Last updated: April 9, 2026
This Privacy Notice for Aligntra Inc. ("we," "us," or "our"), describes how and why we might access, collect, store, use, and/or share ("process") your personal information when you use our services ("Services"), including when you:
- Visit our website at www.aligntra.com or any website of ours that links to this Privacy Notice
- Use Aligntra — a regulatory compliance platform that uses AI-powered analysis to verify quality management system documents against ISO standards and regulatory frameworks. Users can upload documents, run automated compliance audits, generate compliance reports, and manage their organization's quality documentation.
- Engage with us in other related ways, including any marketing or events
Questions or concerns? Reading this Privacy Notice will help you understand your privacy rights and choices. We are responsible for making decisions about how your personal information is processed. If you do not agree with our policies and practices, please do not use our Services. If you still have any questions or concerns, please contact us at support@aligntra.com.
Summary of Key Points
This summary provides key points from our Privacy Notice, but you can find out more details about any of these topics by reading the full document below.
What personal information do we process? When you visit, use, or navigate our Services, we may process personal information depending on how you interact with us and the Services, the choices you make, and the products and features you use.
Do we process any sensitive personal information? We do not process sensitive personal information.
Do we collect any information from third parties? We receive limited information from third-party service providers that help us operate the Services, including authentication data from Clerk, subscription and payment status from Stripe, and file metadata from Google Drive (if you use our Google Drive integration).
How do we process your information? We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law. We process your information only when we have a valid legal reason to do so.
How do we keep your information safe? We have adequate organizational and technical processes and procedures in place to protect your personal information. However, no electronic transmission over the internet or information storage technology can be guaranteed to be 100% secure.
What are your rights? Depending on where you are located geographically, the applicable privacy law may mean you have certain rights regarding your personal information.
How do you exercise your rights? The easiest way to exercise your rights is by submitting a data subject access request, or by contacting us at support@aligntra.com.
Table of Contents
- What information do we collect?
- How do we process your information?
- What legal bases do we rely on to process your personal information?
- When and with whom do we share your personal information?
- Do we use cookies and other tracking technologies?
- Do we offer artificial intelligence-based products?
- Processing data on behalf of third parties (consultants and multi-org use)
- How do we handle your social logins?
- How long do we keep your information?
- How do we keep your information safe?
- Do we collect information from minors?
- What are your privacy rights?
- Controls for do-not-track features
- Do United States residents have specific privacy rights?
- Do we make updates to this notice?
- How can you contact us about this notice?
- How can you review, update, or delete the data we collect from you?
1. What Information Do We Collect?
Personal information you disclose to us
In Short: We collect personal information that you provide to us.
We collect personal information that you voluntarily provide to us when you register on the Services, express an interest in obtaining information about us or our products and Services, when you participate in activities on the Services, or otherwise when you contact us.
Personal Information Provided by You. The personal information that we collect depends on the context of your interactions with us and the Services, the choices you make, and the products and features you use. The personal information we collect may include the following:
- Names (first name, last name)
- Email addresses
- Organization name and membership
- Authentication data (managed by our authentication provider, Clerk)
Document Content. When you use our compliance analysis features, you upload documents (such as SOPs, quality records, policies, work instructions, and other quality management system documents) for processing. These documents may contain personal information of third parties (e.g., employee names, job titles, signatures referenced within quality records). You are responsible for ensuring you have the legal authority to upload documents containing third-party personal information. We process document content solely to provide our compliance analysis Services.
Sensitive Information. We do not intentionally collect sensitive personal information. However, documents you upload for compliance analysis may contain sensitive information (such as health and safety incident details in CAPA records). We process such information only as necessary to provide the Services and treat all uploaded documents as confidential.
Payment Data. We do not directly collect or store payment card numbers, security codes, or billing addresses. All payment data is collected and stored exclusively by our payment processor, Stripe, on their secure infrastructure. Our servers receive only subscription status, plan details, and invoice metadata from Stripe via webhooks. You may find Stripe’s privacy notice here: https://stripe.com/privacy.
Social Login Data. We offer the option to register and log in using your Google account via our authentication provider, Clerk. If you choose to do this, we receive your name, email address, and profile picture from Google. We do not receive your Google password. See the section “How Do We Handle Your Social Logins?” below for more details.
All personal information that you provide to us must be true, complete, and accurate, and you must notify us of any changes to such personal information.
Information automatically collected
In Short: Some information — such as your Internet Protocol (IP) address and/or browser and device characteristics — is collected automatically when you visit our Services.
We automatically collect certain information when you visit, use, or navigate the Services. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Services, and other technical information. This information is primarily needed to maintain the security and operation of our Services, and for our internal analytics and reporting purposes.
Like many businesses, we also collect information through cookies and similar technologies. You can find out more about this in our Cookie Policy.
The information we collect includes:
- Log and Usage Data. Log and usage data is service-related, diagnostic, usage, and performance information our servers automatically collect when you access or use our Services and which we record in log files.
- Device Data. We collect device data such as information about your computer, phone, tablet, or other device you use to access the Services.
- Location Data. We derive approximate geographic location (city and country level) from your IP address for analytics and security purposes. We do not collect precise GPS or device-level location data.
Google API
Our use of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.
2. How Do We Process Your Information?
In Short: We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law.
We process your personal information for a variety of reasons, depending on how you interact with our Services, including:
- To facilitate account creation and authentication and otherwise manage user accounts.
- To request feedback. We may process your information when necessary to request feedback and to contact you about your use of our Services.
- To send you marketing and promotional communications. We may process the personal information you send to us for our marketing purposes, if this is in accordance with your marketing preferences. You can opt out of our marketing emails at any time.
- To protect our Services. We may process your information as part of our efforts to keep our Services safe and secure, including fraud monitoring and prevention.
- To identify usage trends. We may process information about how you use our Services to better understand how they are being used so we can improve them.
- To save or protect an individual's vital interest. We may process your information when necessary to save or protect an individual's vital interest, such as to prevent harm.
3. What Legal Bases Do We Rely On to Process Your Information?
In Short: We only process your personal information when we believe it is necessary and we have a valid legal reason (i.e., legal basis) to do so under applicable law, like with your consent, to comply with laws, to provide you with services to enter into or fulfill our contractual obligations, to protect your rights, or to fulfill our legitimate business interests.
If you are located in the EU or UK, the General Data Protection Regulation (GDPR) and UK GDPR require us to explain the valid legal bases we rely on in order to process your personal information. We may rely on the following legal bases:
- Consent. We may process your information if you have given us permission (i.e., consent) to use your personal information for a specific purpose. You can withdraw your consent at any time.
- Legitimate Interests. We may process your information when we believe it is reasonably necessary to achieve our legitimate business interests and those interests do not outweigh your interests and fundamental rights and freedoms.
- Legal Obligations. We may process your information where we believe it is necessary for compliance with our legal obligations.
- Vital Interests. We may process your information where we believe it is necessary to protect your vital interests or the vital interests of a third party.
If you are located in Canada, we may process your information if you have given us specific permission (i.e., express consent) to use your personal information for a specific purpose, or in situations where your permission can be inferred (i.e., implied consent). You can withdraw your consent at any time.
4. When and With Whom Do We Share Your Personal Information?
In Short: We share information with specific third-party service providers that help us operate the Services, as described below.
Service providers (data processors)
We share your personal information with the following categories of third-party service providers, each of which processes data solely on our instructions and under contractual data protection obligations:
| Provider | Purpose | Data Shared |
|---|---|---|
| Amazon Web Services (AWS Bedrock) | AI-powered document analysis and compliance verification | Document text content, analysis prompts. AWS does not use your data for model training. See Section 6. |
| Cloudflare (R2 Storage, CDN) | Document storage, content delivery, DNS, web security | Uploaded documents, analysis results, IP addresses, web traffic |
| Railway | Application hosting and compute | All application data processed on Railway’s infrastructure |
| Clerk | User authentication, identity management, organization membership | Names, email addresses, profile pictures, organization membership, authentication tokens |
| Stripe | Payment processing, subscription management | Subscription status, plan details, invoice metadata. Payment card data is collected and stored exclusively by Stripe. |
| PostHog | Product analytics, feature adoption tracking | User ID, organization ID, feature usage events, page views, device information, IP address |
| Google Analytics | Website traffic analysis | Page views, anonymized IP address, browser and device information, referral source |
| Sentry | Error monitoring and application stability | Error data, request metadata, user context (ID, email) when errors occur, stack traces |
| Datadog | Application performance monitoring and structured logging | Request metadata, performance metrics, structured log data. Document content is not sent to Datadog. |
| Termly | Cookie consent management | Consent preferences, IP address |
| Google Drive (optional) | Document import from your Google Drive | OAuth tokens, file metadata, file content (only when you explicitly import files). See Section 1 Google API disclosure. |
We maintain a current list of sub-processors, available upon request at privacy@aligntra.com. We will provide at least thirty (30) days’ notice before adding new sub-processors that handle personal information.
Information received from third parties
We receive limited information from the following third-party sources:
- Clerk: User profile data (name, email, profile picture) when you create or update your account, and organization membership data via webhooks.
- Stripe: Subscription status, payment success/failure notifications, and invoice data via webhooks. We do not receive your payment card number or billing address from Stripe.
- Google Drive: File metadata and content when you use our Google Drive import feature. This requires your explicit authorization via OAuth.
Business transfers
We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
Legal requirements
We may disclose your information where we are legally required to do so in order to comply with applicable law, governmental requests, judicial proceedings, court orders, or legal processes.
5. Do We Use Cookies and Other Tracking Technologies?
In Short: Yes. We use cookies and similar tracking technologies for authentication, analytics, error monitoring, and consent management.
We use cookies and similar tracking technologies to maintain the security of our Services and your account, understand how you use our platform, monitor application performance, and manage your cookie consent preferences. We do not use cookies for advertising or behavioral targeting.
Specific information about the cookies we use and how you can manage your preferences is set out in our Cookie Policy. You can manage your cookie preferences at any time through the “Consent Preferences” link in our website footer.
Tracking technologies we use
| Technology | Purpose | Category |
|---|---|---|
| Clerk | Authentication session management. Sets session cookies required for login. | Strictly Necessary |
| Termly | Cookie consent management. Stores your consent preferences. | Strictly Necessary |
| PostHog | Product analytics, feature usage tracking, page views. Identifies authenticated users. | Analytics |
| Google Analytics 4 | Website traffic analysis. IP anonymization is enabled. Sets _ga and _gid cookies. |
Analytics |
| Sentry | Frontend error monitoring. Captures JavaScript errors with request context for debugging. Does not set persistent cookies. | Performance |
| Cloudflare | CDN, security, and Turnstile challenge on signup. May set __cf_bm cookie. |
Strictly Necessary |
Analytics cookies (PostHog, Google Analytics) are loaded only after you provide consent through our Termly consent banner, in accordance with applicable privacy laws.
Google Analytics
We use Google Analytics 4 to analyze website traffic on our public-facing pages. IP anonymization is enabled. To opt out of being tracked by Google Analytics, visit https://tools.google.com/dlpage/gaoptout or install the Google Analytics Opt-out Browser Add-on. For more information on Google’s privacy practices, visit the Google Privacy & Terms page.
PostHog
We use PostHog for product analytics to understand how users interact with our platform features. PostHog collects page views, feature usage events, device information, and IP addresses. Authenticated users are identified by user ID for usage analytics. PostHog does not use your data for advertising or cross-site tracking. For more information, visit PostHog’s Privacy Policy.
6. Do We Offer Artificial Intelligence-Based Products?
In Short: We use AI to analyze your uploaded documents against regulatory standards. The full text content of your documents is sent to our AI infrastructure provider (Amazon Web Services) for processing. Your data is not used to train AI models.
What data is sent to AI providers
When you use our compliance analysis features, the full text content of your uploaded documents (SOPs, quality records, policies, work instructions, and other quality management system documents) is extracted and transmitted to Amazon Web Services Bedrock (“AWS Bedrock”), which hosts Anthropic’s Claude large language model. This processing includes:
- Compliance analysis: Comparing your document content against regulatory standard requirements (e.g., ISO 13485, FDA QMSR) to identify compliance gaps
- Record verification: Comparing records against standard operating procedures to verify compliance
- Document classification: Determining the type and role of uploaded documents
- Evidence extraction: Identifying and citing specific passages that demonstrate compliance or non-compliance
- Report generation: Producing compliance findings, recommendations, and audit readiness assessments
Your document content may contain personal information of third parties (employee names, job titles, signatures). This information is processed solely to generate compliance analysis results and is not extracted, stored separately, or used for any other purpose.
No AI model training
We do not use your uploaded documents, analysis results, or any other customer data to train, fine-tune, or improve AI models. Your documents are processed on a per-request basis solely to generate compliance analysis results for your use. AWS Bedrock is contractually prohibited from using customer inputs or outputs for model training or improvement purposes.
AI processing is advisory
All AI-generated analysis results are advisory decision-support outputs, not automated decisions that produce legal effects. A qualified human can review, override, or reclassify any AI-generated finding. Our AI analysis does not constitute legal advice, a professional audit opinion, or a guarantee of regulatory compliance. See our Terms of Service, Section 11 for full AI disclaimers, including our warranty disclaimer on AI Outputs.
AI infrastructure location
AI processing occurs on AWS infrastructure in the United States (US East region). AWS is certified under the EU-US Data Privacy Framework. If your organization has specific data residency requirements for AI processing, please contact us at privacy@aligntra.com.
7. Processing Data on Behalf of Third Parties
In Short: If you use the Services to process documents on behalf of your clients or other third parties, you act as a data controller and Aligntra acts as a data processor. Consultant use is permitted under the conditions in our Terms of Service, Section 6. Each client engagement should use a separate Aligntra organization to maintain data isolation.
Consultant and advisor use
As described in our Terms of Service, Section 6, consultants, regulatory advisors, managed service providers, and professional services firms may use the Services on behalf of their clients, subject to the conditions set out in Section 6 of the Terms of Service (including client authorization, accurate AI disclosure, and no misrepresentation of outputs). No separate agreement is required beyond these Terms of Service, unless you are an Enterprise customer who has entered into a separate Master Service Agreement.
Data controller and processor roles
Where you process documents containing personal information on behalf of third parties (for example, when conducting Client Use as defined in Terms of Service Section 6, or when analyzing supplier quality documentation as part of your own quality management system):
- You (the subscriber) are the data controller for any personal data contained in documents you upload on behalf of your clients or suppliers. You determine the purposes and means of processing that data.
- Aligntra acts as a data processor on your instructions when processing those documents through the Services, as defined under GDPR Article 4(8) and similar data protection frameworks.
- You are responsible for: (a) ensuring you have a lawful basis to process your clients’ or suppliers’ data through the Services; (b) informing the relevant parties that their documents will be processed by AI services hosted in the United States (see Section 6 above); (c) obtaining any required consents or authorizations; and (d) responding to data subject access requests relating to that data.
Multi-organization data isolation
Each Aligntra organization is a logically isolated data environment. Documents, analysis results, user accounts, and organization data belonging to one Aligntra organization are not accessible to any other organization. Isolation is enforced at both the application layer (organization-scoped access controls) and the storage layer (organization-scoped paths in Cloudflare R2).
If you manage multiple client engagements, we recommend using a separate Aligntra organization for each client to maintain data isolation between clients. You may not process documents from multiple unrelated clients within a single organization without ensuring appropriate data segregation. This requirement exists to preserve each client’s data boundaries and to simplify data subject access requests and deletion requests scoped to an individual client.
Data Processing Agreement
If you are subject to GDPR or UK GDPR and process personal data through the Services, our standard Data Processing Agreement (DPA) is available at privacy@aligntra.com upon request and is automatically incorporated into the Terms of Service for customers who require it. Our DPA covers the processing activities described in this Privacy Notice, incorporates Standard Contractual Clauses (SCCs) for international data transfers where applicable, and lists our sub-processors (see Section 4 above).
Sub-processor transparency for your clients
If you process client data through the Services, you may need to disclose Aligntra and our sub-processors to your clients. The current list of Aligntra sub-processors is set out in Section 4 above and is updated when we add or remove sub-processors. We will provide reasonable advance notice of material sub-processor changes to customers who have requested it.
8. How Do We Handle Your Social Logins?
In Short: If you choose to register or log in using your Google account, we receive your name, email, and profile picture from Google via our authentication provider, Clerk.
Our Services offer you the ability to register and log in using your Google account. Authentication is managed by Clerk, our third-party authentication provider. When you choose to sign in with Google, we receive the following information from Google via Clerk:
- Your name (first and last)
- Your email address
- Your profile picture
We do not receive your Google password, contacts, or other Google account data. We will use the information we receive only for account creation, authentication, and the purposes described in this Privacy Notice. You can revoke Google’s connection to Aligntra at any time through your Google Account permissions.
9. How Long Do We Keep Your Information?
In Short: We keep your information for as long as necessary to fulfill the purposes outlined in this Privacy Notice, plus defined post-termination periods, unless otherwise required by law.
We retain different categories of information for different periods:
| Data Category | Retention Period |
|---|---|
| Account information (name, email, org membership) | Duration of your account, plus 30 days after termination |
| Uploaded documents and analysis results | Duration of your account, plus 30 days after termination for data export. May persist in encrypted storage for up to an additional 90 days during routine storage rotation. |
| Billing and subscription records | As required by applicable tax and accounting law (typically 7 years) |
| Application logs and error data | Up to 90 days |
| Product analytics data (PostHog) | As configured in our PostHog instance; typically 12 months |
| Website analytics data (Google Analytics) | As configured by Google; subject to Google’s retention settings |
When we have no ongoing legitimate business need to process your personal information, we will initiate deletion from our active production systems. Data may persist in encrypted form in backup or archival systems for up to 90 additional days, after which it is removed as part of routine storage rotation. If deletion is not immediately possible (for example, due to legal holds or technical limitations), we will securely isolate your personal information from any further processing until deletion is completed.
10. How Do We Keep Your Information Safe?
In Short: We aim to protect your personal information through a system of organizational and technical security measures.
We have implemented appropriate and reasonable technical and organizational security measures designed to protect the security of any personal information we process. However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. Although we will do our best to protect your personal information, transmission of personal information to and from our Services is at your own risk. You should only access the Services within a secure environment.
11. Do We Collect Information from Minors?
In Short: We do not knowingly collect data from or market to children under 18 years of age.
We do not knowingly collect, solicit data from, or market to children under 18 years of age, nor do we knowingly sell such personal information. By using the Services, you represent that you are at least 18 or that you are the parent or guardian of such a minor and consent to such minor dependent's use of the Services. If we learn that personal information from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we may have collected from children under age 18, please contact us at support@aligntra.com.
12. What Are Your Privacy Rights?
In Short: Depending on your state of residence in the US or in some regions, such as the European Economic Area (EEA), United Kingdom (UK), Switzerland, and Canada, you have rights that allow you greater access to and control over your personal information.
In some regions (like the EEA, UK, Switzerland, and Canada), you have certain rights under applicable data protection laws. These may include the right (i) to request access and obtain a copy of your personal information, (ii) to request rectification or erasure; (iii) to restrict the processing of your personal information; (iv) if applicable, to data portability; and (v) not to be subject to automated decision-making.
We will consider and act upon any request in accordance with applicable data protection laws.
If you are located in the EEA or UK and you believe we are unlawfully processing your personal information, you also have the right to complain to your Member State data protection authority or UK data protection authority.
Withdrawing your consent: If we are relying on your consent to process your personal information, you have the right to withdraw your consent at any time. You can withdraw your consent at any time by contacting us at support@aligntra.com.
Opting out of marketing and promotional communications: You can unsubscribe from our marketing and promotional communications at any time by clicking on the unsubscribe link in the emails that we send, or by contacting us at support@aligntra.com.
Account Information
If you would at any time like to review or change the information in your account or terminate your account, you can:
- Log in to your account settings and update your user account.
- Contact us using the contact information provided.
Upon your request to terminate your account, we will deactivate or delete your account and information from our active databases. However, we may retain some information in our files to prevent fraud, troubleshoot problems, assist with any investigations, enforce our legal terms and/or comply with applicable legal requirements.
Cookies and similar technologies: Most web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove cookies and to reject cookies. If you choose to remove cookies or reject cookies, this could affect certain features or services of our Services. For further information, please see our Cookie Policy.
If you have questions or comments about your privacy rights, you may email us at support@aligntra.com.
13. Controls for Do-Not-Track Features
Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track ("DNT") feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. At this stage, no uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this Privacy Notice.
14. Do United States Residents Have Specific Privacy Rights?
In Short: If you are a resident of California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, or Virginia, you may have the right to request access to and receive details about the personal information we maintain about you and how we have processed it, correct inaccuracies, get a copy of, or delete your personal information.
Categories of Personal Information We Collect
| Category | Examples | Collected |
|---|---|---|
| A. Identifiers | Name, email address, IP address, online identifiers (user ID, organization ID), account name | YES |
| B. Personal information (California Customer Records) | Name, contact information, education, employment, employment history, and financial information | YES |
| C. Protected classification characteristics | Gender, age, date of birth, race and ethnicity, national origin, marital status, and other demographic data | NO |
| D. Commercial information | Subscription tier, plan details, usage history, invoice metadata received from Stripe | YES |
| E. Biometric information | Fingerprints and voiceprints | NO |
| F. Internet or similar network activity | Pages visited, feature usage, clicks, session data (via PostHog), website traffic data (via Google Analytics), IP addresses | YES |
| G. Geolocation data | Approximate location derived from IP address (city/country level, not precise GPS) | YES |
| H. Audio, electronic, sensory, or similar information | Images and audio, video or call recordings | NO |
| I. Professional or employment-related information | Organization name and role within the organization (as provided during account setup) | YES |
| J. Education information | Student records and directory information | NO |
| K. Inferences drawn from collected personal information | Product usage patterns and feature adoption profiles (via PostHog analytics); compliance analysis scores generated from uploaded documents | YES |
| L. Sensitive personal information | — | NO |
Your Rights
You have rights under certain US state data protection laws. These rights include:
- Right to know whether or not we are processing your personal data
- Right to access your personal data
- Right to correct inaccuracies in your personal data
- Right to request the deletion of your personal data
- Right to obtain a copy of the personal data you previously shared with us
- Right to non-discrimination for exercising your rights
- Right to opt out of the processing of your personal data if it is used for targeted advertising, the sale of personal data, or profiling
How to Exercise Your Rights
To exercise these rights, you can contact us by submitting a data subject access request, by emailing us at support@aligntra.com, or by referring to the contact details at the bottom of this document.
We have not disclosed, sold, or shared any personal information to third parties for a business or commercial purpose in the preceding twelve (12) months. We will not sell or share personal information in the future belonging to website visitors, users, and other consumers.
Data Processing Agreement
Customers requiring a formal Data Processing Agreement (DPA) for GDPR, CCPA, or other data protection compliance may request one by contacting privacy@aligntra.com. Our DPA covers the processing activities described in this Privacy Notice and includes Standard Contractual Clauses (SCCs) for international data transfers where applicable.
15. Do We Make Updates to This Notice?
In Short: Yes, we will update this notice as necessary to stay compliant with relevant laws.
We may update this Privacy Notice from time to time. The updated version will be indicated by an updated "Revised" date at the top of this Privacy Notice. If we make material changes to this Privacy Notice, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this Privacy Notice frequently to be informed of how we are protecting your information.
16. How Can You Contact Us About This Notice?
If you have questions or comments about this notice, you may email us at support@aligntra.com or contact us by post at:
Aligntra Inc.
Wilmington, DE 19808
United States
17. How Can You Review, Update, or Delete the Data We Collect from You?
Based on the applicable laws of your country or state of residence in the US, you may have the right to request access to the personal information we collect from you, details about how we have processed it, correct inaccuracies, or delete your personal information. You may also have the right to withdraw your consent to our processing of your personal information. These rights may be limited in some circumstances by applicable law. To request to review, update, or delete your personal information, please email us at support@aligntra.com.