Privacy Policy

1. Introduction

Welcome to HorizonOS ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Asset Management System.

By using HorizonOS, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our service.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

• Email Address: Used for account identification and communication
• Cognito ID: Unique identifier provided by AWS Cognito authentication service
• User Role: Your assigned role (Admin, SiteManagement, Contractor, Package, or Viewer) which determines your access permissions
• Account Status: Whether your account is active or inactive

2.2 Asset and Site Management Data

We collect and store data related to your use of the asset management system:

• Asset information, locations, and specifications
• Site management data and configurations
• Contractor assignments and relationships
• Package information and associations
• Any other data you input into the system

2.3 Authentication and Usage Data

When you access our service, we automatically collect:

• IP Address: Your device's internet protocol address
• User Agent: Information about your browser and device
• Authentication Tokens: Secure tokens managed by AWS Cognito
• Access Logs: Records of when and how you access the system

2.4 Audit Logs

We maintain comprehensive audit logs that record:

• Actions performed within the system (create, update, delete operations)
• Resource types and identifiers affected by your actions
• Previous and new values for data modifications
• Timestamps of all activities
• Success or failure status of operations

3. How We Use Your Information

We use the collected information for the following purposes:

• Service Provision: To provide, maintain, and improve our asset management services
• Authentication: To verify your identity and manage secure access to your account
• Access Control: To enforce role-based permissions and ensure appropriate data access
• Audit and Compliance: To maintain audit trails for security, compliance, and accountability
• Communication: To send you important updates, security alerts, and service notifications
• Support: To respond to your inquiries and provide customer support
• System Improvement: To analyze usage patterns and improve our service functionality

4. Data Storage and Security

4.1 Storage Location

Your data is stored using Amazon Web Services (AWS) infrastructure, including:

• AWS Cognito: User authentication and identity management
• AWS RDS: Relational database service for application data storage

Data is stored in secure, encrypted databases with access restricted to authorized personnel and systems.

4.2 Security Measures

We implement industry-standard security measures to protect your information:

• Encryption of data in transit using TLS/SSL protocols
• Encryption of data at rest in our databases
• Role-based access controls to limit data access to authorized users
• Secure authentication via AWS Cognito with token-based sessions
• Regular security audits and monitoring
• Access logging and audit trails

4.3 Data Retention

We retain your personal information for as long as your account is active or as needed to provide you services. Audit logs are retained for compliance and security purposes in accordance with applicable laws and business requirements. When you delete your account, we will delete or anonymize your personal information, except where we are required to retain it for legal or regulatory purposes.

5. Third-Party Services

We use third-party services to provide and improve our service:

• AWS Cognito: Handles user authentication and identity management. AWS Cognito's privacy practices are governed by AWS's privacy policy.
• AWS RDS: Provides database storage services. Data processing is subject to AWS's data processing agreements.

These third-party services have access to your information only to perform tasks on our behalf and are obligated not to disclose or use it for any other purpose. We ensure that all third-party service providers comply with applicable data protection laws and maintain appropriate security measures.

6. Your Rights

Depending on your location, you may have the following rights regarding your personal information:

• Access: Request access to the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information, subject to legal and operational requirements
• Portability: Request a copy of your data in a portable format
• Objection: Object to processing of your personal information in certain circumstances
• Restriction: Request restriction of processing of your personal information

To exercise these rights, please contact us using the information provided in the "Contact Us" section below. We will respond to your request within a reasonable timeframe and in accordance with applicable laws.

7. Cookies and Tracking

HorizonOS uses authentication tokens and session management to maintain your login state. These are stored locally in your browser and are essential for the service to function. We do not use tracking cookies or third-party analytics cookies on our platform.

You can control cookie settings through your browser preferences, though disabling authentication tokens will prevent you from using the service.

8. Children's Privacy

Our service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal information, please contact us, and we will take steps to delete such information.

9. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. You are advised to review this Privacy Policy periodically for any changes.

Changes to this Privacy Policy are effective when they are posted on this page. Your continued use of the service after any changes constitutes acceptance of the updated policy.

10. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us:

HorizonOS
Email: info@horizonos.net

For data protection inquiries, please include "Privacy Inquiry" in your subject line.