Effective January 2026

Introduction

OnCorps is committed to protecting your privacy. This privacy policy has been compiled to better serve those who are concerned with how their ‘Personally Identifiable Information’ (PII) is being used online. PII, as described in US privacy law and information security, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. Please read this  privacy policy carefully to get a clear understanding of how we collect, use, protect or otherwise handle your data.

In order to provide our services and to provide a personalized experience, we need to collect certain information from you. If you have any questions, please contact us at privacy@oncorps.ai. 

It’s likely that we’ll need to update this Privacy Notice every now and again to make sure it's accurate. We’ll let you know of any major changes, but the most up-to-date version will always be here for you to check. 

This Privacy Policy applies to all the products, services, websites, and apps offered by OnCorps LLC. We refer to those products, services, websites, and apps collectively as the “services” in this policy.

AI and Automated Processing

At OnCorps, we use Artificial Intelligence (AI) and Machine Learning (ML) to provide advanced analytics and decision-support tools. We are committed to Responsible AI and transparency regarding how your data interacts with our algorithms.

1. How we use data for AI
   
   
   • We process information to power our AI features in the following ways:
     
     • Service Delivery: Using data to generate the insights, predictions, or automated reports you request through our services.
     • Model Improvement: We may use de-identified and aggregated data to train and improve our machine learning models. 
     • Personalization: Using usage patterns to tailor the AI’s behavior to your specific role or business needs.
     • OnCorps has entered into agreements with Large Language Model suppliers that prevent them from training public LLMs with customer data nor can they retain any of our customer data in any LLM.

2. Automated decision-making (ADM)
   
   • We may use automated systems to assist in decision-making processes.
   • Logic Involved: Our AI typically uses predictive regression and/or neural networks to analyze historical data and identify anomalies, trends, or financial risks.
   • Human-in-the-Loop: Unless explicitly stated otherwise, our AI is designed to augment human intelligence, not replace it. Critical decisions involve a human reviewer who has the final authority to accept or reject AI-generated suggestions.
3. Your rights and choices
   
   • As of 2026, you have specific rights regarding AI-driven processing:
   • Right to Explanation: If an automated decision significantly affects you, you have the right to request an explanation of the logic used and the right to contest the decision.
4. Transparency and content labeling
   
   1. In compliance with the EU AI Act, we ensure that:
      
      • Interaction Awareness: If you are interacting directly with an AI (such as a chatbot), we will clearly notify you at the start of the interaction.
      • AI-Generated Content: Any significant synthetic content (images, audio, or text) generated by our systems is labeled or watermarked in a machine-readable format to identify it as AI-generated.

Types of Relationships

Depending on our relationship with you, we require different types of Personal Information in order to deliver our services to you. Here are some definitions of the type of relationships we may have with you: 

1. Owners: You create or administer OnCorps solutions. 
2. Users: You use a solution powered by OnCorps. 
3. Community Member: You expressed interest in our events, attended one or more of our events, or asked to stay in touch with OnCorps. 
4. Visitor: You visited our website.

Types of Personal Information We Collect

1. CONTACT INFORMATION (FOR EXAMPLE, AN EMAIL ADDRESS). You might provide us with your contact information, whether through use of our services, a form on our website, an interaction with our sales or support team, or as a user of one of our apps. We always keep our requests for contact information to a minimum. 
2. PROFILE DATA. When you sign into our apps, attend our events, or create an application with us, you may be asked to provide us with information about yourself and to give us more detailed insights into who you are. 
3. USAGE INFORMATION. We collect usage information whenever you interact with our websites or solutions. This includes which webpages you visit, what you click on, when you perform those actions, what language preference you have, and so on. 
4. DEVICE AND BROWSER DATA. We collect information from the device and application you use to access our services. This data mainly refers to your IP address, operating system version, device type, system and performance information, and browser type. 
5. INFORMATION FROM COOKIES. We use third party tracking services that employ cookies to collect data about visitors to our websites. This data includes usage and user statistics. Emails sent by OnCorps or by users through our services include page tags that allow the sender to collect information about who opened those emails and clicked on links within them. 
6. LOG DATA. Like most websites today, our web servers keep log files that record data each time a device accesses those servers. The log files contain data about the nature of each access, including originating IP addresses, internet service providers, the files viewed on our site (e.g., HTML pages, graphics, etc.), operating system versions, device type, and timestamps. 
7. REFERRAL INFORMATION. If you arrive at an OnCorps website from an external source (such as a link on another website or in an email), we record information about the source that referred you.
8. INFORMATION FROM THIRD PARTIES AND INTEGRATION PARTNERS. We collect your Personal Information or data from third parties if you give permission to those third parties to share your information with us (e.g. LinkedIn for authentication).  

If you are an Owner, we will also collect: 

1. ACCOUNT INFORMATION. We require information about your company and role as part of the account information. 
2. BILLING INFORMATION. If you make a payment to OnCorps, we require you to provide your billing details, a name, address, email address, and financial information corresponding to your selected method of payment.  

If you are a User of our own applications, we will collect:

1. APPLICATION DATA. We store your application data (responses) for you and provide ways to analyze and understand this information. 

How we collect your Personal Information 

There are a number of ways in which we may collect information about you: 

1. When you visit our website 
2. When you sign up for an event or ask to be notified about future events 
3. When you consent to receive information about OnCorps 
4. When you engage OnCorps to create a solution for your business 
5. When you use an OnCorps powered application 
6. When you try out some of our demonstration applications 
7. When you engage with us on social media 
8. When you have given a third-party permission to share information they hold about you with us 

How and why we use your Personal Information 

The information we hold about you may be used in any of the following ways: 

1. To provide and to improve our services to you 
2. To send you further information about our services which we think may be of interest to you
3. To send you further information about our services based on a request we have received from you To fulfill our obligations to you 
4. To provide you with notification about any changes to our services relevant to you 

Security for your Personal Information

1. The security of your Personal Information is very important to us. We take a lot of care to handle and store it as best we can and in line with new legislation. 
2. Here are some ways we secure your data: 
   
   • We have in place an information security management system, including security processes and policies that are certified as ISO 27001 compliant by an external assessor. 
   • We encrypt Personal Information data at rest. We use industry-standard encryption protocols (e.g., AES-256) for data at rest and TLS for data in transit.
   • We use encrypted https links between our web server and your browser. 
   • We monitor and check our data security systems for possible vulnerabilities and attacks, and we carry out penetration testing to identify ways to further strengthen security. 

Who we need to share your Personal Information with and why

1. At times, we need to share your Personal Information with trusted third parties. We only provide what they need and they cannot use your data for anything other than their stated purposes. Your data is deleted or rendered anonymous if we stop working with them. 
2. We use companies who will process and store your Personal Information as part of their contract or terms and conditions with us, including Google Analytics, Google Suite, and Amazon Web Services. 
3. We will never sell or share your contact details with any third parties. There are some instances when we may have to share your information based on our legal obligations. 

Your rights over your Personal Information

1. You retain the right to request us to refrain from processing your Personal Information for the purposes of marketing. To exercise such right, you may unsubscribe using the link in an email we send to you or you can exercise this same right by contacting us electronically via email at privacy@oncorps.ai. 
2. We are required to maintain your Personal Information accurately. If you believe any of the Personal Information that we process is inaccurate, you are entitled to contact us to correct any inaccuracies at privacy@oncorps.ai. When we agree that the Personal Information held by us is inaccurate, we will correct such inaccuracies without undue delay. 
3. We will not be responsible for correcting inaccuracies in third party Personal Information unless you have informed us of such inaccuracies, in which case we will provide you with reasonable assistance in complying with your obligations as data controller under the applicable Data Protection Laws in relation to any inaccurate third party data. 
4. Right to be forgotten - if we no longer have a legal basis to process your Personal Information or if the legal basis that we are relying on is consent and you subsequently withdraw your consent, then we will stop processing your Personal Information. 
5. You are responsible for ensuring that any third party request to be forgotten is applied to any third party Personal Information that you send to us. We will provide you with reasonable assistance in complying with your obligations as data controller under the applicable Data Protection Laws in relation to any third party requests to be forgotten. 
6. You may at any time contact us to review the Personal Information we hold about you. You may exercise this right by contacting us at privacy@oncorps.ai. 

Privacy Notice for California Residents

1. We are providing this supplemental privacy notice to consumers in California, pursuant to the California Privacy Rights  Act of 2020 (the “CPRA”).
2. We do not sell or share Personal Data. As we explain in this Privacy Policy, we use Cookies and other tracking technologies to analyze website and application traffic and use, and to facilitate advertising.
3. California Privacy Rights. If you are a California resident, you have the following rights:
   
   • Information: The Privacy Policy describes the types of Personal Data we collect in the “Personal Data We Collect” section above and the sources through which we collect Personal Data in the “How We Collect Personal Data” section above. We describe the purposes for which we use and share this data in the “Who we need to share your Personal Information with and why:” section above.
   • Access: You can request a copy of the personal information that we maintain about you.
   • Deletion: You can ask to delete the personal information that we have collected from you.
   • Opt-out of sale of your Personal Data: We do not sell or share Personal Data.
   • Please note that the CCPA limits these rights by, for example, prohibiting businesses from providing certain sensitive information in response to an access request and limiting the circumstances in which they must comply with a deletion request.
   • You are entitled to exercise the rights described above free from discrimination.
   • Exercising your rights. To exercise these rights, you can submit requests as follows:
   • To request access to or deletion of Personal Data collected via your use of the Services, please email us at privacy@oncorps.ai

Privacy Notice for European Residents

4. If you are a resident of the European Economic Area, the United Kingdom, or Switzerland (collectively, “Europe”), you may have additional rights under the General Data Protection Regulation (the “GDPR”) or other European data protection legislation.
5. As we explain in this Privacy Policy, we use Cookies and other tracking technologies to analyze website and application traffic and use, and to facilitate advertising. Users connecting to OnCorps’ website from European locations will be presented with options to consent to cookie tracking.
6. Controller and European Representatives. OnCorps LLC. will be the controller of your Personal Data processed in connection with the Services.
7. As noted elsewhere in this policy you can contact us at: privacy@oncorps.ai

California Online Privacy Protection Act

1. CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law’s reach stretches well beyond California to require any person or company in the United States (and conceivably the world) that operates websites collecting Personally Identifiable Information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals or companies with whom it is being shared. – See more at:
   http://consumercal.org/california-online-privacy-protection-act-caloppa/#sthash.0FdRbT51.dpuf

COPPA

1. When it comes to the collection of personal information from children under the age of 13 years old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.
2. OnCorps does not specifically market to children under the age of 13 years old.

Fair Information Practice Principles

1. Fair Information Practice Principles (FIPPs) are foundational guidelines for protecting personal data, emphasizing Transparency, Choice, Access/Participation, Security, and Accountability, ensuring individuals control their data, know how it's used, can correct it, and organizations are responsible for its fair handling.
2. In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach of your PII occur:
   
   • We will notify you via email without undue delay.
   • We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.

Data Retention

1. We retain your personal information for as long as your account is active or as needed to provide you services.

Internet Security Policy

1. For site security purposes and to ensure that this service remains available to all users, this computer system employs software programs to monitor network traffic to identify unauthorized attempts to upload or change information, or otherwise cause damage. Unauthorized attempts to upload information or change information on this service are strictly prohibited and may be punishable under the Computer Fraud and Abuse Act of 1986 and the National Information Infrastructure Protection Act. 

Contacting the Regulator/Arbitrator

1. If you are based in the UK and are at all unhappy about the handling of your data, you can send a complaint to the Information Commissioner’s Office by calling +44 303 123 1113 or go online to www.ico.org.uk/concerns 
2. If you are based outside the UK, you have the right to lodge your complaint with the relevant data protection regulator in your country or state of residence. 

QUESTIONS? 

1. We hope this Privacy Notice has been helpful in setting out the way we handle your Personal Information and your rights to control it.

‍