Terms and Conditions

Last Updated: February 17, 2025

Introduction

Welcome to the allumni Platform. Please read these Terms and Conditions ("Terms") carefully before using the allumni Platform and our Services.

These Terms and Conditions constitute a legally binding agreement made between you ("You" or "Your") and Emblem Consulting DMCC ("Company," "We," "Us," or "Our"), concerning your access to and use of the allumni Platform and related Services, Software and Documentation.

1. Interpretation and Definitions

1.1 Interpretation

The interpretation provisions set out in the SaaS Agreement (as defined below) shall apply to these Terms.

1.2 Definitions

The words of which the initial letter is capitalised have the meanings defined in the SaaS Agreement. Capitalised words which are not defined in the SaaS Agreement are defined as follows:

"Account" means a unique account created for You to access our allumni Platform and Services.

"Affiliate" means an entity that controls, is controlled by or is under common control with a party, where "control" means ownership of 50% or more of the shares, equity interest or other securities entitled to vote for election of directors or other managing authority.

"Country" refers to: United Arab Emirates

"Derived Data" means the data, insights, responses, or outputs generated by the allumni Platform using Customer Material.

"Enterprise Account" means a business account created by an organisation for the purpose of using the Service for business operations.

"LLM" means Large Language Model.

"SaaS Agreement" means the SaaS Agreement entered into between You and the Company in relation to the allumni Platform.

2. Acknowledgment and Eligibility

By accessing or using the allumni Platform, You agree to be bound by these Terms, which are incorporated to and form part of the SaaS Agreement. If You disagree with any part of these Terms, You may not access the allumni Platform or use the Services.

3. Data Rights and Protection

3.1 Customer Material Ownership

The rights and obligations relating to the Customer Materials is detailed in the SaaS Agreement. Without prejudice to the terms of the SaaS Agreement, We further explicitly commit not to share, disclose, or otherwise make available Customer Material or any generated content, including responses received from the allumni Platform, to any other user or third party, including the Company itself, except as required to provide access to the Services to You, or by applicable law. We acknowledge that:

3.1.1 We acquire no ownership rights in Customer Material

3.1.2 We will not use the Customer Material for any purpose other than providing You with the Services.

3.1.3 We will not disclose, sell, assign, lease, or otherwise make any Customer Material available to third parties, except as strictly necessary to process and analyse the information for providing the Services to You. Such processing may include:

(a) Analysing Customer Material through our secure systems

(b) Processing queries against the Customer Material

Any third-party processors engaged by Us for these purposes will be bound by strict confidentiality obligations and data protection requirements at least as protective as those in these Terms.

3.1.4 The allumni Platform uses third party APIs to access LLMs to provide the Services to You. Specifically:

(a) We do not train, fine-tune, or create any AI models using the Customer Material;

(b) We carefully select third-party LLM providers that have explicit policies against training their models on customer data;

(d) We maintain strict data handling protocols to ensure the Customer Material is processed securely;

(e) Each third-party LLM provider's relevant data policies and certifications are detailed in Appendix A of these Terms.

3.1.5 e) Any processing of Customer Material will occur solely within Your dedicated, secure environment and will be used exclusively to provide the Service functionality You have requested

3.2 Derived Data

3.3 When using or accessing the allumni Platform and Services, you must not provide with Customer Material or any input (including any personal data (as defined by applicable law) contained in such Customer Material or input), which violate, misappropriate, or infringe the rights of any third party, applicable law, the SaaS Agreement, including without limitation these Terms.

3.4 Subject to the use restrictions set forth in the SaaS Agreement and to the extent permitted by applicable law, as between You and Us, You own the Derived Data generated from Your use of the allumni Platform, provided that such ownership is subject to our third-party licensors' IPRs and any IPRs We retain in pursuant to the SaaS Agreement.

3.4.1 To the extent that Derived Data includes any of Our IPRs or derivatives of Our IPRs, or that of Our third-party licensors, You are granted a limited, non-exclusive, worldwide, royalty-free license to use such portions of the Derived Data. This license does not transfer ownership of Our or Our third party licensors' IPRs to You and Your use of such IPRs remains subject to the restrictions and limitations set forth in the SaaS Agreement.

3.4.2 You acknowledge that, due to the nature of the allumni Platforms, other users may receive output that is similar or identical to the Derived Data generated for You, provided that such Outputs will not be created with the use of Your Customer Material.

3.4.3 You may not use our IPRs or our third-party providers' IPRs to train or develop any artificial intelligence or machine learning algorithms or software, or create any derivative works, compilations or collective works or in any manner or for any purpose that infringes, misappropriates, or otherwise violates any IPRs or other right of the Company or any person, or that violates any applicable law.

3.4.4 We maintain the right to use anonymised, aggregated usage statistics solely for the purpose of improving the allumni Platform performance and functionality, provided such usage does not reveal any Customer Material or confidential information.

3.5 Data Security

We implement and maintain appropriate technical and organisational security measures to protect Customer Material, including:

3.5.1 Encryption of Customer Material in transit and at rest

3.5.2 Secure, isolated database environments for each Enterprise Account

3.5.3 Regular security audits and penetration testing

3.5.4 Access controls and authentication mechanisms

3.5.5 Continuous monitoring and threat detection

3.6 Non-Disclosure

We affirm that all user-generated content, including but not limited to queries, responses, and Derived Data accessed through the allumni Platform will not be shared, published, or disclosed to any other user or third party. This commitment aligns with our privacy standards and ensures that each user's interactions with the allumni Platform remain private and confidential.

3.7 User Privacy and Content Security

We prioritise Your privacy and the security of Your content. All data interactions through the allumni Platform are encrypted and protected by industry-standard security measures. We do not retain, share, or utilise Your content for any purpose beyond providing the Services, ensuring compliance with applicable privacy laws.

3.8 Third Party Data Handling

3.8.1 The allumni Platform utilises third party services to enhance platform functionality and user experience. Each third party service provider has its own data protection and privacy policies that govern the handling of user data.

3.8.2 By using the allumni Platform, you consent to the storage and processing of your data by the third party services detailed in Appendix A, which may be amended by the Company from time to time.

4. Data Processing and Storage

4.1 Location of Data Processing

All Customer Material will either be processed and stored in secure data centres located in the United Arab Emirates or will be exported and stored in accordance with the applicable laws in the United Arab Emirates and recipient country. In all cases, all Customer Material will be processed and stored with strict access controls to prevent that data and generated content from being shared with or becoming accessible by unauthorised entities through the allumni Platform.

4.2 Data Retention and Deletion

Upon termination of Your subscription or upon Your written request:

4.2.1 We will promptly return all Customer Material in a standard, machine-readable format.

4.2.2 We will delete all Customer Material from our systems within 30 days.

4.2.3 We will provide written certification of deletion upon request.

4.2.4 We will retain only the minimum Customer Material required by law, with appropriate security measures.

4.3 Third Party Storage

Customer Material that is made available to the third party providers listed in Appendix A may be exported and stored outside the United Arab Emirates and will be subject to the data protection regulations in the recipient country.

5. Maintenance

5.1 Service Availability

We commit to maintaining access to the allumni Platform 99.9% during each calendar month, subject to the terms of the SaaS Agreement and excluding scheduled maintenance windows. Scheduled maintenance will be communicated at least 48 hours in advance.

5.2 Security Incidents

We will notify You within 24 hours of discovering any Security Incident affecting Your Customer Material. "Security Incident" means any unauthorised access, use, disclosure, or loss of Customer Material.

5.3 Contact Information

For questions about these Terms, the allumni Platform or Services, contact Us at:

Email: help@allumni.ai

Address: Emblem Consulting DMCC

Indigo Icon Tower Suite 2204

Jumeirah Lake Towers, Dubai

PO Box 390306

United Arab Emirates

Appendix A: Third-Party Policies and Data Policies

A.1 Overview

We carefully select third-party LLM providers based on their security standards, data handling practices, and explicit commitments regarding customer data protection.

A.2 Current LLM Providers

A.2.1 OpenAI (ChatGPT API)

- Data Usage Policy: OpenAI's API does not use customer data to train or improve their models

- Data Retention: API requests are retained for abuse and monitoring purposes only, for a maximum of 30 days

- Security Certifications: SOC 2 Type 2 certified

- API Data Protection: All data is encrypted in transit and at rest

- Reference: https://platform.openai.com/docs/api-reference/authentication

A.2.2 Anthropic (Claude API)

- Data Usage Policy: Does not train on API customers' data

- Data Privacy: Strict controls preventing API inputs from being used for model training

- Security Standards: Enterprise-grade security protocols

- API Data Protection: End-to-end encryption for all API communications

- Reference: https://www.anthropic.com/legal/privacy-policy

A.3 Other Third Party Providers

A.3.1 Clerk

- Implemented as a user management platform.

- allumni Platform stores user's first name, last name, and email.

- Reference:

- Clerk Terms of Use https://clerk.com/legal/terms

- Clerk Privacy Policy https://clerk.com/legal/privacy

A.3.2 Weaviate

- Used as an AI-native vector database.

- allumni Platform stores user's submitted information including company websites URLs, documents, prompt conversations, rules, brands, and brand descriptions.

- Reference:

- Weaviate Cloud Agreement https://weaviate.io/service/weaviate-cloud-agreement

- Weaviate Enterprise Agreement US https://weaviate.io/service/weaviate-enterprise-agreement-us

- Weaviate Enterprise Agreement non-US https://weaviate.io/service/weaviate-enterprise-agreement-nonus

- Weaviate Service Level Agreement https://weaviate.io/sla

- Weaviate Data Processing Agreement https://weaviate.io/dpa

- Weaviate Data Subprocessors https://weaviate.io/subprocessors

- Weaviate Support Terms https://weaviate.io/weaviate-support-terms

- Weaviate End of Life Policy https://weaviate.io/weaviate-eol-policy

- Weaviate Cookie Policy https://weaviate.io/cookie-policy

- Weaviate Privacy Policy https://weaviate.io/privacy

- Update to Terms & Policies https://weaviate.io/service/updates-to-terms-and-policies

A.3.3 Vercel

- Utilised as a cloud platform to deploy and host allumni Platform web services.

- allumni Platform stores user IP addresses on Vercel.

- Reference:

- Vercel Terms of Service https://vercel.com/legal/terms

- Vercel Privacy Policy https://vercel.com/legal/privacy-policy

A.3.4 AWS (Amazon Web Services)

- S3 storage service is used to host user-submitted files that are saved as datasets on the allumni Platform.

- The storing of such datasets is governed by AWS's security protocols applicable to the AWS region in the Republic of Ireland.

- Reference:

- AWS Privacy Notice https://aws.amazon.com/privacy/

- AWS Site Terms https://aws.amazon.com/terms/

A.3.5 OneSignal

- Utilised to send emails to users regarding dataset sources that users have added to their allumni Platform account. As part of this process, We handle the following user data:

- User email

- User name

- Dataset source name (voluntarily submitted by the user upon uploading the source to their account dataset)

- Reference:

- OneSignal Privacy Policy https://onesignal.com/privacy_policy

- OneSignal Terms of Service https://onesignal.com/tos

A.4 Third Party Provider Updates

We will notify You of any material changes to the third party providers that we use by updating this Appendix and providing you with notice of such changes. We emphasise that the third party providers are responsible for their own policies and reserve the discretion to amend these from time to time, and do not assume responsibility of their policies or any changes thereto.

You can opt out of specific providers through Your account settings.

A.5 Data Processing Safeguards

For all LLM provider interactions:

- Data is processed only within Your secure environment

- No persistent storage of queries or responses on provider systems

- Regular audits of provider compliance with stated policies

- Monitoring of all API interactions for security purposes

A.6 Compliance and Certifications

Our LLM providers maintain various security certifications and compliance standards, including:

- SOC 2 Type 2

- ISO 27001

- GDPR compliance (for EU data processing)

- Regional data protection regulations as applicable