Sign In Get in touch
Legal

Privacy Policy

Effective date: January 1, 2025  ·  Thordin AI LLC

Thordin AI LLC ("Thordin AI," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you visit our website (thordinai.com) or use our services. Please read this policy carefully. If you disagree with its terms, please discontinue use of our site.

1. Information We Collect

1.1 Information You Provide Directly

We only collect information you actively submit to us. This includes:

  • Contact & inquiry submissions — when you fill out our contact form we collect your name, email address, phone number (optional), company name (optional), the service you're interested in, and your message.
  • Client account data — if you are onboarded as a client, we store your business name, email address, phone number, and website URL.
  • Portal authentication — clients access the self-service portal using their unique client ID and the email address on file. We do not issue passwords for the client portal.
  • Payment information — billing details and payment method data are collected and processed entirely by Stripe. We store only your Stripe customer ID and subscription status; full card numbers are never held on our servers.
  • Communications — emails or messages you send us directly.

1.2 Information Collected Automatically

We run a lightweight, privacy-first analytics system on client websites (not on visitors to thordinai.com itself). When our tracker script is embedded on a client's site, it records:

  • Page URL — the full URL of the page visited.
  • Referrer domain — the domain of the site that linked to the page (e.g. "google.com" or "direct"). Only the domain is stored — the full referrer URL is never persisted.
  • Visit timestamp — bucketed to the hour of day and day of week for aggregate reporting.
  • Button/link interaction labels — the visible text of inquiry buttons a visitor clicks (e.g. "Get a Quote"), used to measure conversion intent.

We do not collect IP addresses, browser type, operating system, device identifiers, or any information that could individually identify a visitor to a client site. All analytics data is aggregated by day — no individual visit records are retained.

1.3 Vercel Platform Telemetry

Our site is hosted on Vercel, which provides optional Speed Insights and Web Analytics tooling. Where enabled, these tools collect aggregated, anonymised performance metrics. Vercel's analytics do not use cookies or fingerprinting and cannot identify individual users. See Vercel's privacy documentation for details.

2. How We Use Your Information

We use the information we collect solely to:

  • Respond to your inquiry and discuss whether our services are a fit for your business.
  • Onboard you as a client and manage your account, subscriptions, and invoices.
  • Process payments and send receipts, invoices, and billing notices via Stripe.
  • Provide clients with aggregated traffic analytics and inquiry-click data for their own websites.
  • Send transactional communications related to your account (service updates, meeting confirmations, invoice notifications).
  • Send marketing communications — only with your explicit consent. You may opt out at any time by replying to any email or contacting us directly.
  • Comply with legal obligations and enforce our agreements.

We do not sell, rent, or share your personal data with third parties for their own marketing purposes.

3. Sharing of Information

We may share your information only in the following limited circumstances:

  • Stripe — payment processing. Your billing details are transmitted directly to Stripe under their privacy policy. We receive only a customer ID and subscription status in return.
  • Gmail / Google — email routing. When a client's account has the AI Email Agent service enabled, inbound and outbound emails processed by that agent are routed through Gmail's servers (Google LLC) as part of the message delivery infrastructure. This means email content and associated metadata (sender, recipient, timestamps) may pass through and be temporarily processed by Google's systems, subject to Google's terms of service and privacy policy.
  • Vercel — hosting and infrastructure. Vercel processes request data as part of serving our site, subject to their data processing agreement.
  • Professional advisors — lawyers or accountants acting under confidentiality obligations, only when necessary.
  • Legal authorities — when required by applicable law, court order, or to protect the rights and safety of Thordin AI, our clients, or the public.
  • Business transfers — in the event of a merger or acquisition, your data may transfer to the successor entity. We will notify you before it becomes subject to a different privacy policy.

No other third parties receive your personal data.

4. Cookies & Tracking

Our website (thordinai.com) does not use advertising cookies or third-party trackers. We use one type of cookie:

  • Session cookie — a single server-side session cookie is set when staff log in to the internal dashboard. It expires when the browser is closed or on logout. The client portal does not use cookies — portal access is stateless, authenticated per-request via client ID and email.

Our analytics tracker (embedded on client sites, not on thordinai.com) sends data via navigator.sendBeacon without setting any cookies.

5. Data Retention

  • Contact inquiries — retained until actioned, then archived for up to 24 months, after which they are deleted.
  • Client account data — retained for the duration of your engagement plus 36 months, or until you request deletion (subject to financial record requirements below).
  • Financial & payment records — retained for 7 years as required by applicable tax and accounting regulations.
  • Analytics data — aggregated daily documents are retained for up to 13 months on a rolling basis, then deleted.

6. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Access — request a copy of the personal data we hold about you.
  • Correction — request correction of inaccurate or incomplete data.
  • Deletion — request erasure of your data, subject to legal retention requirements.
  • Portability — receive your data in a structured, machine-readable format.
  • Objection / Restriction — object to or restrict certain processing activities.
  • Withdraw consent — where processing is based on consent (e.g. marketing emails), you may withdraw it at any time.

To exercise any of these rights, email support@thordinai.com. We will respond within 30 days. We may need to verify your identity before acting on a request.

California residents (CCPA/CPRA): You have the right to know what personal information is collected, to delete it, and to opt out of its sale. We do not sell personal information.
EEA/UK residents (GDPR): Our lawful bases for processing are contractual necessity (account management, payments), legitimate interests (analytics, fraud prevention), and consent (marketing). You may lodge a complaint with your local supervisory authority.

7. Security

We implement appropriate technical and organisational safeguards including TLS encryption for all data in transit, hashed credential storage, and access controls limiting data access to authorised personnel only. Payment data is never stored on our infrastructure — it flows directly to Stripe.

No system is perfectly secure. If you suspect any unauthorised access to your account, please contact us immediately at support@thordinai.com.

8. Children's Privacy

Our services are directed at businesses and are not intended for individuals under the age of 16. We do not knowingly collect personal information from children. If you believe we have done so, contact us and we will delete the data promptly.

9. Changes to This Policy

We may update this policy from time to time. When we do, we will revise the effective date above and, for material changes, provide prominent notice. Continued use of our services after changes take effect constitutes acceptance of the revised policy.

10. Contact Us

Questions, concerns, or data requests:

Company Thordin AI LLC
Email support@thordinai.com
Response Within 2 business days
Last updated January 1, 2025  ·  Thordin AI LLC