BleedIO Tech Privacy Policy

Effective Date: March 12, 2026
Last Updated: March 12, 2026

1. Introduction

BleedIO Tech, Inc. (“BleedIO,” “we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our software platform for decentralized mesh (decentralized wireless mesh) mesh network management (the “Service”).

This Privacy Policy applies to all users of our websites, applications, and services. By using our Service, you consent to the collection and use of information in accordance with this Privacy Policy.

2. Information We Collect

2.1 Personal Information

We collect personal information that you provide directly to us, including:

• Account Information: Name, email address, phone number, and billing information
• Profile Data: Company information, job title, and preferences
• Communication Data: Messages, support tickets, and feedback you send to us
• Technical Support Data: Information provided during troubleshooting sessions

2.2 IoT and Network Data

When you use our decentralized wireless mesh network management platform, we may collect:

• Device Data: Information about mesh devices in your network (device IDs, connection status, signal strength)
• Network Analytics: Performance metrics, connectivity patterns, and network topology data
• Location Data: Geographic information about network nodes (with your explicit consent)
• Usage Data: How you interact with the Service and manage your networks

2.3 Third-Party Integration Data

If you connect third-party services (Google, Microsoft, Amazon, etc.), we may access:

• Authentication Data: Credentials and tokens for API access
• Service Data: Information from integrated platforms as permitted by their terms
• Cloud Storage Data: Files and data stored in connected cloud services

2.4 Automatically Collected Information

We automatically collect certain information when you use our Service:

• Log Data: IP addresses, browser type, operating system, and access times
• Usage Data: Features used, pages visited, and interaction patterns
• Device Information: Device type, screen resolution, and unique device identifiers
• Cookies and Tracking: See our Cookies Policy for details

3. How We Use Your Information

3.1 Service Provision

• To provide, maintain, and improve our decentralized wireless mesh network management platform
• To authenticate users and manage accounts
• To process payments and manage subscriptions
• To provide technical support and customer service

3.2 Network Management

• To monitor and optimize decentralized wireless mesh network performance
• To provide analytics and insights about your IoT deployments
• To troubleshoot connectivity and device issues
• To ensure network security and reliability

3.3 Communication

• To send service-related notifications and updates
• To respond to your inquiries and support requests
• To provide marketing communications (with your consent)
• To send important security or policy updates

3.4 Legal and Security

• To comply with legal obligations and enforce our Terms of Service
• To detect, prevent, and respond to security threats
• To protect against fraud and unauthorized access
• To maintain platform integrity and user safety

3.5 Improvement and Analytics

• To analyze usage patterns and improve our Service
• To develop new features and functionality
• To conduct research and generate aggregated insights
• To monitor system performance and reliability

4. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following circumstances:

4.1 With Your Consent

• When you explicitly authorize us to share information
• For integrations with third-party services you connect

4.2 Service Providers

With trusted third-party service providers who assist our operations (payment processors, cloud hosting, analytics) under strict confidentiality agreements and data processing terms.

4.3 Legal Requirements

• When required by law, court order, or government request
• To protect our rights, property, or safety, or that of our users
• In connection with legal proceedings or investigations

4.4 Business Transfers

In connection with a merger, acquisition, or sale of assets with appropriate notice and choice regarding your data.

4.5 Aggregated Data

We may share aggregated, anonymized data for research, analytics, or business purposes. This data cannot be used to identify individual users.

5. Data Security

5.1 Technical Safeguards

• Encryption: Data encrypted in transit (TLS 1.3) and at rest (AES-256)
• Access Controls: Role-based access and multi-factor authentication
• Network Security: Firewalls, intrusion detection, and regular security audits
• Regular Updates: Security patches and vulnerability management

5.2 IoT-Specific Security

• Device Authentication: Secure mesh pairing and device verification
• Network Encryption: End-to-end encryption for mesh communications
• Access Monitoring: Continuous monitoring of network access patterns
• Incident Response: 24/7 security monitoring and rapid response protocols

5.3 Data Minimization

We collect only necessary data for service delivery, regular data purging and retention policy enforcement, and anonymization techniques for analytics and research.

6. International Data Transfers

Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards for international transfers:

• Adequacy Decisions: Transfers to countries with adequate data protection
• Standard Contractual Clauses: EU-approved transfer mechanisms
• Binding Corporate Rules: Our internal data transfer policies
• Your Rights: You retain all rights under applicable data protection laws

7. Data Retention

We retain your information for as long as necessary to provide our Service and fulfill legal obligations:

• Account Data: Retained while your account is active and for 3 years after deactivation
• IoT Data: Retained based on your network management needs, with automatic purging options
• Communication Data: Retained for 2 years for support and compliance purposes
• Legal Holds: Data may be retained longer if required by law or legal proceedings

8. Your Rights and Choices

8.1 Access and Portability

• Request access to your personal information
• Obtain a copy of your data in a portable format
• Review IoT device and network data collected

8.2 Correction and Update

• Correct inaccurate or incomplete information
• Update your account and profile information
• Modify data collection preferences

8.3 Deletion

• Request deletion of your personal information
• Remove IoT device data from our systems
• Cancel your account and request data removal

8.4 Restriction and Objection

• Restrict processing of your information
• Object to marketing communications
• Opt-out of non-essential data collection

8.5 Withdraw Consent

• Withdraw consent for data processing where applicable
• Disable third-party integrations
• Opt-out of cookies and tracking

9. Cookies and Tracking Technologies

9.1 Essential Cookies

Required for basic Service functionality. Cannot be disabled without affecting Service use.

9.2 Analytics Cookies

Help us understand how you use our Service. Used to improve performance and user experience. Can be opted out through browser settings.

9.3 Marketing Cookies

Used for targeted advertising and marketing. Require your explicit consent in applicable jurisdictions. Can be managed through our cookie preferences.

9.4 Third-Party Cookies

Set by integrated third-party services. Governed by their respective privacy policies. Managed through their privacy settings.

10. Children’s Privacy

Our Service is not intended for children under 13 (or the applicable age in your jurisdiction). We do not knowingly collect personal information from children. If we become aware that we have collected information from a child, we will delete it immediately.

11. Third-Party Services and Integrations

11.1 Google Services

We comply with Google’s Limited Use requirements. Access limited to authentication and authorized data only. Your Google data remains under your control.

11.2 Microsoft Services

Adherence to Microsoft’s API Terms of Use. Minimal data access for service functionality. Secure token management and storage.

11.3 Amazon Services

Compliance with Amazon’s developer policies. Access restricted to necessary API endpoints. Transparent data usage disclosure.

11.4 Other Integrations

All third-party integrations follow industry standards. Data sharing governed by their terms and our agreements. You can revoke access at any time.

12. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will:

• Post the updated policy on our website
• Send email notifications for material changes
• Provide at least 30 days’ notice for significant updates
• Continue to respect your privacy choices

13. Contact Us

If you have questions about this Privacy Policy or our data practices:

BleedIO Tech, Inc.
851 Duportail Rd, 2nd Floor
Chesterbrook, PA 19087
Email: privacy@bleedio.com
Phone: [Insert Phone Number]

For data protection inquiries:
Email: dpo@bleedio.com

14. Additional Information for IoT Deployments

14.1 Data Controller Responsibilities

We act as a data processor for IoT device data you collect. You remain the data controller for end-user information. Clear delineation of responsibilities in our Data Processing Agreement.

14.2 Network Security

• End-to-end encryption for all mesh communications
• Regular security audits of IoT infrastructure
• Compliance with IoT security standards and frameworks

14.3 Data Localization

• Options for data residency in specific jurisdictions
• Compliance with local data sovereignty requirements
• Transparent data flow documentation

---

This Privacy Policy incorporates industry best practices and is specifically tailored for IoT network management services.