Built around controlled access, traceability, and customer-governed use.
This page explains how Bayani.ai may collect, use, store, and protect personal data when people visit the website, contact us, create accounts, use the platform, or interact with connected services we operate for customer deployments.
Bayani.ai is designed for organization-scoped AI operations, which means privacy decisions often depend on customer configuration, deployment scope, and enterprise agreements. This public page provides the general policy baseline. Customer-specific data handling may also be governed by contract, implementation documents, and applicable law.
Only use personal data where it serves a legitimate platform, support, security, or delivery purpose.
Some customer environments may make the customer the primary controller of platform data, with Bayani.ai acting in a service-provider role.
What this policy covers.
This policy describes how Bayani.ai may process personal data across the public website, customer onboarding, account access, support, operational security, and hosted platform use.
This policy applies to personal data that Bayani.ai collects directly from users, receives from customer organizations, or generates through routine operation of the service such as account events, audit records, and support communications.
Where a customer uses Bayani.ai for its own workforce, users, or business processes, the customer may determine the purpose and scope of that processing. In those cases, additional contractual or deployment-specific terms may also apply.
- > Public site use may involve contact, analytics, and communications data.
- > Platform use may involve account, tenant, usage, security, and workflow-related data.
The types of personal data depend on how the service is used.
Bayani.ai collects only the categories of information needed to provide, secure, improve, and support the service within the relevant customer or public-site context.
This may include identity and contact data such as name, email address, organization, role, and account credentials or linked sign-in methods.
It may also include operational data such as login events, password reset activity, device or session metadata, tenant membership, API token activity, usage records, audit logs, support requests, and customer configuration details.
Where customers upload content or connect external systems, the data made available through those workflows depends on the customer's chosen configuration and authorized use case.
- > We do not ask for unnecessary data outside the needs of platform delivery, security, support, or customer-approved workflows.
- > Customers remain responsible for deciding what business data and personal data they submit to the platform.
Personal data is used to operate the platform, maintain security, and support delivery.
Bayani.ai uses personal data to provide account access, manage tenant membership, operate AI workflows, enforce usage and security controls, respond to support requests, and maintain service reliability.
We may use data to authenticate users, manage sessions, route organization-specific access, provision services, monitor quotas, investigate misuse, and maintain auditability across the platform.
We may also use data to communicate about onboarding, support, account recovery, service changes, billing-related issues, or other legitimate business and operational matters tied to the service.
Where appropriate, we may use de-identified, aggregated, or operationally necessary information to improve platform reliability, performance, workflow quality, and security posture.
- > We do not treat AI output as a free-for-all reuse pool for unrelated external purposes.
- > We do not claim this page replaces contractual data processing terms where those are required for a customer deployment.
Data protection depends on layered controls, but no system is risk-free.
Bayani.ai uses administrative, technical, and organizational safeguards appropriate to its platform model, including controlled access, tenant scoping, authentication controls, and auditability. Even so, no platform can guarantee absolute security.
We retain personal data only for as long as necessary for the purposes described in this policy, for customer service continuity, for security and audit needs, for legal compliance, or for other legitimate operational reasons tied to the service.
Retention periods may vary depending on the type of data involved, customer configuration, account status, contractual obligations, support needs, and applicable law.
Customers using the platform remain responsible for their own internal governance, including lawful retention, deletion, review, and approval policies for the data and workflows they choose to operate through Bayani.ai.
- > Security controls reduce risk but do not make any internet-connected system immune to incident or misuse.
- > Audit and usage records may be retained longer where needed for accountability, platform defense, or compliance support.
Access, correction, and deletion requests may depend on context.
People may have privacy rights under applicable law, but the correct path for exercising those rights can depend on whether Bayani.ai is acting for itself or as part of a customer-controlled deployment.
If you interact directly with Bayani.ai through the public site or your own Bayani.ai account, you may contact us regarding access, correction, or other privacy-related requests subject to verification, technical feasibility, legal requirements, and the nature of the data involved.
If your personal data is processed through a customer organization's use of Bayani.ai, that organization may be the appropriate first point of contact because it may control the relevant account, workflow, or business purpose.
We may need to retain certain records despite a request where doing so is necessary for security, fraud prevention, dispute handling, contractual obligations, or legal compliance.
- > Account and tenant context matters when determining who can authorize changes or deletions.
- > Requests may require verification before Bayani.ai discloses, updates, or removes data.
Data may move across systems and this policy may evolve.
Bayani.ai may use infrastructure, vendors, and cloud services that process data across jurisdictions, depending on the applicable deployment model and customer-approved configuration.
By using the service, you understand that personal data may be processed in locations where Bayani.ai, its providers, or its approved service infrastructure operate, subject to applicable contractual, technical, and legal safeguards where relevant.
We may update this Privacy Policy from time to time to reflect changes in the platform, legal requirements, provider relationships, or operating practices. When we do, we will post the revised version with an updated effective date.
- > Check this page periodically if you need the current public version.
- > Enterprise customers may also receive privacy terms through contract where a public policy alone is not sufficient.
Questions should be raised before sensitive or production use.
If you have questions about this policy, customer-specific processing, or privacy expectations for a planned deployment, contact Bayani.ai before launching the relevant workflow or integration.
General privacy inquiries may be sent to contact@bayani.ai.
If your organization requires additional privacy, data processing, security, or compliance documentation, that should be addressed during the relevant customer engagement.
- > Contact: contact@bayani.ai
- > Recommended practice: align privacy review with legal, security, and implementation planning before production rollout.
Bring your data flows, systems, and governance model.
If your organization needs customer-specific privacy terms, data processing clarifications, or implementation review, contact Bayani.ai before connecting live systems or regulated workflows.