Visca

Legal · v0.1 draft

Privacy Policy

How Visca, Inc. collects, uses, and protects personal data — for visitors to visca.ai, users of Visca Cloud, and individuals whose data is processed by autonomous systems built on Visca.

Last updated 2026-05-11Effective 2026-05-11

1. Scope

This Privacy Policy describes how Visca, Inc. ("Visca," "we," "us") collects, uses, discloses, and protects personal data when you visit our websites, register for an account, use Visca Cloud, or otherwise interact with us. This policy is supplemented by our Cookie Policy and, for customers, by our Data Processing Agreement (available on request).

2. Roles under data-protection law

Visca acts as a controller for personal data about visitors, prospects, account administrators, and end users of our marketing properties. Visca acts as a processor when our customers configure autonomous systems on Visca Cloud that process personal data on their behalf.

3. Personal data we collect

Information you provide

  • Contact information when you register, contact sales, or attend events;
  • Account credentials and organization metadata;
  • Billing information for paid plans;
  • Content you submit to the Services (Customer Data).

Information collected automatically

  • Device and browser information, IP address, and operating-system metadata;
  • Usage patterns within Visca Cloud and our documentation, collected via first-party analytics;
  • Cookie and similar technology data described in our Cookie Policy.

Information from third parties

  • Identity provider data when you sign in via Okta, Azure AD, Google, or similar;
  • Payment processor data;
  • Publicly available business information for sales and outreach.

4. How we use personal data

  • To provide and operate the Services — authentication, capability grants, audit emission, support;
  • To secure the Services — detect, prevent, and respond to abuse, fraud, and security incidents;
  • To improve the Services — aggregate analytics, feature development;
  • To communicate — service announcements, support replies, marketing where permitted;
  • To comply with law — respond to lawful requests, exercise legal rights.

5. Sharing

We do not sell personal data. We share personal data with:

  • Subprocessors we engage to operate the Services (infrastructure, payment, support tooling) under written terms requiring confidentiality and security commensurate with our own;
  • Customers when you act under their account or interact with their autonomous systems (in our processor role);
  • Authorities when required by law and where permitted, with notice to the affected party.

A current list of subprocessors is available at /legal/subprocessors.

6. International transfers

Visca operates globally. Where personal data is transferred from one jurisdiction to another, we rely on appropriate safeguards such as Standard Contractual Clauses or equivalents, and we apply organizational measures to protect data consistent with the level of protection in the originating jurisdiction.

7. Retention

We retain personal data for as long as needed to provide the Services, comply with legal obligations, resolve disputes, and enforce agreements. Audit records emitted to Chronicle follow the retention configured by the customer; we do not unilaterally extend customer retention without consent.

8. Your rights

Depending on your jurisdiction, you may have the right to access, correct, delete, or port your personal data; to object to or restrict certain processing; and to lodge a complaint with a supervisory authority. To exercise these rights, contact privacy@visca.ai. For data processed by Visca on a customer's behalf, contact the customer first; we will forward requests as appropriate.

9. Security

Visca implements administrative, technical, and physical safeguards designed to protect personal data, including encryption in transit and at rest, identity-based access controls, and continuous auditing through Chronicle. See our Security Policy.

10. Children

Visca is not directed to children under sixteen (16). We do not knowingly collect personal data from children. If you believe we have done so, contact privacy@visca.ai.

11. Changes

We may update this Privacy Policy from time to time. Material changes will be communicated by email or notice in the Services prior to taking effect.

12. Contact

Privacy questions and requests: privacy@visca.ai. Postal address available on request.