HomePrivacy Policy

Privacy Policy

Effective Date: February 19, 2026 · Last Updated: February 19, 2026

Your privacy matters. This Policy explains how Nkingi Group ("we," "us," or "our"), operating as AIfsop, collects, uses, discloses, and protects information in connection with our Service. By using AIfsop, you agree to the practices described herein.

1. Overview

Nkingi Group, a Delaware corporation, operates the AIfsop platform, a B2B SaaS solution for restoration companies. This Privacy Policy applies to the AIfsop web application, marketing website, and any associated services (collectively, the "Service").

The Service is designed for business use. We primarily process data about business contacts, employees of our customers, and end-customers of our customers. We are committed to handling all such data with care and in compliance with applicable privacy laws.

2. Information We Collect

2.1 Information You Provide Directly

Category	Examples	Purpose
Account Data	Name, email address, password, company name, phone number	Account creation and authentication
Billing Data	Payment method details (processed by Stripe), billing address, subscription tier	Processing payments and subscriptions
Profile Data	Job title, role within the organization, profile photo	Service personalization and team features
Project Data	Customer names, job site addresses, insurance claim information, scope of work, notes	Core project management functionality
Document Data	Uploaded files, PDFs, signed documents, floor plans, photos	Document storage and e-signature workflows
Operational Data	Equipment records, time entries, expense receipts, psychrometric readings	Field operations management
Communications	Support requests, feedback submissions, demo requests	Customer support and product improvement

2.2 Information Collected Automatically

Category	Examples	Purpose
Usage Data	Pages visited, features used, click patterns, session duration	Service improvement and analytics
Device Data	IP address, browser type, operating system, device identifiers	Security, fraud prevention, compatibility
Log Data	Access logs, error logs, API calls	Debugging, security monitoring
Cookies	Session cookies, preference cookies, analytics cookies	Authentication, preferences, analytics
GPS / Location	Device GPS coordinates, location history for field technicians	GPS audit, route optimization, live map

2.3 Information from Third Parties

We may receive information from integration partners (e.g., Stripe for payment status), analytics providers, and customers who invite you to use the Service.

3. How We Use Information

We use the information we collect to:

Provide the Service: Operate, maintain, and improve all features of the AIfsop platform
Process Transactions: Handle subscription billing, payment processing, and invoicing
Account Management: Create and manage user accounts, authenticate users, and enforce access controls
Communications: Send service-related notifications, account alerts, and (with your consent) marketing communications
Support: Respond to customer support requests and troubleshoot issues
Security: Detect, prevent, and respond to fraud, abuse, and security incidents
Analytics: Understand how the Service is used and identify areas for improvement
AI Features: Power AI scheduling, staffing insights, document generation, and receipt processing features
Legal Compliance: Comply with applicable laws, regulations, and legal processes
Enforce Terms: Enforce our Terms of Service and other agreements

Legal Bases (EEA/UK): Where applicable, we process personal data on the following legal bases: contract performance, legitimate interests (operating and improving the Service), legal obligation, and consent (for marketing communications).

4. Information Sharing

We do not sell your personal information. We may share information as follows:

4.1 Service Providers

We share information with vetted third-party vendors who process data on our behalf under confidentiality obligations:

Category	Examples	Purpose
Stripe	Payment processing	stripe.com/privacy
OpenAI	AI feature processing	openai.com/policies/privacy-policy
Google Maps	Location services, geocoding	policies.google.com/privacy
Resend	Transactional email delivery	resend.com/privacy
Supabase	Database and authentication hosting	supabase.com/privacy
Sentry	Error monitoring	sentry.io/privacy

4.2 Within Your Organization

Information you submit is visible to authorized users within your organization account according to the role-based access controls you configure.

4.3 Customer Portals

Project information shared through customer portals or insurance adjuster portals is accessible to the recipients you designate. You are responsible for ensuring such sharing is appropriate and compliant with applicable privacy laws.

4.4 Legal Requirements

We may disclose information when required by law, court order, subpoena, or government request, or where we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

4.5 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, information may be transferred to the acquiring entity, subject to the same privacy commitments.

4.6 With Your Consent

We may share information for other purposes with your explicit consent.

5. Location Data

AIfsop collects precise GPS location data from field technicians' devices through features including the GPS Audit Center, Live Map, Route Planner, and Employee Location tracking.

Customer Responsibility: If you are an organization using the Service, you are responsible for:

Notifying your employees and contractors that their location may be tracked through the Service
Obtaining all required consents under applicable employment and privacy laws
Complying with all applicable state and local laws regarding employee monitoring (including, without limitation, California Labor Code Section 2930 et seq.)
Establishing and communicating your own internal policies regarding location data use

We use location data solely to provide the location-based features of the Service and for fraud prevention. We do not use location data for advertising purposes. Location data is retained for the duration of your subscription and deleted pursuant to our data retention policy.

6. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to operate and improve the Service. Please see our Cookie Policy for detailed information about the specific cookies we use, their purposes, and how to manage them.

In summary, we use:

Strictly Necessary Cookies: Required for authentication and core Service functionality
Functional Cookies: Remember your preferences (e.g., theme, language)
Analytics Cookies: Help us understand how the Service is used (anonymized/aggregated)

We do not use advertising or cross-site tracking cookies. You can manage cookie preferences through your browser settings or our cookie preference center.

7. Data Retention

We retain personal data for as long as necessary to provide the Service and fulfill the purposes described in this Policy, subject to the following:

Account Data: Retained for the duration of your active subscription plus 90 days following termination, then deleted or anonymized
Billing Records: Retained for seven (7) years to comply with financial recordkeeping obligations
Activity Logs: Retained for twelve (12) months for security and audit purposes
Email Communications: Retained for twelve (12) months for support and compliance purposes
Legal Hold: Data subject to a legal hold may be retained beyond standard periods

You may export your data at any time through the Service. You are solely responsible for exporting any data you wish to retain prior to account cancellation.

8. Security

We implement industry-standard technical and organizational measures to protect your information, including:

Encryption of data in transit (TLS 1.2+) and at rest (AES-256)
Row-level security (RLS) enforcing organizational data isolation
Role-based access controls limiting data access to authorized personnel
Regular security audits and penetration testing
Multi-factor authentication support
Incident response procedures

Despite these measures, no method of internet transmission or electronic storage is 100% secure. In the event of a data breach affecting your rights or freedoms, we will notify you as required by applicable law.

9. Your Privacy Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

Category	Examples	Purpose
Access	Request a copy of personal data we hold about you	GDPR Art. 15 / CCPA
Correction	Request correction of inaccurate or incomplete data	GDPR Art. 16
Deletion	Request deletion of your personal data (subject to retention obligations)	GDPR Art. 17 / CCPA
Portability	Receive your data in a structured, machine-readable format	GDPR Art. 20
Restriction	Request restriction of processing in certain circumstances	GDPR Art. 18
Objection	Object to processing based on legitimate interests	GDPR Art. 21
Opt-Out of Marketing	Unsubscribe from marketing emails at any time	CAN-SPAM / GDPR

To exercise any of these rights, please contact us at info@aifsop.io. We will respond within thirty (30) days. We may need to verify your identity before processing certain requests.

Note for Employees of our Customers: If your employer uses AIfsop, your employer is the data controller for your employment-related data. Please direct privacy requests regarding that data to your employer.

10. California Privacy Rights (CCPA/CPRA)

If you are a California resident, the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) provide you with additional rights:

10.1 Right to Know

You have the right to request disclosure of the categories and specific pieces of personal information we have collected about you, the categories of sources, our business purpose for collecting it, and the categories of third parties with whom we share it.

10.2 Right to Delete

You have the right to request deletion of personal information we have collected, subject to certain exceptions (e.g., legal obligations, completing transactions).

10.3 Right to Correct

You have the right to request correction of inaccurate personal information.

10.4 Right to Opt-Out of Sale or Sharing

We do not sell personal information as defined by the CCPA, and we do not share personal information for cross-context behavioral advertising.

10.5 Non-Discrimination

We will not discriminate against you for exercising your CCPA rights.

10.6 How to Submit a Request

Submit California privacy rights requests to info@aifsop.io with "California Privacy Request" in the subject line. We will respond within 45 days (extendable by 45 days with notice).

11. Children's Privacy

The Service is intended for business use by persons who are 18 years of age or older. We do not knowingly collect personal information from children under 18. If we become aware that a child under 18 has provided us with personal information without verified parental consent, we will take steps to delete that information promptly.

If you believe we may have collected personal information from a minor, please contact us at info@aifsop.io.

12. International Data Transfers

Nkingi Group is based in the United States. If you are accessing the Service from outside the United States, please be aware that your information will be transferred to, stored, and processed in the United States, where our servers and service providers are located.

For transfers of personal data from the European Economic Area (EEA) or United Kingdom to the United States, we rely on appropriate safeguards such as Standard Contractual Clauses (SCCs) or other transfer mechanisms recognized by applicable law. To obtain a copy of the applicable safeguards, please contact us at info@aifsop.io.

By using the Service, you consent to the transfer of your information to the United States and other countries in which we and our service providers operate.

13. Third-Party Links and Services

The Service may contain links to third-party websites or integrate with third-party services. This Privacy Policy does not apply to such third-party services. We encourage you to review the privacy policies of any third-party services you use in connection with AIfsop.

We are not responsible for the privacy practices, content, or security of third-party websites or services.

14. AI Features and Data Processing

AIfsop incorporates artificial intelligence features including AI scheduling assistance, staffing insights, document generation, receipt processing, and equipment recommendations. These features process data you submit to the Service.

When AI features process your data through third-party AI providers (such as OpenAI), such processing is governed by those providers' data processing agreements. We do not permit third-party AI providers to use your Customer Data to train their general models without your explicit consent.

AI-generated outputs are suggestions only. You are solely responsible for any business decisions made in reliance on AI-generated content.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes, we will:

Update the "Last Updated" date at the top of this Policy
Send an email notification to account Owners at least thirty (30) days before material changes take effect
Display a prominent notice within the Service

Your continued use of the Service after the effective date of changes constitutes acceptance of the revised Policy. If you do not agree, please discontinue use of the Service and contact us to close your account.

16. Contact Us

For privacy-related questions, requests, or concerns, please contact our privacy team:

Nkingi Group — Privacy Team

Operating as: AIfsop

State of Incorporation: Delaware

Email: info@aifsop.io

Response time: Within 30 days for most requests; 45 days for CCPA requests.

If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, you may have the right to lodge a complaint with your local data protection authority.