Privacy Policy

Last updated: December 19, 2024

1. Introduction

Molecule One ("we," "us," or "our") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect your information in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

We take your privacy seriously and are transparent about our data practices. This policy applies to all users of our website and services.

2. Data Controller Information

The data controller responsible for your personal information is:

Molecule One

Plot No 150, 4th Floor

Udyog Vihar Phase 1

Gurugram, Haryana - 122016

India

Email: hello@moleculeone.ai

General inquiries: hello@moleculeone.ai

3. Personal Data We Collect

We collect personal data that you voluntarily provide to us when you:

  • Contact us: Name, email address, company name, and message content
  • Subscribe to our newsletter: Email address and optional name
  • Request our AI Readiness Report: Name, email address, company information, and assessment responses
  • Browse our website: Technical information such as IP address, browser type, and pages visited (non-tracking analytics only)

We do not collect sensitive personal data (such as health information, racial or ethnic origin, political opinions, or religious beliefs).

4. Legal Basis for Processing

We process your personal data only when we have a valid legal basis under GDPR:

  • Consent: When you subscribe to our newsletter or submit forms, you provide explicit consent for us to process your data
  • Legitimate interests: To respond to your inquiries, improve our services, and maintain website security
  • Contractual necessity: To provide services you have requested from us

5. How We Use Your Personal Data

We use your personal data for the following specific purposes:

  • To respond to your inquiries and provide customer support
  • To send newsletters and service updates (only with your consent)
  • To generate and deliver your AI Readiness Report
  • To improve our website and services based on usage patterns
  • To ensure website security and prevent fraud
  • To comply with legal obligations

We do not and will not:

  • Sell your contact information or personal data to third parties
  • Reuse your contact information for purposes other than those you consented to
  • Share your data with third parties for their marketing purposes
  • Use your data for automated decision-making or profiling

6. Cookie Policy and Tracking

No Tracking Cookies

We do NOT use tracking cookies, advertising cookies, or third-party cookies on our website. We respect your privacy and do not track your browsing behavior across websites.

We only use essential cookies that are strictly necessary for the website to function properly, such as:

  • Session cookies for form submissions
  • Authentication cookies (if you use our services)
  • Basic analytics cookies that do not identify individual users

These essential cookies do not require consent under GDPR as they are necessary for the website's operation.

7. Data Sharing and Third Parties

We have a strict policy regarding data sharing:

No Selling or Reuse

We do NOT sell, rent, or reuse your contact information. Your data is used solely for the purposes you have consented to.

We may share limited data with trusted service providers who help us operate our website and services, such as:

  • Hosting providers: To store website data securely
  • Email service providers: To send newsletters (only if you subscribed)
  • Database providers: To securely store your information

All service providers are carefully selected, contractually bound to protect your data, and process data only on our instructions in compliance with GDPR.

We may disclose your information only if required by law, court order, or to protect our legal rights.

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes described in this policy:

  • Contact form submissions: 2 years from date of submission
  • Newsletter subscriptions: Until you unsubscribe
  • AI Readiness Reports: 3 years or until you request deletion
  • Website analytics: 14 months (anonymized data)

After the retention period expires, we securely delete or anonymize your personal data. You can request earlier deletion at any time (see Your Rights section below).

9. Data Security

We implement robust technical and organizational security measures to protect your personal data:

  • Encryption of data in transit using SSL/TLS certificates
  • Encryption of data at rest in secure databases
  • Access controls limiting who can view your data
  • Regular security audits and vulnerability assessments
  • Secure authentication for staff accessing systems
  • Regular backups with encrypted storage

While we take all reasonable precautions, no internet transmission is 100% secure. If you suspect a security breach, please contact us immediately at hello@moleculeone.ai.

10. Your Rights Under GDPR

Under GDPR, you have comprehensive rights regarding your personal data:

Right of Access

You can request a copy of all personal data we hold about you.

Right to Rectification

You can request correction of inaccurate or incomplete data.

Right to Erasure ("Right to be Forgotten")

You can request deletion of your personal data, subject to legal obligations.

Right to Restrict Processing

You can request that we limit how we use your data.

Right to Data Portability

You can receive your data in a structured, commonly used format to transfer to another service.

Right to Object

You can object to processing based on legitimate interests or direct marketing.

Right to Withdraw Consent

You can withdraw consent at any time (e.g., unsubscribe from newsletters).

Right to Lodge a Complaint

You can file a complaint with your local data protection authority.

To exercise any of these rights, please contact us at hello@moleculeone.ai. We will respond to your request within 30 days.

11. International Data Transfers

Our servers are located in the United States. If you are accessing our website from outside the U.S., please be aware that your data may be transferred to and processed in the United States.

We ensure appropriate safeguards are in place for international transfers in compliance with GDPR, including using service providers that comply with EU-U.S. Data Privacy Framework or Standard Contractual Clauses.

12. Children's Privacy

Our services are not intended for individuals under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us immediately so we can delete it.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. When we make significant changes, we will:

  • Update the "Last updated" date at the top of this policy
  • Notify you via email if you have subscribed to our services
  • Post a notice on our website homepage for 30 days

We encourage you to review this policy periodically. Your continued use of our website after changes indicates acceptance of the updated policy.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal data, please contact us:

Privacy Inquiries

Email: hello@moleculeone.ai

Mail:

Molecule One
Attn: Privacy Officer
Plot No 150, 4th Floor
Udyog Vihar Phase 1
Gurugram, Haryana - 122016
India

We are committed to resolving any privacy concerns promptly and transparently. We will respond to all requests within 30 days as required by GDPR.

Note: This privacy policy is designed to comply with GDPR and applicable data protection laws. If you are a California resident, you may also have additional rights under the California Consumer Privacy Act (CCPA). Please contact us for more information about your state-specific rights.