Privacy Policy
This Privacy Policy explains how AII IoTech (India) Private Limited, doing business as APEX (“Apex”, “we”, “us”), collects, uses, and protects personal information when you use ApexOS Cloud Connect, the Oasis customer portal, and related services (the “Service”). We aim to collect only what we need to run the Service, and we do not sell your personal information.
1. Information we collect
We collect the following categories of information:
- Account information — your email address, and a password hash if you set one. If you sign in with a third-party provider (Google, Microsoft, or Apple), we receive a stable account identifier and your verified email from that provider.
- Service configuration — your chosen cloud address (subdomain), device registrations, and the integrations you link.
- Billing information — subscription status and identifiers from our payment provider (Razorpay). Card and payment-instrument details are handled by Razorpay; we do not store full payment-card numbers.
- Operational data — connection metadata, device status, logs, and timestamps needed to relay and secure traffic between your devices and the clients you authorise.
- Technical data — IP address, browser type, and similar information generated when you interact with the Service.
2. How we use information
We use this information to:
- provide, operate, secure, and maintain the Service;
- authenticate you and protect your account;
- process subscriptions and prevent billing abuse;
- send service and security notifications (for example, sign-in alerts, password changes, and account confirmations);
- diagnose problems, improve reliability, and develop new features;
- comply with legal obligations.
3. Single sign-on
When you choose to sign in with Google, Microsoft, or Apple, we use that provider only to verify your identity and email. We receive a verified email address and a stable identifier; we do not receive your provider password. We request the minimum scope needed to sign you in.
4. How we share information
We do not sell your personal information. We share it only with:
- Service providers who process data on our behalf to run the Service — for example, our payment provider (Razorpay) and our email provider — under appropriate confidentiality obligations;
- Integrations you choose to link, such as Google Home or Amazon Alexa, to the extent needed to provide the connection you requested;
- Authorities where required by law, or to protect the rights, safety, and security of Apex, our users, or the public.
5. Data retention
We keep personal information for as long as your account is active and as needed to provide the Service, then for a reasonable period afterwards to meet legal, accounting, or security requirements. When you delete your account, we delete or anonymise your personal information except where retention is legally required. Operational logs are kept for a limited time and then removed or aggregated.
6. Security
We use technical and organisational measures to protect your information, including encryption of traffic in transit, hashed passwords, and access controls. No method of transmission or storage is completely secure, so we cannot guarantee absolute security, but we work to protect your data and to notify you of significant incidents where required.
7. Your rights
Subject to applicable law, you may access, correct, export, or delete your personal information, and object to or restrict certain processing. You can update your email, set or change your password, manage passkeys, unlink single sign-on, and delete your account from the Oasis portal. To make other requests, contact us using the details on our website.
8. Children’s privacy
The Service is not directed to children, and we do not knowingly collect personal information from anyone under the age required to use the Service. If you believe a child has provided us information, contact us and we will take appropriate steps.
9. International processing
We operate from India and may process and store information there or with service providers located elsewhere. Where information is transferred across borders, we take steps consistent with applicable law to protect it.
10. Changes to this policy
We may update this Privacy Policy from time to time. If we make material changes, we will take reasonable steps to notify you. Your continued use of the Service after changes take effect constitutes acceptance of the updated policy.
11. Contact
For privacy questions or to exercise your rights, contact our support team via the contact details on our website.