Privacy Policy

How we collect, use, and protect your information.

Last updated: February 22, 2026

1. Introduction

TAURUS AI Corp (“we,” “us,” or “our”) is a corporation registered in Ontario, Canada. We operate the BizFlow™ Property Assessment platform, a regulatory intelligence and compliance analytics service.

This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our website and services. By using our platform you agree to the practices described in this policy.

For any privacy-related inquiries, you may contact us at admin@taurusai.io.

2. Information We Collect

We collect the following categories of personal data through our assessment request form and related interactions:

Contact Information — Full name, email address, phone number (optional), and company name.
Property Details — Property type (office, retail, logistics, mixed-use), property location, area or community, and any additional notes you provide.
Technical Data — IP address, browser type, and device information collected automatically through server logs.

3. How We Use Your Data

We use the information we collect for the following purposes:

  • 1.Assessment Delivery — To prepare and deliver your requested property assessment reports.
  • 2.Communications — To send you assessment status updates, report delivery notifications, and respond to your inquiries.
  • 3.Service Improvement — To analyze aggregated, anonymized usage patterns and improve our services.
  • 4.Legal Compliance — To comply with applicable laws, regulations, and legal processes.

4. Data Storage & Security

Your data is processed and stored using the following infrastructure:

Google Sheets

Form submissions are stored in encrypted Google Workspace with enterprise-grade security controls.

Vercel

Serverless function logs are retained for operational monitoring and automatically purged per Vercel retention policies.

Resend

Transactional emails are sent via Resend with TLS encryption. Email logs are retained for delivery verification.

We implement appropriate technical and organizational measures to protect your data against unauthorized access, alteration, disclosure, or destruction.

5. Third-Party Services

We share data with the following third-party service providers strictly for the purposes outlined in this policy:

Provider Purpose Data Shared
Google (Workspace) Form data storage Name, email, property details
Vercel Website hosting & serverless functions IP address, request logs
Resend Transactional email delivery Email address, name
Google Fonts Typography rendering IP address (automatic)

We do not sell, rent, or trade your personal data to any third parties for marketing purposes.

6. Data Retention

We retain your personal data for a maximum of 36 months from the date of your last interaction with our services. After this period, your data is permanently deleted from all our systems and third-party storage. You may request earlier deletion at any time by contacting us at admin@taurusai.io.

7. Your Rights Under GDPR

If you are located in the European Economic Area (EEA) or the United Kingdom, you have the following rights under the General Data Protection Regulation (GDPR):

Right of Access

Request a copy of the personal data we hold about you.

Right to Rectification

Request correction of inaccurate or incomplete data.

Right to Erasure

Request deletion of your personal data (“right to be forgotten”).

Right to Data Portability

Receive your data in a structured, machine-readable format.

Right to Restrict Processing

Request limitation on how we process your data.

Right to Object

Object to processing based on legitimate interests or direct marketing.

To exercise any of these rights, please contact us at admin@taurusai.io. We will respond to your request within 30 days.

8. DIFC Data Protection Compliance

For clients operating within the Dubai International Financial Centre (DIFC), we process personal data in accordance with the DIFC Data Protection Law No. 5 of 2020 and its accompanying regulations. DIFC-based data subjects enjoy rights substantially equivalent to those outlined under the GDPR in Section 7 above. The DIFC Commissioner of Data Protection may be contacted for any unresolved privacy concerns.

9. UAE Federal Data Protection Compliance

We comply with the UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data and its Executive Regulations. This includes ensuring lawful bases for data processing, implementing appropriate security measures, and respecting the rights of data subjects as set forth under UAE federal law. Cross-border data transfers are conducted in accordance with the adequacy and safeguard requirements of the Decree-Law.

10. Cookies & Tracking

Our website does not use tracking cookies, analytics cookies, or advertising cookies. We do not employ any third-party analytics or tracking scripts.

The only external resource loaded is Google Fonts, which may set functional cookies or collect your IP address as part of font delivery. This is governed by Google’s Privacy Policy.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. Any material changes will be communicated by posting the revised policy on this page with an updated “Last updated” date. We encourage you to review this page periodically.

12. Contact Us

For any privacy-related questions, data access requests, or concerns:

Company: TAURUS AI Corp

Location: Ontario, Canada

Email: admin@taurusai.io