Privacy Policy

This Privacy Policy explains how Astro Smart Tech LLC, a California limited liability company doing business as SafeLab (“SafeLab,” “we,” “us,” or “our”), collects, uses, discloses, and otherwise processes personal information in connection with our website, services, communications, and related business activities.

This Privacy Policy applies to information collected through:

• our website at safelab.dev;
• our subscription-based managed services, including custom AI software development, agentic workflow automation, MCP server development, LLM fine-tuning, private AI deployment, AI consulting, and related professional services (collectively, the “Services”); and
• our business interactions with prospective customers, customers, vendors, and other individuals.

If you are a SafeLab customer, this Privacy Policy should be read together with our Terms of Service and any applicable order form, data processing addendum, or other written agreement.

1. Scope

This Privacy Policy describes how we process personal information:

• when you visit our website;
• when you contact us;
• when you subscribe to or use our Services;
• when we receive information from customers or third parties in connection with providing the Services; and
• when we engage in related business operations.

This Privacy Policy does not apply to:

• information processed solely on behalf of a customer where we act as a service provider, processor, or contractor under a separate agreement;
• third-party websites, products, or services that we do not control; or
• employment-related information of job applicants, employees, and contractors, except to the extent required by law.

2. Categories of Personal Information We Collect

Depending on how you interact with us, we may collect the following categories of personal information.

2.1 Identifiers and Contact Information

Examples:

• name
• email address
• phone number
• company name
• job title
• billing address
• account identifiers
• online identifiers
• IP address

2.2 Commercial Information

Examples:

• subscription details
• plan information
• transaction history
• invoice and payment-related records
• customer support history

2.3 Internet or Network Activity

Examples:

• browser type
• device information
• operating system
• referring URLs
• usage logs
• pages viewed
• clickstream data
• approximate location derived from IP address
• diagnostic information

2.4 Professional or Employment Information

Examples:

• employer
• role
• business contact details
• information you provide in the course of a business inquiry or subscription

2.5 Customer Content and Service Inputs

Examples:

• prompts
• files
• documents
• API-related configuration
• support messages
• testing targets
• credentials or access tokens
• system information
• communications you send to us in connection with the Services

2.6 Audio, Electronic, or Similar Communications

Examples:

• emails
• chat messages
• meeting notes
• call recordings or transcripts, where permitted by law

2.7 Inferences

Examples:

• preferences
• likely service interests
• account history
• support patterns
• high-level internal assessments about requested work or account activity

2.8 Sensitive Personal Information

We do not seek to collect sensitive personal information unless it is reasonably necessary for the Services or voluntarily provided by you. Depending on the circumstances, this may include:

• account credentials
• precise access information for systems
• the contents of files or materials you provide
• limited payment-related information handled through payment vendors

We do not use sensitive personal information to infer characteristics about individuals for marketing or profiling purposes.

3. Sources of Personal Information

We may collect personal information from the following sources:

• directly from you, such as when you submit a form, create an account, request services, communicate with us, or make a payment;
• automatically from your browser, device, and interactions with our website or Services;
• from your employer or organization, if they engage us or give you access to the Services;
• from service providers, vendors, and business partners;
• from analytics providers, payment processors, cloud providers, model providers, and infrastructure providers;
• from public sources, such as company websites, professional profiles, and public records; and
• from customers when they provide information to us in connection with a project or support request.

4. How We Use Personal Information

We may use personal information for the following purposes:

4.1 To Provide and Operate the Services

Including to:

• create and administer accounts;
• manage subscriptions;
• provide Deliverables;
• perform AI software development, agentic workflow automation, MCP server development, deployment support, monitoring, and related work;
• maintain records; and
• provide customer support.

4.2 To Communicate with You

Including to:

• respond to inquiries;
• send service-related messages;
• send invoices, receipts, updates, and notices;
• schedule meetings; and
• provide technical or account support.

4.3 To Improve and Secure Our Business Operations

Including to:

• monitor performance;
• troubleshoot errors;
• detect abuse, fraud, security incidents, or misuse;
• audit interactions;
• maintain backups and logs; and
• improve usability, workflows, and internal operations.

4.4 For Legal, Compliance, and Risk Management Purposes

Including to:

• enforce our agreements;
• protect our rights or the rights of others;
• investigate incidents;
• comply with legal obligations; and
• respond to lawful requests from public authorities.

4.5 For Limited Marketing and Business Development

Including to:

• send business-related updates or promotional communications where permitted by law;
• measure campaign performance; and
• understand interest in our Services.

You may opt out of marketing emails by using the unsubscribe link or contacting us.

4.6 As Otherwise Disclosed

We may use personal information for any other purpose disclosed to you at the time of collection or with your consent.

5. How We Disclose Personal Information

We may disclose personal information to the following categories of recipients:

5.1 Service Providers, Contractors, and Vendors

We may disclose personal information to vendors that help us operate our business and provide the Services, such as:

• hosting providers
• cloud providers
• payment processors
• analytics vendors
• communication tools
• customer support tools
• identity and security vendors
• collaboration platforms
• model or AI infrastructure providers
• professional advisors

5.2 Customers and Authorized Users

If you interact with us on behalf of a customer, we may disclose information to that customer and its authorized users as necessary to provide the Services.

5.3 Professional Advisors and Corporate Transaction Counterparties

We may disclose information to our lawyers, accountants, auditors, insurers, financing sources, and parties involved in an actual or proposed merger, financing, acquisition, restructuring, or sale of assets.

5.4 Government, Law Enforcement, and Others

We may disclose information if required to do so by law, subpoena, court order, legal process, or governmental request, or if we reasonably believe disclosure is necessary to protect rights, safety, property, or legal compliance.

5.5 With Your Direction or Consent

We may disclose information when you instruct us to do so or otherwise consent.

6. Sale, Sharing, and Targeted Advertising

We do not sell personal information for money.

We do not believe we “sell” or “share” personal information as those terms are defined under California law for cross-context behavioral advertising, but this may depend on how our website tools and analytics are configured over time. If our practices change, we will update this Privacy Policy and any required notices.

If we ever engage in activity that constitutes “sale” or “sharing” under applicable law, we will provide any legally required rights mechanisms and disclosures.

7. Cookies and Similar Technologies

We and our vendors may use cookies, pixels, local storage, session replay tools, and similar technologies to:

• operate the website;
• remember preferences;
• understand usage;
• improve performance;
• diagnose issues; and
• support analytics, security, and communications.

You can manage cookies through your browser settings. Some browser-based privacy controls, including Global Privacy Control signals, may be recognized where required by law.

8. Data Retention

We retain personal information for as long as reasonably necessary for the purposes described in this Privacy Policy, including to:

• provide the Services;
• maintain business and tax records;
• comply with legal obligations;
• resolve disputes;
• enforce agreements; and
• detect or prevent fraud or abuse.

Retention periods vary depending on the nature of the information, the sensitivity of the data, our legal obligations, and operational needs.

9. Data Security

We use commercially reasonable administrative, technical, and organizational measures designed to protect personal information against unauthorized access, use, alteration, or disclosure. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

10. International Data Transfers

We may process and store personal information in the United States and other locations where we or our service providers operate. By using the Services or providing information to us, you understand that your personal information may be transferred to and processed in jurisdictions that may not provide the same level of protection as your home jurisdiction.

11. Your Privacy Rights

Depending on where you live and subject to legal exceptions, you may have rights regarding your personal information. These may include the right to:

• know the categories of personal information we collect, use, disclose, sell, or share;
• request access to specific pieces of personal information;
• request correction of inaccurate personal information;
• request deletion of personal information;
• opt out of sale or sharing, where applicable;
• limit certain uses of sensitive personal information, where applicable; and
• not receive discriminatory treatment for exercising privacy rights.

11.1 How to Exercise Rights

To exercise applicable privacy rights, contact us at:

Email: privacy@safelab.dev or info@safelab.dev
Mail: Astro Smart Tech LLC (DBA SafeLab), 200 Spectrum Center Dr, Ste 300, Irvine, CA 92618

Please describe your request with enough detail for us to evaluate and respond.

11.2 Verification

We may need to verify your identity before processing a request. The verification steps we use will depend on the sensitivity of the request and the nature of the information at issue.

11.3 Authorized Agents

If permitted by law, you may designate an authorized agent to submit certain requests on your behalf. We may require proof of authorization and may also require you to verify your identity directly with us.

11.4 Non-Discrimination

We will not discriminate against you for exercising privacy rights available under applicable law.

12. California Notice at Collection

We collect the categories of personal information listed in Section 2 for the business and commercial purposes described in Section 4.

We do not knowingly collect or use sensitive personal information for purposes other than those reasonably necessary to provide the Services, protect security, maintain our operations, comply with law, and perform other permitted purposes.

13. Minors

Our Services are intended for business use and are not directed to children under 18. We do not knowingly collect personal information directly from children under 13. If you believe a child has provided us with personal information, contact us and we will take appropriate steps.

14. Third-Party Sites and Services

Our website or communications may contain links to third-party websites, tools, or services. We are not responsible for the privacy practices of third parties, and this Privacy Policy does not apply to them.

15. Customer Projects and Processor/Service Provider Role

In some cases, we receive or access personal information on behalf of customers in connection with providing the Services. In those cases:

• the customer may be the party responsible for deciding why and how the data is processed;
• we may act as a processor, service provider, or contractor;
• our handling of that information may be governed by a separate agreement with the customer; and
• individuals should direct project-specific privacy requests to the relevant customer in the first instance, unless law requires otherwise.

We do not intentionally use customer confidential information or project data to train public or shared foundation models without express written authorization.

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will post the updated version here and revise the “Last Updated” date. Where required by law, we will also provide additional notice.

17. Contact Us

If you have questions or requests relating to this Privacy Policy, contact us at:

Astro Smart Tech LLC (DBA SafeLab)
200 Spectrum Center Dr, Ste 300
Irvine, CA 92618
info@safelab.dev
privacy@safelab.dev