Skip to content

Privacy Policy

How TachyonShift and UnifAI collect, use, share, and protect information across our websites, managed services, and enterprise AI platform.

Effective Date: May 19, 2026

Last Updated: May 19, 2026

Table of Contents

1. Who We Are and Scope

TachyonShift LLC ("TachyonShift," "we," "us," or "our") provides AI-native cloud operations, managed infrastructure services, and the UnifAI platform. This Privacy Policy explains how we handle personal information when you:

  • Visit TachyonShift or UnifAI websites and landing pages
  • Request demos, support, proposals, or investor materials
  • Use our customer portal, dashboards, APIs, and managed services
  • Use UnifAI agent workflows, model orchestration, and related governance features
  • Communicate with us by email, phone, chat, events, or social channels

This Policy does not apply to third-party services, customer-managed environments, or websites we do not own or operate, even if they link to our services.

2. Roles: Controller vs Processor

Our role depends on the context:

  • Controller: For account registration, billing, sales communications, website analytics, and direct support interactions.
  • Processor/Service Provider: For customer data processed in managed infrastructure services, UnifAI workflows, or other contracted services where we process data on customer instructions.

Where we act as a processor, the applicable Master Services Agreement, Data Processing Addendum, and customer instructions govern data handling precedence.

3. Information We Collect

3.1 Information You Provide

  • Identity and contact data, such as name, business email, phone, and company
  • Account and workspace setup information, including role, organization, and access preferences
  • Commercial data, including contracts, invoices, and payment-related records
  • Support content, including ticket details, attachments, and troubleshooting context
  • Demo, onboarding, and implementation inputs you choose to submit

3.2 Information Collected Automatically

  • Log and telemetry data (IP address, browser/device metadata, timestamps, request and error logs)
  • Session and usage events (feature use, navigation patterns, configuration actions, API calls)
  • Security and audit data (authentication events, role changes, policy actions, incident traces)
  • Cookie and similar technology data (see Section 6)

3.3 Information from Other Sources

  • Identity providers and SSO systems used for enterprise access
  • Cloud, security, and observability partners integrated by the customer
  • Public or third-party business data providers for lead qualification and fraud prevention

4. How We Use Information

  • Provide, operate, secure, and improve our websites, services, and platform features
  • Provision accounts, authenticate users, and enforce role-based access controls
  • Run managed services, fulfill contractual obligations, and provide technical support
  • Monitor reliability, performance, cost controls, and anomaly detection
  • Communicate operational notices, release updates, and service-impacting changes
  • Send sales and marketing communications, subject to applicable consent and opt-out requirements
  • Detect fraud, abuse, security incidents, and policy violations
  • Comply with legal obligations and enforce contractual rights

5. AI and UnifAI Data Practices

5.1 Enterprise AI Governance by Design

  • UnifAI is designed for model-agnostic orchestration with governed workflows and audit trails.
  • Access is controlled through account permissions, role boundaries, and customer-defined policies.
  • We maintain technical and organizational controls intended to reduce cross-tenant access risk.
  • We log administrative and workflow events to support security operations, compliance, and forensics.

5.2 Model Inputs, Outputs, and Training Position

Customer prompts, files, outputs, and workflow artifacts ("Customer Content") are processed to provide contracted services. Unless expressly authorized in writing by the customer, TachyonShift does not use Customer Content to train public foundation models.

Where customers enable third-party model providers through UnifAI or related integrations, customer-selected provider terms and data handling policies may also apply.

5.3 Customer Responsibilities in AI Workloads

  • Customers are responsible for lawful collection and use of data they submit to our services.
  • Customers are responsible for classifying sensitive data and configuring policy controls.
  • Customers should avoid submitting regulated or restricted data unless contractually approved.
  • Customers remain responsible for downstream decisions made from AI-generated output.

6. Cookies, Analytics, and Tracking

We use cookies and similar technologies for security, authentication, product functionality, analytics, and communication workflows. Depending on your interactions, this may include privacy-focused website analytics and customer engagement tools used to support support/sales operations.

You can manage cookies through your browser settings. Blocking certain cookies may reduce site functionality.

Where required by law, we request consent before setting non-essential cookies or similar trackers.

7. Information Sharing and Disclosure

We may share personal information as follows:

  • With service providers and subprocessors operating under contractual confidentiality and security obligations
  • Within our corporate group and authorized affiliates for legitimate business operations
  • With integration partners at customer direction
  • For legal compliance, lawful requests, and rights protection
  • In connection with merger, acquisition, financing, or asset transfer events

We do not sell personal information for monetary consideration. We do not permit service providers to use personal information for their own independent marketing purposes when acting on our behalf.

We may use de-identified and aggregated information to operate, secure, benchmark, and improve our services, provided it cannot reasonably identify an individual.

8. International Transfers

We and our service providers may process information in the United States and other jurisdictions. When required, we use legally recognized transfer safeguards such as Standard Contractual Clauses or equivalent mechanisms.

For enterprise customers, transfer commitments and localization controls may be further defined in contract terms and architecture documentation.

9. Data Retention

We retain personal information for as long as needed to provide services, fulfill contractual and legal obligations, resolve disputes, and enforce agreements.

Retention periods vary by data type and context, including:

  • Account and commercial records tied to active contractual relationships
  • Security and audit logs retained for incident response, compliance, and integrity assurance
  • Support records retained to maintain service continuity and quality

When data is no longer required, we delete, anonymize, or securely archive it in accordance with applicable law and operational constraints.

10. Security Measures

We implement commercially reasonable administrative, technical, and physical safeguards designed to protect personal information, including controls such as encryption in transit, access management, logging, least-privilege principles, and monitoring.

Our architecture and operating model are designed with SOC 2 readiness and GDPR-aligned handling principles in mind.

No system is perfectly secure. You are responsible for protecting credentials and using secure channels when submitting sensitive information.

11. Your Privacy Rights

Depending on your location and applicable law, you may have rights to:

  • Access personal information we hold about you
  • Request correction of inaccurate information
  • Request deletion of personal information, subject to exceptions
  • Request portability of certain personal information
  • Object to or restrict certain processing activities
  • Withdraw consent where processing is based on consent

To submit a request, email [email protected] with "Privacy Request" in the subject line. We may need to verify identity before fulfilling requests.

If we process data on behalf of a customer, we may direct your request to that customer as the primary controller for that data.

12. U.S. State Privacy Notices

Residents of certain U.S. states may have specific rights under state privacy laws, including rights to know, access, correct, delete, and opt out of certain data disclosures or targeted advertising.

We do not knowingly sell personal information. We process requests and appeals as required by applicable law and will not unlawfully discriminate against you for exercising rights.

Authorized agents may submit requests where permitted by law and with appropriate proof of authority.

13. Children and Sensitive Data

Our services are designed for business and professional use, not for children under 16. We do not knowingly collect personal information from children under 16.

Unless expressly agreed in writing, do not submit highly sensitive personal data, protected health information, payment card data, or regulated government identifiers through public forms or chat channels.

14. Policy Updates and Contact

We may update this Privacy Policy to reflect operational, legal, or regulatory changes. We will post the revised version on this page and update the "Last Updated" date.

Material changes will be communicated through reasonable channels where required by law.

Contact

Email: [email protected]

Website: tachyonshift.com/support