Legal · privacy

Privacy Policy.

What we collect, why, how to ask us to delete it, and how to exercise your rights.

Draft · counsel review pending

This Privacy Policy is a structurally complete draft published for public inspection. It is under review by qualified counsel and will be finalized before contract execution. Items in [SQUARE BRACKETS] mark fields that counsel must confirm before publication. Material questions: support@elyonsci.ai.

Effective date: May 1, 2026

Last updated: May 1, 2026

Overview

Elyon SCI, LLC ("Elyon SCI," "we," "us," or "our") provides Elyon, an AI-native supply chain intelligence platform. This Privacy Policy explains how we collect, use, share, and protect personal information when you visit elyonsci.ai (the "Site"), use the Elyon application at app.elyonsci.ai (the "Service"), or otherwise interact with us.

This policy applies to personal information we process as a controller — for example, prospect and visitor data, customer administrator contact information, and personnel data. When Elyon processes personal information that customers submit into their tenants on behalf of their own end users, customers act as the controller (or business) and Elyon SCI acts as a processor (or service provider). Those activities are governed by the Data Processing Addendum.

Information we collect

Information you provide

  • Account and contact information: name, email, phone number, company, role
  • Communications: messages you send to us through forms, email, demo bookings, or support
  • Marketing preferences and event registrations

Information collected automatically

  • Log and device data: IP address, browser type, operating system, referrer, pages visited, timestamps
  • Cookies and similar technologies: see §08
  • Product usage telemetry from the Service, scoped per customer tenant

Information from third parties

  • Identity and authentication metadata from sign-in providers
  • Enrichment data from business information providers
  • Referrals from customers, partners, and prospects

How we use information

  • To provide, operate, and improve the Service and the Site
  • To create and administer accounts, authenticate users, and enforce security
  • To communicate with you about your account, the Service, security and policy notices, and (where permitted) marketing
  • To analyze usage, debug, and improve performance and reliability
  • To comply with legal obligations and enforce our agreements
  • To prevent fraud, abuse, and security threats

We do not sell personal information. We do not use customer-tenant content to train artificial intelligence models for other customers or for third-party model providers under terms in which they would train on our customer data.

Legal bases (GDPR / UK GDPR)

Where the GDPR or UK GDPR applies, we process personal information under one or more of the following legal bases:

  • Contract. To provide the Service to you or to take steps at your request before entering a contract.
  • Legitimate interests. To operate, secure, and improve our business, where those interests are not overridden by your rights and freedoms.
  • Consent. Where required, including for certain marketing communications and non-essential cookies. You may withdraw consent at any time.
  • Legal obligation. To comply with applicable law and lawful requests.

How we share information

We share personal information with:

  • Sub-processors. Service providers that help us deliver the Service. See /sub-processors for the canonical list. Sub-processors are bound by contractual data protection obligations.
  • Customers. When you interact with a customer's tenant — for example, as a carrier, driver, or invited collaborator — that customer is the controller of your personal information.
  • Professional advisors. Counsel, auditors, and similar advisors under confidentiality obligations.
  • Business transactions. In connection with a merger, acquisition, financing, or sale of assets, subject to standard confidentiality and notice protections.
  • Legal and safety. Where required by law or to protect rights, safety, and security.

International transfers

Our infrastructure and many of our sub-processors are based in the United States. Where we transfer personal information from the European Economic Area, the United Kingdom, or Switzerland to the United States or other jurisdictions, we rely on appropriate safeguards including the European Commission Standard Contractual Clauses and the UK International Data Transfer Addendum, as applicable. Customers may request a copy of the executed transfer mechanism by emailing support@elyonsci.ai.

Retention

We retain personal information for as long as necessary to provide the Service, comply with legal obligations, resolve disputes, and enforce our agreements. Customer-tenant content retention is governed by the customer's contract and the Data Processing Addendum, with default retention of [CONFIRM RETENTION WINDOW] after termination unless extended by contract.

Cookies and analytics

We use cookies and similar technologies to operate the Site and the Service, remember preferences, analyze usage, and (where permitted) measure marketing performance. Categories used:

  • Strictly necessary. Required to authenticate sessions and operate the Service.
  • Functional. Remember user preferences and improve experience.
  • Analytics. Help us understand site and product usage.
  • Marketing. Used only with consent where required.

You can manage cookie preferences using the consent controls on the Site. For jurisdictions that require it, we present a consent banner on first visit.

Your rights

Subject to applicable law, you have the right to:

  • Access the personal information we hold about you
  • Correct inaccurate or incomplete information
  • Delete personal information, subject to lawful exceptions
  • Restrict or object to certain processing
  • Receive a portable copy of certain information
  • Withdraw consent where processing is based on consent
  • Lodge a complaint with a supervisory authority

California residents (CCPA / CPRA) additionally have the right to know the categories of personal information collected and disclosed, the right to delete, the right to correct, the right to limit the use of sensitive personal information, and the right to non-discrimination for exercising these rights. We do not sell or share personal information for cross-context behavioral advertising as those terms are defined under the CPRA.

To exercise any of these rights, email support@elyonsci.ai. We will verify your identity and respond within the timeframes required by applicable law.

Security

We maintain administrative, technical, and physical safeguards designed to protect personal information. These include encryption in transit and at rest, access controls, audit logging, and a documented incident response process. See /trust for more detail. No system is perfectly secure; we work to make ours secure by default and to respond promptly when issues arise.

Children

The Service is not directed to children under sixteen (16) and we do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact support@elyonsci.ai.

Changes

We may update this policy from time to time. Material changes will be communicated via in-app notice, email to account contacts, or both, before the change takes effect.

Contact

Elyon SCI, LLC
895 Fish Creek Thoroughfare, Unit C
Montgomery, Texas 77316
support@elyonsci.ai

For EU/UK data subject inquiries, please use the same address. We will appoint an EU/UK representative where required by law and post their details here.

Data subject request?

Email support with your name, the email under which you contacted us, and the right you want to exercise. We verify identity and respond within the timeframes required by applicable law.

Email supportTrust portal