Infinity Loop Privacy Policy
Effective Date: October 7, 2024

This Privacy Policy describes how Infinity Loop (“Infinity Loop” or “the Company”) collects, uses, protects, and discloses data submitted by customers during the use of its proprietary contract intelligence and negotiation optimization services (“Services”).

1. Definitions

  • Customer: The entity using Infinity Loop’s Services to analyze contracts.
  • User: An individual authorized by the Customer to access the Services.
  • Service Data: Contracts, documents, metadata, and related content submitted by or on behalf of a Customer.
  • Personal Data: Any information that identifies a person, such as name or email address, included in account data or contract submissions.
  • Process: Any operation performed on data, including collection, storage, analysis, retention, and deletion.
  • Aggregated Data: Combined statistical or metadata-based information that does not identify any specific Customer or User and cannot be reverse-engineered to do so.

2. Scope of Policy

This policy applies to:

  • Contracts and documents submitted for analysis
  • Metadata generated through platform use
  • Contact and account information for authorized Users

Infinity Loop operates as a data processor with respect to Customer-submitted contracts and processes such data solely for the purpose of providing and improving the Services, under the instructions of each Customer or as otherwise permitted herein.

3. Types of Data Collected

Infinity Loop collects the following categories of data:

  • Contract Content: Submitted agreements, clauses, addenda, and appendices
  • Metadata: Timestamps, usage frequency, clause types, and platform interactions
  • Account Information: Names, email addresses, job titles, and affiliated organizations
  • Support Communications: Emails, tickets, and messages exchanged between Customers and Infinity Loop for support purposes

No sensitive personal data (such as financial account numbers, government identifiers, or health data) is intentionally collected or required for use of the Services.

Class actions and jury trials are expressly waived. Either party may seek injunctive relief in a court of competent jurisdiction to protect its confidential information or intellectual property.

4. Use of Data

Collected data is used to:

  • Provide and improve contract analysis, negotiation recommendations, and benchmarking insights
  • Operate and maintain platform functionality
  • Deliver support and resolve technical issues
  • Secure, audit, and monitor usage in accordance with service terms
  • Comply with applicable legal obligations

Contract content is not used for marketing, advertising, or any commercial activity unrelated to the Services.

5. Data Ownership and Confidentiality

All contract data, inputs, and resulting outputs submitted to the Services remain the sole property of the Customer. Infinity Loop claims no ownership over Customer-submitted contract content.

All Service Data is handled as confidential information. It is logically segregated from other customers’ data and protected using strict role-based access controls. Internal access is limited to authorized personnel bound by confidentiality obligations and granted access solely for the purpose of supporting and operating the Services.

6. Aggregated Analysis and Competitive Protections

Infinity Loop may use metadata and derived statistics from Customer activity to perform aggregate analysis, enhance machine learning models, and improve overall service quality. However, to safeguard each Customer’s confidentiality and protect against competitive risk, the following restrictions apply:

  • No identifiable contract content, pricing information, redlines, or clause language shall be included in aggregate analysis
  • All aggregation processes shall utilize anonymized and statistically combined data across a sufficient number of Customers to ensure no individual Customer’s business model, contract structure, or negotiation strategy can be inferred
  • Aggregated insights shall never be used to generate benchmarking, comparisons, or recommendations that expose or imply any specific Customer’s practices, terms, or results
  • Contract content shall not be used to populate shared clause libraries, prompt templates, suggestion engines, or reusable outputs without express written authorization from the originating Customer
  • Under no circumstance shall one Customer’s contract data or derived insights be used to benefit another Customer, directly or indirectly

Customers may request to opt out of all aggregate analysis usage. Such requests will be honored without impacting access to or performance of the Services.

7. Subprocessors and Third-Party Tools

Infinity Loop engages reputable third-party subprocessors to support infrastructure and service delivery (e.g., cloud hosting, support ticketing). Each subprocessor is contractually required to maintain confidentiality, enforce data protection measures, and comply with applicable data privacy laws.

A list of subprocessors may be provided upon request. No contract data is shared with advertisers or resold to any third parties.

8. Security Measures

Infinity Loop maintains a comprehensive security program aligned with industry standards and includes:

  • Encryption in transit and at rest
  • Logical data separation across customer environments
  • Multi-factor authentication for administrative access
  • Intrusion detection, logging, and monitoring
  • Regular vulnerability assessments and independent audits

Security practices are reviewed and updated on a regular basis to maintain protection against evolving threats.

9. Data Retention and Deletion

Contract data is retained only as long as required to provide the Services or to fulfill legal and regulatory obligations. Customers may request deletion of their data at any time by contacting privacy@infinityloop.ai. Unless otherwise requested or required, all Customer data will be permanently deleted within 30 days of termination or cancellation of the applicable service subscription.

10. Customer Rights

Subject to applicable laws, Customers and Users may exercise the following rights:

  • Access to stored data
  • Rectification of inaccurate information
  • Deletion or anonymization of data
  • Objection to certain processing activities
  • Data portability for contract-related content

Requests may be submitted to privacy@infinityloop.ai and will be addressed in accordance with relevant legal timeframes.

11. International Transfers

Infinity Loop hosts and processes all Service Data within secure data centers located in the United States. In cases where Customers are located outside the U.S., data transfers are subject to appropriate legal mechanisms including the use of Standard Contractual Clauses (SCCs), as approved by applicable regulators.

Infinity Loop does not transfer contract content or customer data to jurisdictions outside the U.S. unless:

  • Such transfer is legally authorized and contractually protected under applicable data transfer frameworks, and
  • The recipient is subject to equivalent data protection obligations through contract or regulation.

Infinity Loop does not authorize subprocessors to store or process Customer data outside of approved jurisdictions without prior review and written assurance of compliance with applicable legal and contractual protections.

12. Changes to This Policy

This Privacy Policy may be updated periodically. Material changes will be communicated via the platform or by direct communication with Customers. Continued use of the Services following such changes constitutes acceptance of the revised terms.

13. Contact Information

Questions, concerns, or data requests may be directed to:

Infinity Loop Legal
legal@infinityloop.ai
privacy@infinityloop.ai