Privacy Policy
Last updated April 17, 2026
1. Introduction
This Privacy Policy (“Policy”) describes how UNEEDCOMMS US, Inc. (“Company,” “we,” “us,” or “our”) collects, uses, stores, and protects your personal information when you access or use the website, software, application, and related functionality located at https://decageo.ai and operated by the Company (collectively, the “Services”). By using the Services, you agree to the practices described in this Policy. This Policy is incorporated into our Terms of Service.
“Personal Information” means any information that identifies, relates to, describes, or could reasonably be linked to a particular individual or household, as defined under applicable U.S. privacy laws.
2. Information We Collect
We collect only what is reasonably necessary to provide and improve the Services.
2.1 Information You Provide Directly
| Category | Data Elements | Required / Optional | Source |
|---|---|---|---|
| OAuth Profile | Email address, display name, profile picture | Required | Auth0 |
| Support Conversations | Conversation content, name, email | When user initiates | Intercom widget |
| Feedback Submissions | Inquiry type (General Inquiry / Suggestion / Bug Report), name, email, message | Required on form submission | Tally (Contact menu) |
| Chart Requests | Name, business email, industry, category, target country, AI platform preferences | Required on form submission (target country and AI platform optional) | In-app form |
2.2 Information Collected Automatically
| Category | Data Elements | Technology |
|---|---|---|
| Technical Data | IP address, browser type/version, OS, device identifiers, screen resolution | Server logs |
| Usage Data | Pages visited, dashboard interactions, category/brand views, filter selections, session duration, clickstream, referring URLs | Application logs |
| Location Data | Approximate geographic location, country code (from IP) | IP geolocation |
| GA4 Event Data | Page views, button clicks, feature usage (category selections, brand interactions, filter usage, chart request submissions), traffic sources, user flow | GTM / GA4 |
| Clarity Data | Session recordings, heatmaps, click/scroll behavior, mouse movements | Microsoft Clarity |
2.3 Information We Do NOT Collect
- Sensitive personal information (race, religion, health, biometric, sexual orientation)
- Financial or payment card information
- Precise geolocation (GPS)
- Personal information from children (see Section 9)
- Social Security numbers or government-issued identifiers
3. How and Why We Use Your Information
| Purpose | Data Categories | Justification |
|---|---|---|
| Account authentication and provision of the Services | OAuth Profile | Necessary for the service |
| Displaying ranking dashboards and analytics | OAuth Profile, Usage | Necessary for the service |
| Service-related communications (policy updates, security notices, product announcements) | OAuth Profile | Necessary for the service |
| Marketing and promotional communications | OAuth Profile | Consent (opt-out available) |
| Website and product analytics (GTM/GA4) | Technical, Usage, Location, GA4 Events | Business interest in improvement |
| User behavior analysis and UX improvement (Clarity) | Technical, Usage, Clarity | Business interest in improvement |
| Processing chart requests and service expansion | Chart Requests | Necessary for the service |
| Customer support and issue resolution | OAuth Profile, Support Conversations, Feedback Submissions | Business interest in service |
| Security and fraud prevention | Technical, Usage | Business interest in integrity |
| Compliance with legal obligations | All categories as required | Legal obligation |
Marketing Opt-Out:You can unsubscribe from marketing emails at any time via the “Unsubscribe” link or by emailing support@decageo.ai. Transactional and service-related messages will continue.
Automated Decision-Making: We do not engage in automated decision-making or profiling that produces legal or similarly significant effects on individuals.
4. Cookies and Tracking Technologies
4.1 Technologies Used
We use Google Tag Manager (GTM) for tag management, Google Analytics 4 (GA4) for website analytics, and Microsoft Clarity for behavior analytics. We do not use advertising cookies, retargeting pixels, or cross-site tracking technologies.
4.2 Session Recordings
Microsoft Clarity may record interactions with the Services, including mouse movements, clicks, and scroll behavior. Clarity recordings do notcapture text typed into password fields, payment information, or data masked by Clarity's privacy controls.
4.3 Managing Cookies
You can refuse or delete cookies through your browser settings. For Google Analytics, install the Google Analytics Opt-out Browser Add-on. Blocking cookies may affect functionality of the Services.
4.4 Do Not Track (DNT)
The Services do not respond to “Do Not Track” browser signals, as there is no accepted industry standard for interpreting such signals. We will reassess our position if the applicable legal landscape changes.
5. Third-Party Service Providers
We do not sell or rent your personal information. We share personal information only with service providers who process data on our behalf.
5.1 Current Providers
| Provider | Location | Data Shared | Purpose | Privacy Policy |
|---|---|---|---|---|
| Auth0 (by Okta) | USA | Email, name, profile picture, authentication tokens, login metadata | Authentication and identity management | Auth0 Privacy |
| Google Analytics (GA4) | USA | IP (anonymized), device info, usage | Website analytics | GA Terms |
| Google Tag Manager | USA | Event data routing | Tag management | GTM Policy |
| Microsoft Clarity | USA | Session recordings, heatmaps, click data | Behavior analytics | Microsoft Privacy |
| Amazon Web Services | USA / Global | All service data (encrypted) | Hosting, CDN, database | AWS Privacy |
| Loops | USA | Email, name, preferences | Email communications | Loops Privacy |
| Intercom | USA | Name, email, support conversations | Customer support | Intercom Privacy |
| Tally | EU | User-submitted feedback | Feedback forms | Tally Privacy |
All providers are bound by agreements requiring data protection, purpose limitation, and breach notification. This list is illustrative of current providers and may change; please refer to each provider's privacy policy for the most up-to-date information. This table will be updated when providers change.
5.2 Other Disclosures
We may also disclose personal information when:
- Required by Law: In response to valid legal process (subpoena, court order, government request).
- Business Transfers: In connection with a merger, acquisition, or sale of assets.
- Protection of Rights: To protect the rights, property, or safety of the Company, users, or the public.
5.3 Third-Party Links
The Services may contain links to third-party websites. We are not responsible for their privacy practices.
6. Data Retention
| Data Category | Retention Period | Disposal Method |
|---|---|---|
| Active account data | Duration of account | Active systems |
| After deletion request | 30 days | Secure deletion / anonymization |
| Email communication records | 3 years | Secure deletion |
| Support conversations (Intercom) | 3 years | Secure deletion |
| Chart request data | Duration of account; 3 years from submission if no account | Secure deletion |
| Backup data | Up to 90 days post-deletion | Secure deletion |
| GA4 analytics data | 14 months (GA4 default) | Auto-deletion by Google |
| Clarity session data | 13 months (Clarity default) | Auto-deletion by Microsoft |
| Usage/access logs | 12 months from last activity | Secure deletion / anonymization |
| Legal compliance records | 5–7 years per applicable law | Secure deletion |
When personal information is no longer needed, we securely delete or irreversibly anonymize it. If immediate deletion is not feasible (e.g., backup archives), we isolate the information and delete it as soon as technically practicable.
7. Data Security
We implement reasonable industry-standard safeguards including:
- Encryption in transit (TLS/SSL) and at rest
- Role-based access controls with regular reviews
- Security monitoring and assessments
- OAuth 2.0 authentication via Auth0 (by Okta)
- Security-certified cloud infrastructure (AWS)
No method of transmission or storage is 100% secure. In the event of a data breach, we will notify affected users and applicable authorities as required by law.
8. Your Privacy Rights
8.1 Rights Available to All Users
You may request to access, correct, delete, restrict, or port your personal information by contacting support@decageo.ai. We will verify your identity and respond within the applicable legal timeline.
8.2 US State Privacy Law Rights (CCPA/CPRA)
If you reside in a U.S. state with a comprehensive consumer privacy statute:
- Right to Know / Access. You may request disclosure of the categories and specific pieces of personal information we have collected, the sources, business purposes, and third parties shared with.
- Right to Opt-Out of Sale or Sharing. We do not sell personal information and do not share personal information for cross-context behavioral advertising.
- Right to Non-Discrimination. We will not discriminate against you for exercising your privacy rights.
- Right to Limit Sensitive Personal Information. We do not collect sensitive personal information as defined under the CPRA.
- Response Timeline. We will acknowledge your request within 10 business days and respond substantively within 45 calendar days. We may extend by 45 additional days with prior written notice.
- Authorized Agents. You may designate an authorized agent with proof of authorization.
- Right to Appeal. If we deny your request, you may appeal by emailing support@decageo.aiwith subject “Privacy Request Appeal” within 60 days. We will respond within 60 days. If denied, we will provide information on filing a complaint with your state's regulatory authority.
8.3 Users in Other Jurisdictions
If you access the Services from outside the United States, your personal information will be transferred to and processed in the United States. We handle all requests in accordance with the highest applicable standard. Contact support@decageo.ai to exercise your rights.
9. Children's Privacy
The Services are intended for users aged 18 years or older. We do not knowingly collect personal information from anyone under 18. If we learn that personal information has been collected from a child without appropriate consent, we will promptly delete it. Contact support@decageo.ai if you believe we may have collected information from a child.
10. Changes to This Policy
We may update this Policy from time to time. We will provide at least seven (7) days' notice for general changes and at least thirty (30) days' notice for material changes, via email or in-app notice. Your continued use after the effective date constitutes acceptance. Previous versions are archived upon request.
11. Contact Information
If you have questions about this Privacy Policy or wish to exercise your data rights:
- Privacy Team: support@decageo.ai
