← Back to Home

Privacy Policy

Effective March 9, 2025 · Last updated March 9, 2025

1. Introduction

Mecano Labs Inc. ("MecanoAI," "we," "us," or "our") operates the website mecanoai.com and related services (collectively, the "Services"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or interact with our Services.

By accessing or using our Services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with the terms of this policy, please do not access the Services.

2. Information We Collect

a. Information Collected Automatically

When you access our Services, we may automatically collect certain information about your device and usage, including:

  • Device & Browser Information — IP address, browser type and version, operating system, device identifiers, and screen resolution.
  • Usage Data — pages visited, time spent on pages, referring and exit URLs, click patterns, and navigation paths.
  • Network Information — internet service provider, connection type, and approximate geographic location derived from IP address.

This information is collected through standard web server logs, content delivery network (CDN) access logs, and web application firewall (WAF) logs for security, performance monitoring, and access control purposes.

b. Information You Provide Directly

We may collect information that you voluntarily provide when you:

  • Contact us via email or through any contact forms on the website.
  • Create an account or register for access to restricted areas of the Services.
  • Subscribe to communications or updates from MecanoAI.
  • Submit feedback, bug reports, or research inquiries.

This may include your name, email address, professional affiliation, and any other information you choose to provide.

c. Account & Authentication Data

If you create an account to access restricted areas of our Services (such as internal tools or research platforms), we collect your registration credentials, authentication tokens, and session metadata necessary to provide secure access.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Service Operations — to operate, maintain, and improve our website and Services.
  • Security & Access Control — to monitor for and protect against unauthorized access, security threats, and abuse; to enforce IP-based access controls on restricted areas of the site.
  • Analytics & Performance — to analyze usage patterns, diagnose technical issues, and optimize service delivery and performance.
  • Communications — to respond to your inquiries, provide requested information, and send service-related notices.
  • Legal Compliance — to comply with applicable laws, regulations, legal processes, or enforceable governmental requests.

We do not use your personal information for automated decision-making or profiling that produces legal effects.

4. Disclosure of Information

We do not sell, rent, or trade your personal information to third parties. We may share information in the following limited circumstances:

  • Service Providers — we use third-party infrastructure providers (detailed in Section 6) that process data on our behalf to deliver the Services. These providers are contractually obligated to protect your information.
  • Legal Requirements — we may disclose information if required by law, subpoena, court order, or other legal process, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
  • Business Transfers — in the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.

5. Cookies & Tracking Technologies

Our approach to cookies and tracking is minimal by design:

Type Used Purpose
Essential/Session Cookies Yes Authentication, security, and basic functionality for logged-in users
Analytics Cookies No
Advertising/Tracking Pixels No
Third-Party Tracking No

We do not use third-party analytics, advertising cookies, or tracking pixels. You can configure your browser to refuse cookies, though this may limit functionality for authenticated features.

6. Third-Party Services

Our Services rely on the following third-party infrastructure providers. These services may process request metadata (IP addresses, HTTP headers, request timestamps) as part of their standard operation:

Provider Service Data Processed
Amazon Web Services (AWS) S3 (storage), CloudFront (CDN), WAF (security) Request metadata, IP addresses, access logs
Google Fonts Web typography delivery IP address, browser user-agent (per Google’s privacy policy)
GitHub Source code hosting None (no user data transmitted to GitHub from the website)

We encourage you to review the privacy policies of these providers for details on how they handle data.

7. Data Retention

We retain personal information only for as long as necessary to fulfill the purposes described in this policy, unless a longer retention period is required or permitted by law. Specifically:

  • Server & CDN access logs are retained for up to 90 days for security monitoring and then automatically deleted.
  • WAF logs are retained for up to 30 days for threat analysis.
  • Account data is retained for the duration of your account and deleted upon request or account closure.
  • Contact inquiries are retained for up to 12 months unless an ongoing relationship exists.

8. Data Security

We implement industry-standard technical and organizational measures to protect the information we process, including:

  • Encryption in transit via TLS 1.2+ on all connections.
  • Encryption at rest via AES-256 for stored data.
  • Web Application Firewall (WAF) with IP-based access controls for restricted endpoints.
  • Access controls with least-privilege principles for infrastructure access.

No method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

9. Your Rights & Choices

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Right of Access — request a copy of the personal data we hold about you.
  • Right to Rectification — request correction of inaccurate or incomplete personal data.
  • Right to Erasure — request deletion of your personal data, subject to legal retention requirements.
  • Right to Restrict Processing — request that we limit how we use your data.
  • Right to Data Portability — request a machine-readable copy of data you provided to us.
  • Right to Object — object to processing based on legitimate interests.

To exercise any of these rights, please contact us at privacy@mecanoai.com. We will respond to your request within 30 days, or as required by applicable law.

10. International Data Transfers

Our Services are hosted in the United States. If you access our Services from outside the United States, your information may be transferred to, stored, and processed in the United States where our servers are located. By using our Services, you consent to the transfer of your information to the United States, which may have different data protection laws than your country of residence.

11. Children’s Privacy

Our Services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we learn that we have collected personal information from a child under 16, we will take steps to delete that information as quickly as possible. If you believe a child under 16 has provided us with personal information, please contact us at privacy@mecanoai.com.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will update the "Last updated" date at the top of this page. We encourage you to review this policy periodically. Your continued use of the Services after any changes constitutes your acceptance of the updated policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Mecano Labs Inc.

Email: privacy@mecanoai.com

Website: mecanoai.com