Privacy Notice

Last updated: November 24, 2025

1. Introduction

Superficial Labs, Inc. ("Superficial Labs", "Company", "we", or "us") is an artificial intelligence research and product company.

This Privacy Notice ("Notice") explains how we collect, use, and disclose your information when you access or use our website, applications, or services, or otherwise interact with us (collectively, the "Services").

For the purposes of this Notice, Superficial Labs, Inc. is the data controller of your information.

By using our Services, you agree to the practices described in this Notice. If you do not understand or agree with this Privacy Notice, please do not use our Services.

If you have questions about this Notice or wish to exercise your privacy rights, you can contact us at:

privacy@superficiallabs.com

2. Changes to This Privacy Notice

We may update this Notice from time to time. When we do, we will publish the updated version here, along with the effective date.

If we make material changes to how we use or disclose personal information, we will provide additional notice in accordance with applicable law.

3. Personal Information We Collect and How We Use It

We collect personal information from a variety of sources when you use our Services. In addition to the purposes listed below, we may use personal information to:

  • provide, maintain, and improve the Services;
  • enhance the safety and security of the Services;
  • communicate with you and provide customer support;
  • comply with legal obligations;
  • prevent fraud, misuse, or illegal activity;
  • enforce our Terms of Service;
  • protect our rights and the rights of users, employees, and others.

3.1 Information You Provide to Us

Communications information:

When you communicate with us—such as via email or social media—we collect your name, email address, and any other information you choose to share.

This is processed in our legitimate interest to communicate with you and respond to your inquiries.

3.2 Information We Collect Automatically

We and third parties may automatically collect certain information when you use the Services. Some of this information is collected via cookies and similar technologies, which you may disable in your browser; however, doing so may affect certain features.

This information is processed in our legitimate interest to operate, analyse, secure, and improve the Services. Where required by law, we will obtain your consent for non-essential cookies.

Device information:

Device type, unique device identifiers, operating system, browser type, and IP address.

Location information:

Approximate location derived from your IP address.

Log data:

Technical information sent by your browser, such as settings, timestamps, and events.

Usage data:

Pages viewed, referring URLs, interactions with the website, and similar usage patterns.

Do Not Track signals:

Our website is not currently configured to respond to browser-based "Do Not Track" or "Global Privacy Control" signals.

3.3 Information We Receive from Third Parties

We may receive personal information from:

  • Service providers supporting our infrastructure, security, analytics, or hosting;
  • Publicly available sources, including social media or websites;
  • Other third parties assisting us in delivering and improving the Services.

4. How We Disclose Personal Information

We may disclose personal information to the following third parties for the purposes described:

Service providers:

Cloud hosting, analytics, security, email and communication services, and other operational vendors.

Affiliates:

Other entities within our corporate group, where needed to operate our Services or business.

Professional advisors:

Legal, accounting, auditing, and consulting advisors for compliance and protection of our rights.

Business transactions:

In connection with (or during negotiations for) a merger, acquisition, financing, asset sale, bankruptcy, or similar event.

Government authorities:

To comply with applicable laws, respond to regulatory inquiries, enforce our Terms of Service, or protect the safety of our users, employees, or the public.

5. How Long We Store Personal Information

We retain personal information only for as long as necessary for the purposes described in this Notice.

Retention periods depend on:

  • whether we need the information to provide Services;
  • legal and regulatory obligations;
  • dispute resolution needs;
  • fraud prevention and security obligations;
  • the sensitivity and nature of the information.

6. How We Protect Personal Information

We use reasonable administrative, technical, and organisational measures to protect personal information from loss, misuse, unauthorised access, or disclosure.

However, no security method is perfect, and we cannot guarantee absolute security.

We encourage you to exercise caution when sharing information with us.

7. Your Privacy Rights

Depending on your jurisdiction, you may have the right to:

  • Access personal information we hold about you;
  • Delete your personal information;
  • Correct inaccurate information;
  • Receive a copy of personal information in transferable form;
  • Restrict or object to certain processing;
  • Withdraw consent where processing is based on consent.

These rights may not be absolute. We may deny your request where permitted by law.

To exercise your rights, contact us at:

privacy@superficiallabs.com

We may need to verify your identity (and any authorised agent) before processing your request.

Where legally required, you may also appeal a decision by contacting us at the same address.

We will not discriminate against you for exercising your privacy rights.

8. Children's Privacy

Our Services are not intended for children under 13, and we do not knowingly collect personal information from them.

If you believe a child has provided information to us, contact us at privacy@superficiallabs.com, and we will take reasonable steps to delete it.

9. Third-Party Sites and Integrations

Our Services may include links or integrations with third-party websites or services.

We are not responsible for the privacy practices of those third parties.

We encourage you to review their privacy notices before sharing personal information with them.

10. Additional U.S. State Disclosures

Certain U.S. state laws (including the California Consumer Privacy Act, "CCPA") require additional disclosures.

Categories of Personal Information We Collect

  • Identifiers (e.g., name, IP address, device information)
  • Customer Records information (e.g., name)
  • Internet and network activity (e.g., usage data)
  • Geolocation data (approximate location)

Uses of Personal Information

  • Communicating with you
  • Operating and improving the Services
  • Conducting research
  • Preventing fraud or illegal activity
  • Complying with legal obligations
  • Ensuring security and service integrity

Disclosures of Personal Information

  • Service providers
  • Government or regulatory bodies where required by law

We do not "sell" or "share" personal information as defined by the CCPA, nor do we knowingly sell or share personal information of individuals under 16.

We only use or disclose sensitive personal information for purposes permitted by the CCPA or with your consent.

11. Data Transfers

Superficial Labs is based in the United States and Australia.

Your information may be transferred to, processed, or stored in countries outside your residence, which may have different data protection laws.

Where required, we will take steps to ensure appropriate safeguards are in place.

12. Contact Us

If you have questions, concerns, or wish to exercise your privacy rights, contact us at:

privacy@superficiallabs.com