Privacy Policy

 
Effective starting: September 1st, 2023
 
Welcome to OneStepAI.com platform, provided and operated by Intratel Sp. z o.o. and our subsidiaries and affiliates (hereinafter also referred to as “OneStepAI,” "We," "Our," or "Us"). As we recognize and respect your of personal information and so is being transparent about how we collect, use, and share information about you, this Policy explains:
 

What information we collect

How we use information we collect

Sharing of information we collect

Protection and Retention of the Information We Collect

How to access and control your information

European Union (EU), Iceland, Lichtenstein, Norway or United Kingdom users

California Requirements

International transfer of Personal Data

Children’s

Changes to this Policy

How to contact us

 
The administrator of Personal Data collected through OneStepAI website and Services is Intratel Sp. z o.o. with its registered office in Bialystok, address: Al. 1000-lecia P.P. 39A, 15-111 Bialystok (hereinafter referred to us: „Intratel”), VAT ID: PL5422204578, KRS: 0000170746 (Intratel”).
 
This Policy describes our personal information handling practices and policies. Using or accessing our website, services, applications and content (“Service”) we offer, you agree that you are authorized to provide that information and you are consenting to the collection, manipulation, storage, disclosure and other uses of your information as described in this document.
 
This document supersedes all forms of this document previously published by OneStepAI. If you do not agree to our Policy, please do not register, subscribe, create an account, or otherwise interact with our OneStepAI website and our Service.
 
In cases where we deliver our Service through a contractual agreement with an entity (such as your employer), it is important to note that this entity has authority over the information managed by our Service. This policy does not pertain to situations where we handle personal information solely as a service provider acting on behalf of these organizations.
 
 
We may gather your personal information and other data from multiple sources and through various means, including:
You (when you provide personal information directly to Us):
 
  • When you register, create or modify your profile, set preferences, sign-up for or make purchases through the Services on OneStepAI.com platform provided by us or our business partners through your customer or user account. For this purposes we may collect the following types of information:
- User Information, including but not limited to the full name, company name, telephone number, address, email address, other addresses at which you receive communication from or on  behalf of Us, IP address, landing page, and referring URL. User Information is collected for every user upon registration and use of the Services.
- Billing Information, including the full billing name, address, telephone number, email address, other addresses at which you receive communication from or on behalf of Us regarding your billing process.
- Payment information - currently we do not collect, store or use any financial information, such as your credit card number, expiration date, billing address or other financial information. That kind of information is collected and stored only by our third party payment processing partners. The use and storage of your financial information is governed by the Payment Processors’ applicable terms of service and policy.
 
  • Your utilization of our Services or the Services of our business partners:
- Service Information, including but not limited to information about the Services you use and how you access the Services. Unless otherwise set by other agreement, we do not process or use any passwords to the Services.
- Sending personal information including but not limited to images, videos, text or other metadata attached , some of which may contain data constituting personal information.
- Device/IP information such as IP address or browser.
 
  • Correspondence with us via email, telephone calls, chat, social media, and other communication methods:
- User Information, including but not limited to the full name, company name, telephone number, address, email address, URLs of publicly available accounts on social networks such as LinkedIn, online Identifiers, social media profile IDs, credentials from other online services, other addresses or identifiers at which you receive communication from or on behalf of Us, IP address, landing page, and referring URL.
 
  • Interaction with other users of the Services and sharing the content;
- Sending personal information including but not limited to images, videos, text or other metadata attached to such personal information, some of which may contain data constituting personal information.
 
  • Subscribing to our marketing materials:
- User Information, including but not limited to the full name, company name, telephone number, address, email address, URLs of publicly available accounts on social networks such as LinkedIn, online Identifiers, social media profile IDs, credentials from other online services, other addresses or identifiers at which you receive communication from or on behalf of Us, IP address, landing page, and referring URL.
 
You (when personal information is automatically collected):
 
  • Cookies (please refer to our "Cookies Policy");
  • Using certain applications and software available on Our platform (such as e.g. API), when the Services may receive and collect information transmitted from your computing device for the purpose of providing you the Services, such us IP address, browser, geographic location.
 
You - adding annotations constituting personal information to the data you send to Us by using our Services - models and algorithms to make predictions about such data, or by adding tags describing such data), some of which may contain data constituting personal information.
 
Us - adding annotations constituting personal information about you to (i) the data you send to us, (ii) the data Third-Party users send to us or (iii) the publicly available data or datasets that we leverage through our models and algorithms for predictive purposes, or by adding tags that describe such data.
 
Third-Party (users) – we may receive personal information from third party users when:
 
  • Using our Services and sending Us personal information, including images, videos, text, geolocation or other metadata related to such personal information;
  • Using certain applications and software available on Our platform (such as API) , when the Services may receive and collect information transmitted from their computing device for the purpose of providing them Services , that may include personal information;
  • Adding annotations constituting personal information to the data they send to Us by using our Services (models and algorithms to make predictions about such data, or by adding tags describing such data).
 
Third Parties (Third-Party Service providers) - we may receive personal information from third parties we collaborate with, including but not limited to our business partners, service providers, subcontractors, channel partners, resellers, and advertising networks. We also use analytics service providers to analyze how you use the Services (browsing history, search history, geographic information, length of visit, pageviews, referral source, adID, forms submitted, content downloaded).
 
Third Parties (Social networks) - providing social network account credentials to Us or otherwise sign in to the Services through a third-party site or service, some content and/or information in those accounts may be transmitted into your Account with Us:
- URLs of publicly available accounts on social networks such as LinkedIn, online Identifiers, social media profile IDs, credentials from other online services you use to access the Services (such as but not limited to email address, full name and profile image from when you sign into our Service using Google Sign-In or other Social networks).
 
Each social media platform has a policy statements that governs its use of social media features. We strongly recommend to review the policy of social media and their features.
 
Third Parties (Publicly available sources) – we utilize publicly available data and/or datasets, some of which may contain data constituting personal information (such us images or videos of individuals, text data).
 
 
Unless otherwise stated herein, We use your Personal Information, where permitted by applicable law, in order to provide you the Services that you requested or were interested in. Therefore, below are the specific purposes for which your Personal information may be used:
 
  • We may use Personal Information to provide and customize the Services to you, including: (i) creating and managing your account or other user profiles, (II) billing, (iii) providing support and assistance for the Services, (iv) providing support and assistance for the Services, (v) providing you or the applicable Third-Party user with the products, Services, and information requested and meeting or fulfilling related purposes (for example, using Personal Data provided to us to perform image recognition services, including facial recognition services);
  • We may use Personal Information to improve the Services, including: (i) improving the quality of the product through research and development, (ii) improving the Services through testing, internal analytics, product development, (iii) to identify usage, trends, activity patterns, and areas for integration;
  • We may use Personal Information to contact you for (i) administrative purposes such as customer service, responding to your inquiries and fulfilling your requests; (ii) to address intellectual property infringement, right of violations; (iii) communicating with you about the Services, including Service announcements, updates or offers related to our Services and the activities of third parties we work with.
  • We may use Personal Information to fulfill legal requirements, like: (i) fulfilling our legal obligations under applicable law, regulation, court order or other legal process, such as detecting and investigating security incidents and potentially illegal or prohibited activities, (ii) verification of accounts and activity, to detect, prevent, and respond to actual or potential security incidents and to monitor and protect against other malicious, deceptive, fraudulent or illegal activity, including violations of Service policies, (iv) protecting the rights, property or safety of you, Us or Third Parties, (v) responding to your inquiries and fulfilling your requests, (vi) resolving disputes, (vii) enforcing any agreements with you responding to claims that any posting or other content violates third-party rights;
  • We may use Personal Information to market and promote our Services: (i) sending occasionally promotional communications that may be of specific interest to you, including emails, displaying onestepai.com ads on other companies’ websites and applications, (ii) communication about new Services, product offers, promotions, and contests. .
  • We cooperate with third party service providers to provide website, maintenance, hosting, and other services for us. To the extent it is necessary for these third party service providers to complete their contractual obligations to us, these third parties may have access to or process your personally identifiable information. Generally, these disclosures are made under terms comparable to this policy, and the recipients are limited to using the information the purpose for which it was provided.
  • We make certain automatically collected and other aggregate non-personally-identifiable information available to third parties, to: (i) comply with various reporting obligations; (ii) for business or marketing purposes; or (iii) to assist such parties in understanding our users’ interests, habits, and usage patterns for certain programs, content, services, advertisements, promotions, and/or functionality available through the Services.
 
 
The information We collect will not be shared or disclosed without your permission, except for the limited conditions described below. In certain circumstances, we may disclose your Personal Data to the following categories of service providers and other parties:
 
Service Providers and Business Partners - In order to support our business operations, such as (but not limited to) fulfilling your orders, following up on requests, providing support, we may share personal information with service providers. Service providers and Business Partners are required by contract to keep the information received on behalf of Us confidential and secure and not use it for any purpose other than the purpose for which it was provided to them. These service providers and business partners include, for example:
  • Payment Processors - our payment processing partner (currently …) collects your payment card information necessary to process your payment. We strongly recommend to review the terms of service and policy (https://....com/legal) for information on its use and storage of personal data;
  • Technology and Communications Providers; Fulfillment Providers; Data Storage Providers – (i) performing operational services (such as billing, hosting, fulfillment, data storage, security services, web service analytics) and/or providing certain services, features or functionality available to our users; (ii) performing services on our behalf, including maintaining accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, providing analytic services, or providing similar services; (iii) undertaking internal research for technological development; (iv) debugging to identify and repair errors that impair existing intended functionality and/or undertaking activities to verify or maintain the quality or safety of our services.
  • Security and Fraud Prevention Consultants – performing such activities like: detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity.
 
Third-party Users – any information that a user may share with other users is not in any way private. We recommend that you carefully consider whether to disclose any Personal Data in any information you share with other users. What is shared may be seen and/or collected by other third parties and may be used by others in ways we are unable to control or predict
 
With your consent - we may share your Personal Data with third parties when you give us consent to do so. For example, we display case studies, personal testimonials of satisfied customers on our websites. With your consent, we may post your name alongside the case study or testimonial. We will also share your Personal Data if you intentionally interact with any social media service through the Services.
 
Compliance with Enforcement Requests and Applicable Laws; Enforcement of Our Rights - sometimes, we may be required to share Personal Information as required by law or legal process, such as responding to a duly authorized information request of a police or governmental authority or as part of a legal process (like a lawsuit or arbitration). If we are permitted to do so, we will notify you or the applicable Third-Party User that provided us with such information of any such requirement before we comply. We intend to defend our customers’ rights against unlawful search and seizure. We may, also share Personal Information to enforce or protect Our rights, when such disclosure is necessary or appropriate, to prevent physical harm or financial loss as permitted by applicable law, or in connection with an investigation when illegal activity is suspected.
 
Business Transfers - We may share personal information in the context of a business transaction involving part or all of Intratel Sp. z o.o., such as a merger, consolidation, acquisition bankruptcy or other transaction, in which that third party assumes control of Our business (in whole or in part). Such transactions may involve the disclosure of Personal Information to prospective or actual purchasers, or the receipt of it from sellers. It is Our practice to make sure that proper protection for information in these types of transactions will be provided. Should one of these events occur, we will make reasonable efforts to notify you before your information becomes subject to different and security policies and practices Following such a business transaction, you may contact the entity to which we transferred your personal information with any inquiries concerning the use of your information.
 
 
Guarding the safety of your Personal Information and the details of any transactions made is very important to us. We take appropriate organizational, technical and administrative security measures based on the type of Personal Data and how we are processing that data to protect your data against unauthorized disclosure or processing.
 
We endeavor to follow generally accepted industry standard methods and ways of securing Personal Data submitted to us, during transmission and in storage. We protect user information with the following industry standard security measures: secure servers, firewalls, registry data encryption, data file encryption, SSL encryption of sensitive information and other proprietary technologies and procedures which are used to protect of Personal Data.
 
To ensure the safety of the information you provide to Us, you should also help protect your data by considering following rules:
- do not share your account details with unauthorized people. That includes websites on which there is a risk that someone would have access to your information such as forums, community sites or social networking sites;
- limit access to your computer or device and browser;
- sign off after you have finished accessing your account;
- use a strong password and keep your password safe;
- always keep your browser updated.
 
You should keep in mind however, that while we implement safeguards designed to protect your information, no security system is impenetrable and due to the inherent nature of the Internet, we cannot guarantee that information, during transmission through the Internet or while stored on our systems or otherwise in our care, is absolutely safe from intrusion by others. Please be aware that no method of transmitting data over the Internet or storing data is completely secure. We cannot and do not guarantee the complete security of any data shared with us, and except as expressly required by law, we are not responsible for the theft, destruction, loss or inadvertent disclosure of your information or content.
 
If at any time during or after our relationship we believe that the security of your Personal Data may have been compromised, we may seek to notify you or the Third-Party User that provided us with your Personal Data of that development. If a notification is appropriate, we will endeavor to notify you or such Third-Party User as promptly as possible under the circumstances. If we have your email address, we will notify you by email to the most recent email address you have provided us in your account profile (please, always keep your email address in your account up to date). You consent to our use of email as a means of such notification.
 
We retain Personal Data related to your account for as long as you have an open account with us or as otherwise necessary to provide Services to you or the Third-Party User that provided us with your Personal Data, and a reasonable period thereafter in case you decide to re-activate the Services. In some cases we retain Personal Data for longer, if doing so is necessary to comply with our legal obligations, resolve disputes, to enforce our agreements, to support business operations, and to continue to develop and improve our Services, or if you or the Third-Party user that provided us with your Personal Data have given us express consent to retain Personal Data for longer. Where we retain information for Service improvement and development, we take steps to eliminate information that directly identifies you, and we only use the information to uncover collective insights about the use of our Services. We may further retain information in an anonymous or aggregated form where that information would not identify you personally.
 
If the Services are made available to you through an organization (e.g., your employer), we retain your information as long as required by the administrator of your account. If your account is deactivated or disabled, some of your information and the content you have provided (information you share on the Services) will remain in order to allow your team members or other users to make full use of the Services.
 
If you have elected to receive marketing emails from Us, we retain information about your marketing preferences for a reasonable period of time from the date you last expressed interest in our Services.
 
We retain information derived from cookies and other tracking technologies for a reasonable period of time from the date such information was created.
 
 
You have certain choices available to you when it comes to your Personal Data. You have the right to request a copy of your information, to object to our use of your information (including for marketing purposes), to request the deletion or restriction of your information, or to request your information in a structured, electronic format. Below, we describe the processes for making these requests. You can exercise some of the choices by logging into the Services and using settings available within the Services or your account. If the Services are made available to you and administered through an organization (e.g., your employer), you may need to contact your administrator to assist with your requests first. For all other requests, you may contact us as provided in the Contact Us section below to request assistance.
 
Your request and choices may be limited in certain cases: for example, if you ask to delete information which we are permitted by law or have compelling legitimate interests to keep. If you have unresolved concerns, you may have the right to complain to a data protection authority in the country where you live, or where you feel your rights were infringed.
 
Access and update your personal data - you may review, update or correct your Personal Information in your Account by editing your profile from within the Service or by contacting us as provided in the Contact Us section.
 
Deleting your Personal Data - you have the right to delete your Personal Data or request that we delete the Personal Data that we have collected from you. Please note, however, that this right is subject to certain exceptions: for example, we may need to retain your Personal Data for record keeping purposes, to complete transactions or to comply with our legal obligations If your deletion request is subject to one of these exceptions, we may deny your deletion request.
 
Request restriction of processing your personal data - in some cases, you have the right to ask us to stop storing, accessing, and otherwise processing your information where you believe we do not have the appropriate rights to do so. Where you gave us consent to use your information for a limited purpose, you can contact us to withdraw that consent, but this will not affect any processing that has already taken place at the time. You have also the right to opt-out of our use of your information for marketing purposes by contacting us, as provided below.
 
Opt out of communications – we provide users with the opportunity to subscribe to various sales and marketing communications. These communications include updates about Services, promotions, events, or career opportunities. You may opt out of receiving promotional communications from us by using the unsubscribe link within each email, updating your email preferences within your Service account settings menu, or by contacting us as provided below to have your contact information removed from our promotional mailing list or registration database.
 
Data portability - data portability gives you the right to obtain some of your information in a format you can move from one service provider to another. Depending on the context, this applies to some of your information, but not to all of your information. Should you request it, we will provide you with an electronic file of your account information.
 
 
If you are a resident of the European Union (“EU”), Iceland, Lichtenstein, Norway or United Kingdom, you may have additional rights under the EU General Data Protection Regulation (the “GDPR”). If there is any conflict between this Policy and the GDPR, the GDPR principles shall govern with respect to residents of the EU.
 
For this section, we use the terms “personal data” and “processing” as they are defined in the GDPR, but “personal data” generally means information that can be used to individually identify a person, and “processing” generally covers actions that can be performed in connection with data such as collection, use, storage and disclosure. We will be the controller of your personal data processed in connection with the Services. We collect and process information about you only where we have legal bases for doing so under GDPR. The legal bases depend on the Services you use and how you use them.
 
Under the GDPR, you have the right to:
 
  • Access your personal data (Article 15 GDPR);
  • Update your personal data (Article 16 GDPR);
  • Request deletion of your personal data (Article 17 GDPR);
  • Request restriction of processing your personal data (Article 18 GDPR);
  • Request portability of your personal data (Article 20 GDPR).
 
In order to meet these request, we will ask you to provide a contact email address. This allows us to send you the information you requested, or to confirm completion of any request mentioned above (Article 19 GDPR).
 
If you are dissatisfied with the handling of your personal data by Us, you have the right to lodge a complaint about Our practices with respect to your personal data with the supervisory authority of your country or EU Member State. A list of Supervisory Authorities is available here: https://edpb.europa.eu/about-edpb/board/members_en. (Article 21 GDPR). You may also send your concerns or objections about the processing of your personal data to This email address is being protected from spambots. You need JavaScript enabled to view it..
 
If you are a resident of the United Kingdom, We will comply with the UK Data Protection Act of 2018 and you may exercise your rights thereunder as described above.
 
Where we are using your information because we or a third party (e.g. your employer) have a legitimate interest to do so, you have the right to object to that use though, in some cases, this may mean no longer using the Services.
 
 
Exercising Your Rights.
If you are a resident of California, you may have additional rights granted to you under the California Consumer Protection Act (CCPA). This policy outlines the tools we have provided to empower you to exercise your data rights according to the CCPA, such as the right to have your data deleted and the right to request access to the categories of information we have gathered about you. We encourage you to take control of your information and utilize the controls we have integrated into our Services. Rest assured, we won't treat you unfairly for exercising your rights under the CCPA. To safeguard your data from unauthorized access or deletion, we might request additional information for verification purposes. If we cannot confirm your identity, we will not be able to provide or delete your information.
 
Sharing Your Personal Information
We do not sell your personal information. However, we do share your data with others as explained in the "Sharing of information we collect" section of this policy. We also display ads that we believe are relevant to you. We have furnished more details on how you can manage your advertising preferences and do-not-track settings within this policy.
 
Processing Your Information
This policy outlines the types of personal information we may collect, the sources from which we collect it, and our policies regarding data deletion and retention. We have also included information about how we may process your data, including for "business purposes" as defined by the CCPA. This includes activities such as safeguarding against illegal activities and developing new products, features, and technologies. If you have questions about the specific categories of information we might collect about you, please refer to the section of this policy titled "What Information We Collect." For more comprehensive information about our data processing activities, please consult the section titled "How We Use Information We Collect."
 
 
International transfer
We collect information globally and may transfer, process and store your information outside of your country of residence, to wherever we or our third-party service providers operate for the purpose of providing you the Services. Intratel is an organization, with business processes and technical systems that operate across borders. However the OneStepAI.com platform and all Services are hosted and operated in Poland and the United States through Intratel and its service providers, you need to remember that other countries may differ from the laws where you reside. By accessing OneStepAI platform, registering for an account or Services, providing us otherwise with your personal information, you acknowledge that any Personal Data about you, regardless of whether provided by you or obtained from a third party, is being provided to Intratel and will be hosted on servers located in Poland or in the U.S. When we share information we make use of standard contractual data protection clauses, which have been approved by the European Commission, and we rely on the EU-U.S. Shield Framework to safeguard the transfer of information we collect from the European Economic Area, the United Kingdom (the “UK”), and Switzerland.
 
Some of the third parties described in this policy, which provide services to us under contract, may be based in other countries that may not have equivalent and data protection laws to the country in which you reside. When we share information of customers in the European Economic Area, the UK, or Switzerland, we make use of the EU-U.S. and Swiss-U.S. Shield Frameworks, European Commission-approved standard contractual data protection clauses, binding corporate rules for transfers to data processors, or other appropriate legal mechanisms to safeguard the transfer. Please see our Shield Notice below
 
Shield Notice
Intratel complies with the EU-U.S. and Swiss-U.S. Shield Framework regarding the collection, use, and retention of Personal Data transferred between the European Union and the United States. If there is any conflict between the terms in this policy and the Shield Principles, the Shield Principles shall govern. To learn more about the Shield program, and to view our certification, please visit https://www.shield.gov.
 
Under the EU-U.S. and Swiss-U.S. Shield Frameworks, we are responsible for the processing of information about you we receive from the EU, the UK, and Switzerland and onward transfers to a third party acting as an agent on our behalf. We comply with the Shield Principles for such onward transfers and remain liable in accordance with the Shield Principles if third-party agents that we engage to process such information about you on our behalf do so in a manner inconsistent with the Shield Principles, unless we prove that we are not responsible for the event giving rise to the damage.
 
In compliance with the Shield Principles, Intratel commits to resolving complaints about our collection or use of your Personal Data. Individuals with inquiries or complaints regarding our Shield policy should first contact Us, as provided in the Contact Us section below.
 
Other important information
 
Our Services are designed for both individual and organizational use. If you access the Services through an organization, such as your employer, that organization acts as the administrator for the Services and manages the accounts and/or Services available to you under its authority. In such cases, if you have questions about data , please reach out to your administrator, as your use of the Services is governed by the organization's policies, which may differ from this policy. We are not responsible for the or security practices of the administrator's organization.
 
If you prefer that an administrator does not have control over your account or use of the Services, you should register for or access the Services using your personal email address. If an administrator has not yet taken control of your account or access to the Services, you can change the email address associated with your account through your profile settings. However, once an administrator assumes control, you will require their approval to change the email address associated with your account.
 
For more information, please contact your organization or consult your administrator's organizational policies.
 
 
Our OneStepAI.com platform and Services are not designed, nor directed at, children less than 13 years of age, and children under 13 are prohibited from using the Services. If you are a child under 13, please do not attempt to register for or otherwise use the Services or send us any Personal Data. By accessing, using and/or submitting information to or through the Services, you represent that you are not under 13. If we become aware that a child under 13 has provided us with personal information, we will take steps to delete such information.
 
If you are between age 13 and the age of majority in your place of residence, you may use the Services only with the consent of or under the supervision of your parent or legal guardian. If you are a parent or legal guardian of a minor child, you may, use the Services on behalf of such minor child. Any information that you provide us while using the Services on behalf of your minor child will be treated as personal information as otherwise provided herein.
 
 
We encourage you to review our Policy periodically as OneStepAI reserves the right to update, revise, amend, or modify this Policy from time to time. If we make material changes to this Policy, we will notify you here, by email, or by means of a notice on our homepage prior to the change becoming effective.
 
It is important for you to know that at all times you are responsible for updating your Personal Information to provide us with your most current e-mail address. In the event that the last e-mail address that you have provided us is not valid, or for any reason is not capable of delivering to you the notice described above, our dispatch of the e-mail containing such notice will nonetheless constitute effective notice of the changes described in the notice. If you do not wish to permit changes in our use of your Personal Information, you must notify us prior to the effective date of the changes that you wish to deactivate your Account with us.
 
If you disagree with any changes to this policy, you will need to stop using the Services and deactivate your account(s), as outlined above.
 
 
If you have any questions, concerns, or requests related to this Policy, or if you would like to make any recommendations or comments to improve the quality of our Policy, please contact us at This email address is being protected from spambots. You need JavaScript enabled to view it..
 
By using OneStepAI platform, you agree to the terms outlined in this Policy.