing or events

Questions or concerns? Reading this Privacy Notice will help you understand your privacy rights and choices. We are responsible for making decisions about how your information is processed. If you do not agree with our policies and practices, please do not use our Services. If you still have any questions or concerns, please contact us at privacy@secureaiproject.org.

Summary of Key Points

This summary provides key points from our Privacy Notice, but you can find out more details about any of these topics by clicking the link following each key point or by using our table of contents below to find the section you are looking for.

What information do we process? When you visit, use, or navigate our Services, we process minimal information about your visit through our analytics provider. We do not collect personal information that identifies you individually. Learn more about information we process.

Do we process any sensitive personal information? We do not process sensitive personal information.

How do we process your information? We process your information to provide, improve, and administer our Services, for security and fraud prevention, and to comply with law. We process your information only when we have a valid legal reason to do so. Learn more about how we process your information.

In what situations and with which parties do we share information? We may share information in specific situations and with specific third parties. Learn more about when and with whom we share your information.

How do we keep your information safe? We have organizational and technical processes and procedures in place to protect your information. However, no electronic transmission over the internet or information storage technology can be guaranteed to be 100% secure. Learn more about how we keep your information safe.

What are your rights? Depending on where you are located geographically, the applicable privacy law may mean you have certain rights regarding your information. Learn more about your privacy rights.

How do you exercise your rights? The easiest way to exercise your rights is by contacting us at privacy@secureaiproject.org. We will consider and act upon any request in accordance with applicable data protection laws.

Want to learn more about what we do with any information we process? Review the Privacy Notice in full.

Table of Contents

  1. What Information Do We Process?
  2. How Do We Process Your Information?
  3. What Legal Bases Do We Rely on To Process Your Information?
  4. When and with Whom Do We Share Your Information?
  5. How Long Do We Keep Your Information?
  6. How Do We Keep Your Information Safe?
  7. Do We Collect Information from Minors?
  8. What Are Your Privacy Rights?
  9. Controls for Do-Not-Track Features
  10. Do United States Residents Have Specific Privacy Rights?
  11. Do We Make Updates to this Notice?
  12. How Can You Contact Us About this Notice?
  13. How Can You Review, Update, or Delete the Data We Collect From You?

What Information Do We Process?

Information automatically collected

In Short: Some information — such as your Internet Protocol (IP) address and/or browser and device characteristics — is collected automatically when you visit our website.

We automatically collect certain information when you visit, use, or navigate our website. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our website, and other technical information. This information is primarily needed to maintain the security and operation of our website, and for our internal analytics and reporting purposes.

Specifically, we use Plausible Analytics, a privacy-friendly analytics tool that:

  • Does not use cookies
  • Does not track users across websites
  • Does not collect personal information
  • Does not store IP addresses (though geographic location is derived from IP addresses before they are discarded)
  • Collects only aggregated statistics about website visits, such as:
    • Page views
    • Referral sources
    • Geographic location (country, region/state, and city), collected from IP addresses which are then immediately discarded
    • Device type and browser information
    • Duration of visit

We do not process sensitive information.

How Do We Process Your Information?

In Short: We process your information to provide, improve, and administer our Services, for security and fraud prevention, and to comply with law.

We process your information for a variety of reasons, depending on how you interact with our Services, including:

  • To improve user experience. We may process information to improve our website's functionality and user experience.
  • To protect our Services. We may process your information as part of our efforts to keep our website safe and secure.
  • To save or protect an individual's vital interest. We may process your information when necessary to save or protect an individual's vital interest, such as to prevent harm.

What Legal Bases Do We Rely on To Process Your Information?

In Short: We only process your information when we believe it is necessary and we have a valid legal reason (i.e., legal basis) to do so under applicable law, like with your consent, to comply with laws, to provide you with services to enter into or fulfill our contractual obligations, to protect your rights, or to fulfill our legitimate business interests.

If you are located in the EU or UK, this section applies to you.

The General Data Protection Regulation (GDPR) and UK GDPR require us to explain the valid legal bases we rely on in order to process your information. As such, we may rely on the following legal bases to process your information:

  • Legitimate Interests. We may process your information when we believe it is reasonably necessary to achieve our legitimate business interests and those interests do not outweigh your interests and fundamental rights and freedoms. For instance, we process aggregated website analytics data to improve and optimize our Services.
  • Legal Obligations. We may process your information where we believe it is necessary for compliance with our legal obligations, such as to cooperate with a law enforcement body or regulatory agency, exercise or defend our legal rights, or disclose your information as evidence in litigation in which we are involved.
  • Vital Interests. We may process your information where we believe it is necessary to protect your vital interests or the vital interests of a third party, such as situations involving potential threats to the safety of any person.

If you are located in Canada, this section applies to you.

We may process your information if you have given us specific permission (i.e., express consent) to use your information for a specific purpose, or in situations where your permission can be inferred (i.e., implied consent). You can withdraw your consent at any time.

In some exceptional cases, we may be legally permitted under applicable law to process your information without your consent, including, for example:

  • For investigations and fraud detection and prevention
  • For business transactions provided certain conditions are met
  • If it is contained in a witness statement and the collection is necessary to assess, process, or settle an insurance claim
  • If we have reasonable grounds to believe an individual has been, is, or may be victim of financial abuse
  • If disclosure is required to comply with a subpoena, warrant, court order, or rules of the court relating to the production of records
  • If the information is publicly available and is specified by the regulations

When and with Whom Do We Share Your Information?

In Short: We may share information in specific situations described in this section.

We may need to share your information in the following situations:

  • Business Transfers. We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
  • When we use Plausible Analytics. We use Plausible Analytics, which processes anonymized website usage data. Plausible does not sell data or share it with third parties. You can learn more about Plausible's privacy practices at plausible.io/data-policy.

How Long Do We Keep Your Information?

In Short: We keep your information for as long as necessary to fulfill the purposes outlined in this Privacy Notice unless otherwise required by law.

We will only keep your information for as long as it is necessary for the purposes set out in this Privacy Notice, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements).

For Plausible Analytics data, aggregated statistics are retained for 24 months.

When we have no ongoing legitimate business need to process your information, we will either delete or anonymize such information, or, if this is not possible (for example, because your information has been stored in backup archives), then we will securely store your information and isolate it from any further processing until deletion is possible.

How Do We Keep Your Information Safe?

In Short: We aim to protect your information through a system of organizational and technical security measures.

We have implemented appropriate technical and organizational security measures designed to protect the security of any information we process. However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. Although we will do our best to protect your information, transmission of information to and from our Services is at your own risk. You should only access the Services within a secure environment.

Do We Collect Information from Minors?

In Short: We do not knowingly collect data from or market to children under 18 years of age.

We do not knowingly collect, solicit data from, or market to children under 18 years of age. By using the Services, you represent that you are at least 18 or that you are the parent or guardian of such a minor and consent to such minor dependent's use of the Services. If we learn that information from users less than 18 years of age has been collected, we will take reasonable measures to promptly delete such data from our records. If you become aware of any data we may have collected from children under age 18, please contact us at privacy@secureaiproject.org.

What Are Your Privacy Rights?

In Short: Depending on your state of residence in the US or in some regions, such as the European Economic Area (EEA), United Kingdom (UK), Switzerland, and Canada, you have rights that allow you greater access to and control over your information.

In some regions (like the EEA, UK, Switzerland, and Canada), you have certain rights under applicable data protection laws. These may include the right (i) to request access and obtain a copy of your information, (ii) to request rectification or erasure; (iii) to restrict the processing of your information; (iv) if applicable, to data portability; and (v) not to be subject to automated decision-making. In certain circumstances, you may also have the right to object to the processing of your information. You can make such a request by contacting us by using the contact details provided in the section 'How Can You Contact Us About This Notice?' below.

We will consider and act upon any request in accordance with applicable data protection laws.

If you are located in the EEA or UK and you believe we are unlawfully processing your information, you also have the right to complain to your Member State data protection authority or UK data protection authority.

If you are located in Switzerland, you may contact the Federal Data Protection and Information Commissioner.

Withdrawing your consent: If we are relying on your consent to process your information, you have the right to withdraw your consent at any time. You can withdraw your consent at any time by contacting us using the contact details provided in the section 'How Can You Contact Us About This Notice?' below.

However, please note that this will not affect the lawfulness of the processing before its withdrawal nor, when applicable law allows, will it affect the processing of your information conducted in reliance on lawful processing grounds other than consent.

If you have questions or comments about your privacy rights, you may email us at privacy@secureaiproject.org.

Controls for Do-Not-Track Features

Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track ('DNT') feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. At this stage, no uniform technology standard for recognizing and implementing DNT signals has been finalized.

Our analytics provider, Plausible Analytics, respects user privacy by design and does not track users across websites regardless of DNT signals. However, we do not currently respond to DNT browser signals on our own Services.

California law requires us to let you know how we respond to web browser DNT signals. Because there currently is not an industry or legal standard for recognizing or honoring DNT signals, we do not respond to them at this time.

Do United States Residents Have Specific Privacy Rights?

In Short: If you are a resident of California or certain other states, you may have specific rights regarding your information.

California Residents

California Civil Code Section 1798.83, also known as the 'Shine The Light' law, permits our users who are California residents to request and obtain from us, once a year and free of charge, information about categories of information (if any) we disclosed to third parties for direct marketing purposes and the names and addresses of all third parties with which we shared information in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please submit your request in writing to us using the contact details provided below.

The California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) provide California residents with specific rights regarding their information, including:

  • The right to know about information collected, used, and disclosed
  • The right to request deletion of information
  • The right to correct inaccurate information
  • The right to opt-out of the sale or sharing of information

Since we only collect anonymized analytics data through Plausible and do not collect personal information that identifies individuals, most of these rights may not apply to your use of our Services. However, we are committed to complying with all applicable privacy laws.

Other State Privacy Rights

Residents of Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Montana, New Hampshire, New Jersey, Oregon, Tennessee, Texas, Utah, and Virginia may also have similar rights under their state laws. As we do not collect personal information that identifies individuals, these rights may have limited applicability to your use of our Services.

Do We Make Updates to this Notice?

In Short: Yes, we will update this notice as necessary to stay compliant with relevant laws.

We may update this Privacy Notice from time to time. The updated version will be indicated by an updated 'Last updated' date at the top of this Privacy Notice. If we make material changes to this Privacy Notice, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this Privacy Notice frequently to be informed of how we are protecting your information.

How Can You Contact Us About this Notice?

If you have questions or comments about this notice, you may email us at privacy@secureaiproject.org or contact us by post at:

Secure AI Project
584 Castro Street #3160
San Francisco, CA 94114
United States

How Can You Review, Update, or Delete the Data We Collect From You?

As we do not collect personal information that identifies you individually through our website, there may be limited information for you to access, update, or delete. However, you have the right to request information about our data practices.

To request to review, update, or delete any information we may have about your use of our Services, please submit a request by emailing us at privacy@secureaiproject.org.