TruOptim Industrial AI Gateway
Industrial Digital Twins
Privacy Policy
# TRUOPTIM INDUSTRIAL AI GATEWAY
# PRIVACY POLICY

Copyright © 2025-present TruOptim Solutions Ltd. All rights reserved.

**Version:** 1.1  
**Effective Date:** December 2025  
**Last Updated:** December 2025

---

## 1. INTRODUCTION

**1.1** This Privacy Policy explains how TruOptim Solutions Ltd ("**TruOptim**," "**we**," "**us**," or "**our**") collects, uses, discloses, and protects information in connection with the TruOptim Industrial AI Gateway software (the "**Software**").

**1.2** TruOptim Solutions Ltd is a company incorporated in England and Wales (Company Registration No. 16742261), with its registered office at 205 Regent Street, 4th Floor, London, England, W1B 4HB.

**1.3** This Privacy Policy applies to:
- Users of the Software ("**Customers**" or "**you**")
- Visitors to our websites and marketing materials
- Individuals whose personal data may be processed through the Software

---

## 2. KEY PRINCIPLES

**2.1 Customer-Deployed Software.** The TruOptim Industrial AI Gateway is deployed as an Azure Managed Application within your own Azure tenant. This architectural choice means:

(a) **Your Data Stays With You**: Industrial process data, OPC UA telemetry, and other Customer Data are processed and stored within your Azure subscription, not ours.

(b) **Limited TruOptim Access**: TruOptim does not have routine access to your Customer Data. We cannot see your industrial process values, sensor readings, or operational data.

(c) **You Are the Controller**: For any personal data processed through the Software, you are the data controller responsible for compliance with applicable data protection laws.

**2.2 Privacy by Design.** The Software is designed with privacy and security principles embedded:
- End-to-end encryption (TLS 1.3)
- Role-Based Access Control (RBAC)
- Comprehensive audit logging
- Data minimization
- Zero-trust architecture

---

## 3. INFORMATION WE COLLECT

### 3.1 Information You Provide

| Category | Examples | Purpose |
|----------|----------|---------|
| **Account Information** | Name, email address, company name, job title | Account creation and management |
| **Billing Information** | Payment details (processed by Azure Marketplace) | Subscription billing |
| **Support Requests** | Issue descriptions, screenshots, logs you share | Providing technical support |
| **Feedback** | Survey responses, feature requests, testimonials | Product improvement |
| **Communications** | Emails, chat messages with our team | Customer relationship |

### 3.2 Information Collected Automatically

| Category | Examples | Purpose |
|----------|----------|---------|
| **Usage Metrics** | AI Tool Credit consumption, Connected Data Signals count | Billing and subscription management |
| **Aggregate Statistics** | Number of connected edges, tool usage patterns | Product improvement (anonymized) |
| **Error Reports** | Stack traces, error messages (opt-in only) | Bug fixing and stability |
| **Audit Logs** | Authentication events, permission changes | Security compliance |
| **Control Plane Data** | Gateway health, subscription status, version info | Service delivery and billing |
| **ROI Calculator Inputs** | Industry selection, plant size, user count | Pricing and trial configuration |
| **Demo Sandbox Telemetry** | VM status, server selection, resource usage | Demo environment management |

### 3.3 Information We Do NOT Collect

TruOptim does NOT collect, access, or process:

- Industrial process values or sensor data
- OPC UA node values or historical data
- Customer Data processed through the Software
- AI Agent conversations or queries (unless explicitly shared for support)
- Proprietary business information about your operations

---

## 4. HOW WE USE INFORMATION

**4.1 Lawful Bases.** We process personal data based on:

| Lawful Basis | Examples |
|--------------|----------|
| **Contract Performance** | Providing the Software, billing, support |
| **Legitimate Interests** | Product improvement, security, fraud prevention |
| **Legal Obligation** | Tax records, regulatory compliance |
| **Consent** | Marketing communications, feedback programs |

**4.2 Specific Purposes:**

(a) **Service Provision**: Creating and managing your account, providing access to the Software, processing subscriptions.

(b) **Billing and Payments**: Calculating usage-based fees, processing payments through Azure Marketplace, maintaining billing records.

(c) **Support**: Responding to support requests, troubleshooting issues, providing technical assistance.

(d) **Product Improvement**: Analyzing aggregate usage patterns to improve the Software (using anonymized data only).

(e) **Communications**: Sending service notifications, security alerts, product updates (transactional), and marketing communications (with consent).

(f) **Security**: Detecting and preventing fraud, unauthorized access, and other security incidents.

(g) **Legal Compliance**: Complying with applicable laws, regulations, and legal processes.

---

## 5. DATA SHARING

**5.1 We Do NOT Sell Personal Data.** TruOptim does not sell, rent, or trade personal information to third parties.

**5.2 Limited Sharing.** We may share information with:

| Recipient | Purpose | Safeguards |
|-----------|---------|------------|
| **Microsoft Azure** | Marketplace billing, infrastructure | Azure DPA, SOC 2 |
| **Google Workspace** | Transactional email delivery (SMTP) | Google Workspace DPA |
| **Service Providers** | Support tools | Data Processing Agreements |
| **Professional Advisors** | Legal, accounting, audit | Professional confidentiality |
| **Law Enforcement** | Legal obligations, court orders | Only as legally required |
| **Business Transfers** | Merger, acquisition, sale | Notice and consent where required |

**5.3 Customer Data.** We do not share Customer Data with any third party except:
- At your explicit request (e.g., for support purposes)
- As required by law
- With your prior written consent

---

## 6. INTERNATIONAL TRANSFERS

**6.1 UK Adequacy.** As a UK company, we comply with UK data protection law. For transfers outside the UK:

(a) We rely on adequacy decisions where available
(b) We use Standard Contractual Clauses (UK SCCs) where required
(c) We implement supplementary measures as necessary

**6.2 Azure Regions.** When you deploy the Software, you select the Azure region. Your Customer Data remains in your chosen region within your Azure subscription.

---

## 7. DATA RETENTION

**7.1 Retention Periods:**

| Data Category | Retention Period | Reason |
|---------------|------------------|--------|
| Account Information | Duration of subscription + 7 years | Legal/tax requirements |
| Billing Records | 7 years after subscription ends | Tax and accounting |
| Support Tickets | 3 years after resolution | Quality assurance |
| Audit Logs | 90 days (security), 30 days (MCP) | Security compliance |
| Marketing Consents | Until withdrawn | GDPR compliance |

**7.2 Customer Data.** Customer Data is stored in your Azure subscription. TruOptim does not retain Customer Data. Upon termination, you are responsible for exporting your data before decommissioning the Software.

---

## 8. YOUR RIGHTS

**8.1 Data Subject Rights.** Under applicable data protection laws, you may have the right to:

| Right | Description | How to Exercise |
|-------|-------------|-----------------|
| **Access** | Obtain a copy of your personal data | In-product export or contact us |
| **Rectification** | Correct inaccurate data | Update in account settings or contact us |
| **Erasure** | Request deletion of your data | In-product deletion or contact us |
| **Restriction** | Limit how we use your data | Contact us |
| **Portability** | Receive data in machine-readable format | In-product export |
| **Object** | Object to certain processing | Contact us |
| **Withdraw Consent** | Withdraw previously given consent | Unsubscribe links or contact us |

**8.2 Self-Service.** The Software provides self-service tools for exercising your rights:
- **Data Export**: GET `/api/auth/gdpr/export`
- **Account Deletion**: POST `/api/auth/gdpr/delete`
- **API Keys Page**: Download my data / Delete my account buttons

**8.3 Contact.** To exercise your rights, contact:
- **Email**: privacy@truoptim.com
- **Post**: Data Protection, TruOptim Solutions Ltd, 205 Regent Street, 4th Floor, London, W1B 4HB

**8.4 Complaints.** You have the right to lodge a complaint with a supervisory authority. In the UK, this is the Information Commissioner's Office (ICO): https://ico.org.uk

---

## 9. SECURITY

**9.1 Technical Measures.** We implement appropriate technical measures to protect personal data:

- End-to-end encryption (TLS 1.3)
- Encryption at rest (AES-256-GCM)
- Role-Based Access Control
- Rate limiting and DDoS protection
- Regular security assessments
- Incident response procedures

**9.2 Organizational Measures.** We maintain organizational security practices:

- Employee security training
- Access on need-to-know basis
- Confidentiality obligations
- Vendor security assessments
- Business continuity planning

**9.3 Security Standards.** The Software is developed in accordance with:
- IEC 62443-4-1 (Secure Development Lifecycle)
- NIST SP 800-218 (Secure Software Development Framework)
- OWASP ASVS (Application Security Verification Standard)

---

## 10. COOKIES AND TRACKING

**10.1 Limited Use.** The Software's web interface uses only essential cookies:

| Cookie | Purpose | Type |
|--------|---------|------|
| Session Cookie | Authentication state | Essential |
| CSRF Token | Security protection | Essential |

**10.2 No Tracking.** We do not use:
- Third-party analytics tracking
- Advertising cookies
- Social media tracking pixels
- Behavioral profiling cookies

**10.3 Marketing Website.** Our marketing website at truoptim.com may use analytics cookies with your consent. See our [Cookie Policy](/cookie-policy) for details.

---

## 11. CHILDREN'S PRIVACY

The Software is intended for business use by organizations and is not directed at individuals under 18 years of age. We do not knowingly collect personal data from children.

---

## 12. ROI CALCULATOR AND DEMO SANDBOX (ADR 070, ADR 083)

### 12.1 ROI Calculator Data

When you use the ROI Calculator feature, we collect:

| Data | Purpose | Retention |
|------|---------|-----------|
| **Industry Selection** | Pre-select relevant demo servers and pricing | Duration of trial/subscription |
| **Plant Size** | Calculate appropriate pricing tier | Duration of trial/subscription |
| **Estimated Users** | Calculate tool credit requirements | Duration of trial/subscription |
| **Email Address** | Initiate trial signup, send results | Account lifetime |

This data is used to:
- Configure your trial with industry-appropriate demo servers
- Calculate estimated pricing and ROI projections
- Personalise your evaluation experience

### 12.2 Demo Sandbox Data

When you use the Demo Sandbox feature, we collect:

| Data | Purpose | Retention |
|------|---------|-----------|
| **VM Status** | Monitor sandbox lifecycle | Duration of sandbox |
| **Server Selection** | Deploy appropriate simulators | Duration of sandbox |
| **Resource Usage** | Optimise VM sizing and costs | 30 days |

**Important**: Demo Sandbox OPC UA servers generate **synthetic, simulated data only**. This simulated data:
- Remains in your Azure tenant
- Is NOT transmitted to TruOptim
- Does NOT represent real industrial processes
- Is for evaluation and training purposes only

---

## 13. AI CONCIERGE SUPPORT DATA (ADR 090)

### 13.1 Feedback Submissions

When you submit feedback via the `support_submit_feedback` MCP tool:

| Data | Purpose | Retention |
|------|---------|-----------|
| **Feedback Type** | Categorize and route feedback | Duration of subscription + 3 years |
| **Category & Severity** | Route and prioritize feedback | Duration of subscription + 3 years |
| **Title & Description** | Process and respond to feedback | Duration of subscription + 3 years |
| **Contact Email** (optional) | Follow-up communication | Until feedback resolved or withdrawn |
| **Product Version** | Contextual debugging | Duration of subscription + 3 years |

### 13.2 Automatic Privacy Sanitization (ADR 090)

**Important**: All feedback submissions are automatically sanitized before transmission to TruOptim. The following sensitive data patterns are automatically redacted:

| Data Type | Example | Sanitized To |
|-----------|---------|--------------|
| **IP Addresses** | `192.168.1.100`, `fe80::1` | `[IP_REDACTED]` |
| **OPC UA Node IDs** | `ns=2;s=Tank.Level` | `[NODE_REDACTED]` |
| **Hostnames** | `plc01.factory.local:4840` | `[HOST_REDACTED]` |
| **File Paths** | `C:\Config\secrets.xml`, `/etc/opcua/server.conf` | `[PATH_REDACTED]` |
| **Sensor Values** | `98.6°C`, `1013.25 mbar`, `450 rpm` | `[VALUE]` |

This automatic sanitization ensures:
- **No accidental data leakage**: Even if you inadvertently include sensitive data in your feedback, it will be redacted before reaching TruOptim
- **Compliance protection**: Helps satisfy DLP (Data Loss Prevention) policies
- **Privacy by design**: Aligns with IEC 62443 secure-by-default principles

**You cannot disable this sanitization.** This is by design to protect your proprietary industrial data.

### 13.4 Feedback Accessibility

The `support_submit_feedback` tool is accessible to **all users** (not just administrators). Privacy protection is achieved through automatic sanitization rather than access restriction, enabling meaningful support access while preventing data leakage.

### 13.5 Feedback Responses

When TruOptim responds to your feedback:

- Responses are stored locally in your gateway deployment
- Accessible via the `support_view_my_feedback` MCP tool
- TruOptim retains a copy for quality assurance and pattern analysis
- No industrial data or Customer Data is included in responses

### 13.6 Proactive Notifications

The `support_get_notifications` tool generates suggestions based on:

| Data Source | Purpose | Processing Location |
|-------------|---------|---------------------|
| **Subscription Status** | Trial expiration warnings | Your gateway + Control Plane |
| **Usage Metrics** | Credit/signal threshold alerts | Your gateway |
| **Edge Health** | Connectivity alerts | Your gateway |
| **Source Health** | OPC UA connection status | Your gateway |

**Important**: Proactive notifications are generated locally from aggregated metrics. No industrial process values or Customer Data are transmitted for this purpose.

### 13.7 Recovery Email and Transactional Communications (ADR 191, ADR 230, ADR 237)

During deployment, you provide a **recovery email address**. This email is used exclusively for transactional service communications:

| Email Type | Purpose | Legal Basis |
|------------|---------|-------------|
| **Welcome Email** | Login URL, credentials reminder, getting started guide | Contract performance |
| **Password Reset** | Account recovery if admin password is lost | Contract performance |
| **Trial Expiration Warning** | Notification at 7, 3, and 1 day(s) before trial ends | Legitimate interest |
| **Usage Entitlement Warning** | Notification when approaching credit/signal limits | Legitimate interest |

**Email Provider:** Transactional emails are sent via **Google Workspace SMTP** (smtp.gmail.com). Google processes email addresses solely for delivery purposes under their Data Processing Agreement.

**Important:**
- These are **transactional service emails**, not marketing
- You cannot unsubscribe from critical service notifications (password reset, welcome)
- Usage warnings help you avoid service interruption
- No industrial data or Customer Data is included in these emails

### 13.8 In-Product Notifications

In addition to email, trial and usage notifications are also delivered through:

| Channel | Notification Types |
|---------|--------------------|  
| `support_get_notifications` MCP tool | Trial expiration, usage thresholds, system health |
| UI Banner | Trial countdown, subscription status |

These in-product notifications do NOT require your email address and are generated locally from aggregated metrics.

---

## 14. THIRD-PARTY AI AGENTS

**14.1 AI Agent Privacy.** When you connect AI Agents (such as Claude, Microsoft Copilot, or ChatGPT) to the Software, those AI Agents may process your data according to their own privacy policies:

- **Anthropic (Claude)**: https://www.anthropic.com/privacy
- **Microsoft (Copilot)**: https://privacy.microsoft.com
- **OpenAI (ChatGPT)**: https://openai.com/privacy

**14.2 No TruOptim Responsibility.** TruOptim is not responsible for the data processing practices of third-party AI Agents. You should review their privacy policies before connecting them to the Software.

**14.3 Data Shared with AI Agents.** When an AI Agent makes MCP tool calls through the Software, the following may be shared with the AI Agent:
- Industrial data values you request
- Metadata about your data sources
- Results of operations you authorize

You control what data AI Agents can access through RBAC configuration.

---

## 15. CHANGES TO THIS POLICY

**15.1 Updates.** We may update this Privacy Policy from time to time. We will notify you of material changes by:
- Posting a notice in the Software
- Sending an email to the address associated with your account
- Updating the "Last Updated" date above

**15.2 Continued Use.** Your continued use of the Software after changes become effective constitutes acceptance of the updated Privacy Policy.

---

## 16. CONTACT US

**16.1 Privacy Questions.** For questions about this Privacy Policy or our data practices:

**Email**: privacy@truoptim.com

**Post**:  
Data Protection Officer  
TruOptim Solutions Ltd  
205 Regent Street, 4th Floor  
London, England, W1B 4HB  
United Kingdom

**16.2 Response Time.** We aim to respond to privacy inquiries within 30 days.

---

## 17. DATA PROTECTION OFFICER

TruOptim has designated a Data Protection Officer who can be contacted at:

**Email**: dpo@truoptim.com

**Post**:  
Data Protection Officer  
TruOptim Solutions Ltd  
205 Regent Street, 4th Floor  
London, England, W1B 4HB  
United Kingdom

---

## 18. LEGAL BASIS SUMMARY (GDPR/UK GDPR)

| Processing Activity | Legal Basis | Article |
|---------------------|-------------|---------|
| Account management | Contract performance | 6(1)(b) |
| Billing | Contract performance | 6(1)(b) |
| Support | Contract performance | 6(1)(b) |
| Security | Legitimate interests | 6(1)(f) |
| Product improvement | Legitimate interests | 6(1)(f) |
| Marketing (with consent) | Consent | 6(1)(a) |
| Legal compliance | Legal obligation | 6(1)(c) |

---

**Copyright © 2025-present TruOptim Solutions Ltd. All rights reserved.**

*This Privacy Policy is effective as of the Effective Date stated above.*