Privacy Policy

This Privacy Policy describes the practices of SSYP Solutions LLC ("SSYP," "we," "our," or "us"), with respect to personal data collected, used, disclosed, and otherwise processed through the idealAi platform (the "Platform"). The Platform is operated by SSYP pursuant to an exclusive commercial license from TheidealAi, LLC ("IdealAi LLC"), which retains ownership of the Platform's intellectual property. This Policy applies to: (a) individuals who access the Platform through an enterprise customer (each, a "User"); (b) representatives of subscribing organizations (each, a "Customer Administrator"); (c) visitors to our public-facing websites; and (d) individuals who contact us or otherwise interact with us in connection with the Platform.

3.1 Information You Provide Directly: account registration information (name, work email, job title, organization); profile information (role, team, manager relationship); communications with us; content you upload or create; and responses to assessments and self-reflection exercises.

3.2 Information Generated Through Your Use: conversations with AI coaching features; roleplay session content and outputs; behavioral interaction data; coaching reflection content; goal-setting and accountability content; team and culture-related inputs; and communications data where you have enabled those features.

3.3 Information Collected Automatically: device information (browser type, OS, device identifiers); connection information (IP address, approximate location); usage information (pages viewed, features used); cookie and similar technology data; and telemetry and diagnostic information.

3.4 Information from Third Parties: your Customer Administrator; single sign-on and identity providers your organization uses (such as Microsoft Entra ID); calendar or productivity systems you have authorized; and HRIS or LMS systems your organization has connected.

3.5 Sensitive Information: The Platform is not intended for collection of Sensitive Personal Data. However, you may choose to share such information through open-ended coaching interactions. Where this occurs, we process it under the lawful basis of explicit consent.

5.1 What Customer Administrators Cannot Access: raw conversations between Users and the AI coaching features; the content of roleplay sessions; self-reflection content, journal entries, or private coaching notes; individual goal-setting content where the User has marked it as private; communications between Users and the Platform's support functions.

5.2 What Customer Administrators Can Access: aggregated and de-identified analytics regarding Platform usage; information that Users have voluntarily and explicitly chosen to share; operational and security audit logs (showing that a User accessed the Platform, but not the content); account-level information (license assignment, last-login timestamps, seat utilization).

5.3 Exceptions to the Privacy Wall: lawful and binding legal process; prevention of imminent harm; investigation of violations of our Acceptable Use Policy; User consent; and escalation paths that the User's organization has designated and that the User has been notified about during onboarding.

5.4 Limitations: While we have designed the Platform to make the Privacy Wall effective, we cannot guarantee that all metadata, logs, or technical signals are fully isolated from Customer-Administrator visibility in every operational circumstance.

7.1 Service Providers and Subprocessors: cloud infrastructure providers; AI model providers (Anthropic, OpenAI); identity and authentication providers (including Microsoft); analytics providers (including PostHog); customer support platforms; billing and payment providers; email delivery providers; and legal, compliance, and security advisors.

7.2 AI Model Providers: We have entered into agreements with these providers that include: (a) data sent will not be used to train or improve their models without our express written authorization; (b) AI model providers process the data solely for the purpose of returning AI-generated outputs in real time; and (c) AI model providers are subject to confidentiality and security obligations.

7.3 Disclosures to the Customer: Subject to the Privacy Wall, we may disclose aggregated analytics, audit logs, and information you have voluntarily designated for organizational visibility.

7.4 Legal Disclosures: We may disclose Personal Data in response to subpoenas, court orders, or other binding legal process; when required by law; to protect our rights, property, or safety; or in connection with a corporate transaction.

7.5 No Sale of Personal Data: We do not sell Personal Data as defined under the CCPA or any other applicable privacy law. We do not share Personal Data for cross-context behavioral advertising.

Personal Data processed under this Policy may be transferred to, stored in, and processed in the United States and in other countries where our Subprocessors operate. Where Personal Data is transferred from the EEA, UK, or Switzerland to a country without adequate data protection, we implement appropriate safeguards, which may include Standard Contractual Clauses, the UK International Data Transfer Agreement, or other lawful transfer mechanisms. Customers may request copies of the relevant transfer mechanisms by contacting [email protected].

We retain Personal Data for the period necessary to fulfill the purposes described in this Policy, except as required or permitted by applicable law. Retention periods are determined based on: the duration of the User's account and the underlying agreement; the period required to deliver the Platform's continuous coaching memory features; the period necessary to comply with legal obligations; and the period necessary to investigate and respond to security incidents.

10.1 Rights Under GDPR (EU/UK/EEA Residents): Right of access; right to rectification; right to erasure ('right to be forgotten'); right to restriction; right to data portability; right to object to processing based on legitimate interests; right to withdraw consent; right to lodge a complaint with your local supervisory authority.

10.2 Rights Under CCPA and Other U.S. State Laws: Right to know what Personal Data we collect; right to delete; right to correct inaccurate Personal Data; right to opt out of sale or sharing (note: we do not sell or share Personal Data for cross-context behavioral advertising); right to non-discrimination.

10.3 How to Exercise Your Rights: Contact us at [email protected]. We will respond within the timeframes required by applicable law. Before fulfilling certain requests, we may need to verify your identity.

11.1 Customer Data Is Not Used to Train AI Models: SSYP does not use, and does not permit its third-party AI model providers to use, your Personal Data, the content of your conversations, your roleplay session content, or any other Platform Data to train, fine-tune, or otherwise improve the AI models that power the Platform.

11.2 Aggregated and De-Identified Data: We may create Aggregated Data from Personal Data and use such Aggregated Data for any lawful purpose, including analyzing usage patterns, generating industry insights, improving features, and developing new products.

11.3 Product Analytics and Telemetry: We use product analytics and telemetry tools, including PostHog, to monitor Platform performance and improve usability. We design our telemetry pipelines to minimize exposure of sensitive User content.

We and our service providers use cookies, pixels, local storage, and similar technologies to: (a) enable core Platform functionality ('essential' cookies); (b) remember your preferences and authentication state ('functional' cookies); (c) measure Platform usage and performance ('analytics' cookies); and (d) support security and fraud prevention. We do not use third-party cookies for cross-context behavioral advertising on the Platform.

The Platform is restricted to enterprise and professional users who are at least eighteen (18) years of age. We do not knowingly collect Personal Data from individuals under 18. If we learn that we have collected Personal Data from an individual under 18, we will delete that information as promptly as practicable. Contact us at [email protected] if you believe we may have collected information from an individual under 18.

We may update this Policy from time to time to reflect changes in our practices, the Platform's features, applicable law, or for other operational, legal, or regulatory reasons. We will post the updated Policy on the Platform and update the Effective Date. Where the changes are material, we will provide additional notice, which may include email notice, in-Platform notice, or other reasonable means.

If you have questions, concerns, or requests regarding this Policy or the Platform's handling of Personal Data, please contact us at:

SSYP Solutions LLC -- Attention: Privacy -- 420 Lexington Avenue, Suite 1402, POB 1046, New York, NY 10170 -- Email: [email protected]

For inquiries specifically directed to the Platform's intellectual property owner, TheidealAi, LLC may be contacted at [email protected], 108 Lakeland Avenue, Dover, DE 19901.