Assemble Platforms Privacy Notice

Last Updated: February 13, 2026

Assemble Platforms, Inc. ("Assemble Platforms," "we," "us," or "our") provides this Privacy Notice to describe how we collect, use, disclose, and otherwise process personal information in connection with our websites, cloud services, and other online products and services that link to this Privacy Notice (collectively, the "Services"), as well as rights and choices available to individuals regarding their personal information.

1. Information We Collect

1.1 Information You Provide

We collect information you provide directly, including:

• Account Information: name, email address, company name, job title, and password when you create an account.
• Payment Information: billing address and payment method details. Payment processing is handled by third-party processors; we do not store full credit card numbers.
• Communications: information you provide when you contact us for support, send us messages, or participate in surveys or promotions.
• Customer Content: data, files, configurations, and other content you submit to or through the Services.

1.2 Information Collected Automatically

When you use the Services, we automatically collect certain information, including:

• Usage Data: information about how you interact with the Services, including features used, actions taken, timestamps, and frequency of use.
• Device and Connection Information: IP address, browser type, operating system, device identifiers, and network information.
• Log Data: server logs that record requests made to the Services, including request type, date and time, referring URL, and other diagnostic data.
• Cookies and Similar Technologies: we use cookies, pixels, and similar technologies to operate and improve the Services. See Section 7 (Cookies) for more details.

1.3 Information from Third Parties

We may receive information about you from third parties, including:

• Cloud infrastructure providers you connect to the Services.
• Identity providers if you use single sign-on (SSO).
• Publicly available business information for sales and marketing purposes.

2. How We Use Information

We use personal information for the following purposes:

• Provide and Maintain the Services: to operate, deliver, and improve the Services, including processing transactions and providing customer support.
• Security and Fraud Prevention: to detect, prevent, and respond to security incidents, fraud, and abuse.
• Communications: to send you transactional messages (e.g., account notifications, billing), respond to your inquiries, and, with your consent where required, send marketing communications.
• Analytics and Improvement: to understand how the Services are used, identify trends, and improve functionality and user experience.
• Compliance: to comply with applicable laws, legal processes, and regulatory requirements.
• Aggregated and De-identified Data: we may aggregate or de-identify personal information so that it can no longer reasonably identify you, and use such data for any business purpose, including product development and analytics.

3. How We Share Information

We do not sell personal information. We may share personal information in the following circumstances:

• Service Providers: with vendors and service providers who process information on our behalf, such as cloud hosting, payment processing, analytics, and customer support, subject to contractual obligations to protect your information.
• Business Transfers: in connection with a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of the transaction.
• Legal Requirements: when required by law, regulation, legal process, or governmental request, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
• With Your Consent: in other circumstances where you have provided your consent to sharing.
• Within Your Organization: if you use the Services as part of an organization's account, the account administrator may access your information in accordance with the organization's policies.

4. Data Retention

We retain personal information for as long as necessary to fulfill the purposes described in this Privacy Notice, unless a longer retention period is required or permitted by law. When determining retention periods, we consider the nature of the information, the purposes for processing, applicable legal requirements, and our legitimate business needs.

Customer Content is retained in accordance with our Cloud Service Agreement. Upon termination of an account, Customer Content will be deleted within 60 days of request, subject to applicable legal obligations.

5. Data Security

We implement appropriate technical and organizational measures designed to protect personal information against unauthorized access, alteration, disclosure, or destruction. These measures include encryption in transit and at rest, access controls, regular security assessments, and incident response procedures. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

6. International Data Transfers

Your information may be transferred to and processed in countries other than the country in which you reside. These countries may have data protection laws that are different from the laws of your country. We take appropriate safeguards to ensure that your personal information remains protected in accordance with this Privacy Notice, including the use of Standard Contractual Clauses or other approved transfer mechanisms where required.

7. Cookies and Tracking Technologies

We use cookies and similar technologies to:

• Essential Cookies: enable core functionality of the Services, such as authentication and security.
• Analytics Cookies: help us understand how the Services are used so we can improve them.
• Preference Cookies: remember your settings and preferences.

You can control cookies through your browser settings. Disabling certain cookies may affect the functionality of the Services.

8. Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal information:

• Access: request a copy of the personal information we hold about you.
• Correction: request that we correct inaccurate or incomplete personal information.
• Deletion: request that we delete your personal information, subject to certain exceptions.
• Portability: request a copy of your personal information in a structured, machine-readable format.
• Objection: object to certain processing of your personal information.
• Restriction: request that we restrict the processing of your personal information.
• Withdrawal of Consent: where processing is based on consent, you may withdraw your consent at any time.

To exercise these rights, please contact us at hello@skypilot.co. We will respond to your request within the timeframe required by applicable law.

Marketing Communications: you can opt out of marketing emails by clicking the "unsubscribe" link in any marketing email or by contacting us. You will continue to receive transactional messages related to your account.

9. Children's Privacy

The Services are not directed to individuals under the age of 16, and we do not knowingly collect personal information from children under 16. If we learn that we have collected personal information from a child under 16, we will take steps to delete that information promptly.

10. California Privacy Rights

If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with additional rights regarding your personal information, including the right to know what personal information we collect, the right to delete your personal information, and the right to opt out of the sale of your personal information. As stated above, we do not sell personal information. To exercise your California privacy rights, please contact us at hello@skypilot.co.

11. European Privacy Rights

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have rights under the GDPR or equivalent legislation. Our legal bases for processing personal information include: performance of a contract, legitimate interests (such as providing and improving the Services, security, and fraud prevention), compliance with legal obligations, and your consent. You have the right to lodge a complaint with your local data protection authority.

12. Changes to This Privacy Notice

We may update this Privacy Notice from time to time. If we make material changes, we will notify you by posting the updated Privacy Notice on this page with a revised effective date. We encourage you to review this Privacy Notice periodically.

13. Contact Us

If you have questions or concerns about this Privacy Notice or our privacy practices, please contact us at:

Assemble Platforms, Inc.
Email: hello@skypilot.co