Privacy Policy

Last Updated: November 16, 2024

Pyr ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services, including our Smol sensor suite, Vera mobile application, and web platform (collectively, the "Services").

1. Information We Collect

1.1 Information You Provide Directly

Account Information: When you create an account, we collect your name, email address, organization name, and password (stored in hashed form).
Contact Information: When you submit inquiries through our contact forms or request information, we collect your name, email address, organization, and any information you choose to provide in your message.
Mobile Device Information: When you use the Vera mobile app, we collect your device token and platform identifier to send you push notifications about alerts.

1.2 Information Collected Automatically

IoT Device Data: Our Smol sensors collect and transmit temperature measurements, depth information, device identifiers, firmware versions, and operational status information.
Usage Information: We collect information about how you interact with our Services, including access times, device IP addresses, and API usage patterns.
Audit Logs: We maintain logs of firmware updates, device registration events, alert triggers, and system activities for security and operational purposes.

2. How We Use Your Information

We use the information we collect to:

Provide Our Services: Monitor almond hull storage conditions, detect potential fire risks, and send timely alerts to prevent spontaneous combustion incidents.
Improve Safety: Analyze sensor data to improve our detection algorithms and provide better early warning capabilities.
Account Management: Create and manage your account, authenticate your access, and provide customer support.
Communications: Send you important notifications about your devices, alerts, system updates, and respond to your inquiries.
Security and Compliance: Protect against unauthorized access, maintain data integrity, and comply with legal obligations.
Product Development: Improve our sensors, mobile applications, and platform based on usage patterns and feedback.

3. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

3.1 Service Providers

Push Notification Services: We use Expo Push API to deliver alert notifications to your mobile devices.
Cloud Infrastructure: We use cloud hosting providers to store and process data.
Database Services: We use SQL Server for secure data storage.

3.2 Within Your Organization

Data from your devices is shared with authorized users within your organization who have appropriate access permissions.

3.3 Legal Requirements

We may disclose your information if required by law, court order, or governmental regulation, or if we believe disclosure is necessary to:

Comply with legal obligations
Protect our rights, property, or safety
Prevent fraud or security issues
Respond to emergency situations

4. Data Security

We implement industry-standard security measures to protect your information:

Encryption: Data transmission uses TLS/SSL encryption. Passwords are hashed using industry-standard algorithms.
Authentication: We use JWT tokens for secure authentication with automatic expiration.
Device Security: IoT devices use RSA public key cryptography for signature verification.
Access Controls: Multi-tenant data isolation ensures your data is only accessible to authorized users in your organization.
API Security: Rate limiting and API key authentication protect against unauthorized access.
Monitoring: We maintain audit logs and monitor for suspicious activity.

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

5. Data Retention

We retain your information for as long as necessary to provide our Services and comply with legal obligations:

Account Data: Retained while your account is active and for a reasonable period thereafter for backup and legal purposes.
Sensor Data: Temperature and monitoring data is retained to enable historical analysis and trend identification.
Audit Logs: Security and operational logs are retained according to our data retention policies and legal requirements.
Contact Information: Information from contact forms is retained for business development and customer relationship purposes.

You may request deletion of your personal data by contacting us at the email address below.

6. Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information:

Access: Request access to the personal information we hold about you.
Correction: Request correction of inaccurate or incomplete information.
Deletion: Request deletion of your personal information, subject to legal retention requirements.
Data Portability: Request a copy of your data in a structured, machine-readable format.
Opt-Out: Unsubscribe from marketing communications or disable push notifications in your device settings.

To exercise these rights, please contact us using the information provided below.

7. Children's Privacy

Our Services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately.

8. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of material changes by:

Posting the updated policy on our website with a new "Last Updated" date
Sending notice to the email address associated with your account
Providing in-app notifications for significant changes

Your continued use of our Services after changes become effective constitutes acceptance of the updated Privacy Policy.

9. Third-Party Links and Services

Our Services may contain links to third-party websites or integrate with third-party services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing them with any information.

10. California Privacy Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

Right to know what personal information is collected, used, shared, or sold
Right to delete personal information held by businesses
Right to opt-out of sale of personal information (we do not sell personal information)
Right to non-discrimination for exercising CCPA rights

To exercise these rights, please contact us using the information below.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws different from those in your country. We take appropriate safeguards to ensure your information receives adequate protection.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: privacy@pyrtech.com

Address: Pyr, Central Valley, California

13. Consent

By using our Services, you consent to the collection, use, and sharing of your information as described in this Privacy Policy. If you do not agree with this Privacy Policy, please do not use our Services.