Privacy Policy

This policy covers business and website information we collect in connection with marketing, demonstrations, licensing inquiries, customer support, and general use of our publicly available web properties.

Operational mission data processed within deployed COTS environments is handled according to the customer’s license, deployment architecture, and contractual requirements. We do not use this website to collect classified information, and classified processing occurs only under separate authorized agreements and accredited environments.

The information we collect depends on how you interact with us—as a website visitor, prospective customer, licensed user, or contracting counterpart.

• Business contact information, including name, work email, phone number, organization, title, and contracting role when you request a demo, download materials, respond to an RFI, or contact us.
• Procurement and program details reasonably necessary to respond to inquiries, prepare quotes, or support contract administration, such as agency name, contract vehicle, CAGE code references, and billing contacts.
• Account and authentication data for licensed users of our COTS products, including user identifiers, role assignments, access logs, and configuration preferences.
• Product usage and telemetry needed to operate, secure, and support the platform, such as session metadata, error logs, performance metrics, and feature utilization, subject to customer configuration and contract terms.
• Customer-provided content processed within the product—including uploaded documents, queries, workflow outputs, and integration data—solely to deliver licensed functionality.
• Website technical data such as IP address, browser type, referral source, and cookie-based analytics for site performance and security monitoring.

We use information for legitimate business purposes related to delivering and improving our COTS software and services, supporting customers, and meeting our obligations as a government contractor and commercial vendor.

• Operating, maintaining, and securing Civil Environment Navigator and related offerings.
• Responding to sales, support, and contracting inquiries; administering licenses, renewals, and service entitlements.
• Providing customer support, patch delivery, release notes, and incident response coordination.
• Meeting recordkeeping, audit, and compliance obligations under applicable law and customer contracts.
• Improving product reliability, usability, and security through aggregated or de-identified analysis where permitted.
• Detecting unauthorized access, abuse, or misuse of our systems and services.

Civil Environment Navigator includes agentic and AI-assisted capabilities. Unless otherwise agreed in writing, we do not use customer operational content submitted through licensed deployments to train general-purpose models for unrelated customers.

Prompts, outputs, and workflow artifacts may be temporarily processed to deliver requested functionality, maintain audit logs, and troubleshoot support issues. Retention, isolation, and export controls for such data are defined by deployment model—cloud, customer-managed, or disconnected—and by applicable license or contract terms.

We do not sell personal information. We share information only as needed to operate our business, deliver contracted services, or comply with law.

• Infrastructure, hosting, monitoring, and support vendors bound by confidentiality and security obligations appropriate to the services they provide.
• Prime contractors, subcontractors, or integrators where necessary to fulfill a program requirement, always subject to applicable flow-down and need-to-know constraints.
• Professional advisors such as legal, accounting, insurance, or compliance consultants under confidentiality obligations.
• Government agencies, auditors, or law enforcement when required by lawful process, regulation, or contractual reporting obligation.
• Successors in a merger, acquisition, or reorganization, with continued protection consistent with this policy and existing customer agreements.

When we perform under U.S. federal, state, local, or allied government contracts, data handling may be subject to the Federal Acquisition Regulation (FAR), Defense Federal Acquisition Regulation Supplement (DFARS), agency-specific clauses, and customer security policies.

Requests involving Controlled Unclassified Information (CUI), export-controlled technical data, or other sensitive categories are addressed through applicable contract instruments, deployment architecture, and authorized environments—not through general website submission.

We support customer requirements for auditability, access control, and incident notification through product features and contractual terms negotiated for each program.

We retain information for as long as reasonably necessary to provide services, honor license terms, satisfy legal and contractual obligations, resolve disputes, and maintain business records. Retention periods vary by data category, deployment type, and customer direction.

Government and enterprise customers may specify retention, return, or destruction requirements in license agreements, DD Form 254 equivalents, or data handling appendices.

We maintain administrative, technical, and physical safeguards designed to protect information consistent with the nature of our COTS products and the expectations of defense and public-sector customers. Controls may include access management, encryption in transit, logging, vulnerability management, and secure software development practices.

No system is completely secure. Authorized deployment options—including customer-controlled hosting and disconnected environments—allow agencies and programs to align architecture with their authority to operate (ATO) or equivalent accreditation requirements.

You may opt out of non-essential marketing communications by using unsubscribe links or contacting us directly. Website visitors may manage cookie preferences through browser settings where applicable.

Depending on jurisdiction, individuals may have rights to access, correct, delete, or restrict certain processing of personal information. Government and enterprise users should also coordinate requests through their organization’s program or security office when operational data is involved.

Submit privacy requests to contact@asymmais.com. We may verify identity and authority before responding.

We are headquartered in the United States. Information may be processed in the U.S. and, where necessary to deliver services, in other locations subject to appropriate contractual and legal safeguards. Deployments for allied or foreign government customers are structured to meet applicable export, hosting, and data residency requirements.

We may update this Privacy Policy to reflect changes in our products, business practices, or legal requirements. The “Last updated” date above indicates when this page was last revised. Material changes will be posted here or communicated through appropriate customer channels.

Privacy inquiries and requests may be directed to:

Asymmetric AI Solutions St. Louis, MO CAGE: XXXXX contact@asymmais.com