Privacy Policy

1. Information We Collect

Website Information

We collect information you provide directly to us through our website:

• Contact information (email address, name, phone number)
• Business information you choose to share in contact forms
• Communications with our support team
• Website usage data through cookies and analytics

Summit Platform Data

When you use our Summit business management platform, we collect:

• Business Data: Customer information, transaction records, invoices, receipts
• Financial Information: Expense data, revenue tracking, accounting records
• Inventory Data: Stock levels, product information, supplier details
• Location Data: Mileage tracking, business trip logs (with your permission)
• User Activity: Login times, feature usage, system interactions
• Images: Receipt photos, business documents you upload
• Team Data: User roles, permissions, collaboration activities

2. How We Use Your Information

We use the information we collect to:

• Service Delivery: Provide our Summit platform, process your business data, generate insights and reports
• AI Processing: Use machine learning to categorize expenses, extract receipt data, and provide business analytics
• Automation: Enable automated features like lead management, inventory alerts, and recurring payments
• Support: Respond to your questions, provide technical assistance, and resolve issues
• Communication: Send service updates, security alerts, and product announcements
• Improvement: Analyze usage patterns to enhance features and develop new capabilities
• Security: Protect against fraud, unauthorized access, and security threats
• Compliance: Meet legal and regulatory requirements

3. Information Sharing and Third Parties

We do not sell, trade, or rent your personal or business information to third parties. We may share your information only in the following limited circumstances:

• Service Providers: Trusted third-party services that help us operate our platform (cloud hosting, payment processing, email delivery)
• Business Integrations: With your explicit consent, we may integrate with accounting software, payment processors, or other business tools you authorize
• Legal Requirements: When required by law, court order, or government request
• Safety and Security: To protect our users, prevent fraud, or address security threats
• Business Transfers: In the event of a merger, acquisition, or sale of assets (with notification to users)
• With Your Consent: Any other sharing will require your explicit permission

All third-party service providers are contractually bound to protect your information and use it only for specified purposes.

4. Data Security and Protection

We implement comprehensive security measures to protect your business and personal information:

• Encryption: All data is encrypted at rest using AES-256 and in transit via TLS 1.3
• Access Controls: Multi-factor authentication, role-based permissions, and principle of least privilege
• Infrastructure: Secure cloud hosting with enterprise-grade firewalls and intrusion detection
• Monitoring: 24/7 security monitoring and automated threat detection
• Compliance: SOC 2 Type 2 standards and regular security audits
• Incident Response: Established procedures for security incident management and user notification
• Data Backup: Regular encrypted backups with point-in-time recovery capabilities

While we implement industry-standard security measures, no system is 100% secure. We continuously update our security practices to address emerging threats.

5. Your Rights

You have the right to:

• Access and update your personal information
• Request deletion of your data
• Opt out of marketing communications
• Request a copy of your data

6. Data Retention

We retain your information for as long as necessary to provide our services and comply with legal obligations:

• Active Accounts: We retain your business data while your account is active and for up to 7 years after account closure for tax and legal purposes
• Inactive Accounts: Accounts inactive for more than 3 years may be archived, with 90 days notice before deletion
• Website Data: Analytics and cookies are retained for up to 26 months
• Communication Records: Support communications are retained for 3 years
• Legal Requirements: Some data may be retained longer to comply with applicable laws

7. Cookies and Website Analytics

We use cookies and similar technologies to improve your website experience:

• Essential Cookies: Required for basic website functionality and security
• Analytics Cookies: Google Analytics to understand website usage and improve user experience
• Functional Cookies: Remember your preferences and settings
• Chat Cookies: Enable our AI-powered customer support chat widget

You can control cookie settings through your browser, though disabling certain cookies may limit website functionality. You can opt out of Google Analytics tracking.

8. International Data Transfers

Summit Automation is based in the United States. If you are accessing our services from outside the US, please be aware that your information may be transferred to, stored, and processed in the United States where our servers are located and our central database is operated.

We ensure that international data transfers comply with applicable data protection laws and implement appropriate safeguards to protect your information.

9. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the effective date.

10. Contact Us

If you have any questions about this privacy policy, your data, or our privacy practices, please contact us:

We will respond to privacy-related inquiries within 30 days of receipt.