Privacy Policy

We collect only the minimum information necessary to operate our platform and respond to your inquiries.

• •Account and Contact Information: When you create an account, submit an inquiry, or engage with us, we may collect your name, email address, organization name, and job title.
• •Technical Information: Our servers automatically log limited technical data such as IP addresses, browser type, operating system, and referring URLs. This data is used solely for security monitoring and service reliability.
• •User-Submitted Content: Any information you voluntarily provide through forms, engagement requests, or credential operations within our platform.
• •We do not use cookies, tracking pixels, or any browser-based tracking technologies. See our Cookie Policy for details.

We use the information we collect for the following purposes:

• •To provide, maintain, and improve our platform and services.
• •To respond to your inquiries, engagement requests, and support needs.
• •To send transactional communications related to your account or requests.
• •To detect, prevent, and address security incidents, fraud, or technical issues.
• •To comply with applicable legal obligations.
• •We do not sell, rent, or trade your personal information to third parties. We do not use your data for advertising, profiling, or behavioral targeting.

We process personal data under the following legal bases, as applicable under GDPR and similar frameworks:

• •Consent: Where you have given explicit consent for a specific purpose (e.g., submitting an inquiry form).
• •Contractual Necessity: Where processing is necessary to perform a contract with you or to take pre-contractual steps at your request.
• •Legitimate Interest: Where processing is necessary for our legitimate business interests (e.g., security monitoring, service improvement), provided those interests are not overridden by your rights.
• •Legal Obligation: Where processing is required to comply with applicable law.

Your data is stored on secure, encrypted infrastructure. We employ industry-standard technical and organizational measures to protect personal information against unauthorized access, alteration, disclosure, or destruction.

• •These measures include encryption in transit and at rest, strict access controls, regular security assessments, and infrastructure monitoring.
• •We retain personal data only for as long as necessary to fulfill the purposes described in this policy, or as required by applicable law. When data is no longer needed, it is securely deleted or anonymized.

We do not sell your personal information under any circumstances.

• •We may share limited information only in the following situations:
• •Service Providers: With trusted third-party service providers who perform services on our behalf (e.g., cloud hosting, email delivery), bound by contractual obligations to protect your data and use it only as directed.
• •Legal Requirements: When required by law, regulation, legal process, or governmental request.
• •Safety and Security: To protect the rights, property, or safety of Soulverse Inc., our users, or the public, as required or permitted by law.

Soulverse Inc. is incorporated in Michigan, United States. If you access our services from outside the United States, your information may be transferred to and processed in the United States or other jurisdictions where our infrastructure is located.

• •For transfers from the European Economic Area (EEA), United Kingdom, or Switzerland, we rely on appropriate safeguards such as Standard Contractual Clauses (SCCs) approved by the European Commission, or other lawful transfer mechanisms.

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• •Right of Access: Request a copy of the personal data we hold about you.
• •Right to Rectification: Request correction of inaccurate or incomplete data.
• •Right to Erasure: Request deletion of your personal data, subject to legal retention requirements.
• •Right to Restriction: Request that we limit processing of your data in certain circumstances.
• •Right to Data Portability: Request your data in a structured, machine-readable format.
• •Right to Object: Object to processing based on legitimate interest or for direct marketing.
• •Right to Withdraw Consent: Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
• •To exercise any of these rights, contact us at the address provided below. We will respond within the timeframe required by applicable law (typically 30 days under GDPR, 45 days under CCPA).

European Economic Area, United Kingdom, and Switzerland (GDPR): You have the rights described in Section 7. You also have the right to lodge a complaint with your local data protection supervisory authority.

• •California (CCPA/CPRA): California residents have the right to know what personal information is collected, to request deletion, and to opt out of the sale of personal information. Soulverse does not sell personal information. You will not be discriminated against for exercising your privacy rights.
• •Brazil (LGPD): Brazilian data subjects have rights of access, correction, anonymization, portability, deletion, and information about sharing. You may contact us or the Brazilian National Data Protection Authority (ANPD) for inquiries.
• •Canada (PIPEDA): Canadian users have the right to access and correct their personal information. We collect, use, and disclose personal information only for purposes that a reasonable person would consider appropriate.
• •India (DPDPA): We process personal data based on consent or legitimate use as defined by applicable law. Indian data principals have rights of access, correction, erasure, and grievance redressal.