Privacy and Policy

Effective date: 11/01/2025

Last updated: 01/03/2026

This Privacy Policy explains how Bites.com, Inc. (“incinema.ai”, “we”, “us”, or “our”) collects, uses, discloses, and protects personal information when individuals and organizations use our products and services.

This Policy is designed for an enterprise-grade SaaS platform and covers all key modules and channels through which Bites.com may process personal data, including:

• Bites.com websites and landing pages

• The Bites.com platform (web and mobile)

• Bites Box and other on-premise / edge devices

• Integrations (email, calendar, storage, payments, analytics, messaging, Home Assistant)

• AI assistants and automation features

• Third-party apps, APIs, and SDKs connected to Bites.com

If you do not agree with this Policy, you should not use our Services.

1. Who We Are

Bites.com is a life and business operating system that provides tools for, among other things: CRM, ERP and finance, email and communication management, project and task management, event and venue management, warehouse and inventory, marketing and analytics, tax and accounting workflows, property and IoT, on-premise devices (Bites Box), and AI-powered assistants and summarisation.

We act as:

• A data controller for personal data we collect and use for our own purposes (e.g., our website, billing, support, security, marketing).

• A data processor/service provider for personal data we handle on behalf of our customers inside their workspaces (e.g., contacts, projects, emails, employees).

2. Scope and Applicability

This Privacy Policy applies to:

• Visitors to our websites and marketing pages

• Individuals who create or administer Bites.com accounts and workspaces

• Users invited to a workspace by a customer

• Customer contacts stored within CRM, ERP, marketing, or other modules

• Individuals whose data enters the platform via integrations, imports, APIs, or Bites Box

This Policy does not apply to third-party products or services you connect to Bites.com, where those third parties act as controllers under their own privacy policies. Processing done by our customers as independent controllers is also outside the scope. Regional addenda (e.g., EU/UK, California) will prevail where required by law.

3. Key Definitions

• “Personal Data” / “Personal Information” means any information that relates to an identified or identifiable individual.

• “Customer” means the organization or individual that creates a workspace or subscribes to our Services.

• “Workspace” means an account or tenant within the Bites.com platform belonging to a Customer.

• “End User” means a person invited to use a workspace.

• “Customer Contact” means a person whose data is stored within the Customer’s workspace.

• “Controller” means the entity that determines the purposes and means of processing personal data.

• “Processor” means the entity that processes personal data on behalf of the controller under instructions.

• “Bites Box” means an on‑premise or edge device running local components of the Bites.com platform.

• “Services” means all Bites.com products, platforms, apps, APIs, hardware, and related services provided by Bites.com.

4. How We Collect Personal Data

4.1 Data You Provide Directly

• Create an account, open a workspace, or subscribe to a plan

• Configure your profile (name, photo, contact details)

• Invite users into your workspace (staff, partners)

• Enter or upload data into CRM, ERP, projects, tasks, events, emails, content

• Upload attachments (documents, spreadsheets, images, audio, video)

• Submit forms on our website (contact, demo request, trial, support ticket)

4.2 Data Collected Automatically

We may automatically collect device and browser information, log data, usage data, Bites Box telemetry, and Home Assistant events where configured. We may use cookies, pixels, SDKs and similar technologies — see our Cookie Policy for details.

4.3 Data from Third Parties and Integrations

When Customers connect third-party tools (email, calendar, telephony, accounting, storage, analytics), we may receive emails, calendar events, contacts, invoices, event logs, and marketing data. The third-party provider’s privacy policy governs their use of that data.

4.4 Data from Social, Ads and Lead Generation Platforms

When you interact with our ads or content on platforms like Meta or Google, we may receive information you choose to submit (name, email, phone, company). We use this information as described in the Marketing section.

5. Categories of Personal Data We Process

We may process account/profile data, workspace and business data (CRM, sales, projects), communication and collaboration data (emails, messages, calls), financial and transaction data, IoT and Bites Box telemetry, AI interaction data, and website/cookie analytics data depending on how you and Customers use the Services.

6. Legal Bases for Processing (Where Applicable)

Where GDPR or similar laws apply, we rely on performance of a contract, legitimate interests, consent, or legal obligation. As a processor, we act on Customer instructions and rely on their legal basis.

7. How We Use Personal Data

We use personal data to provide and operate Services, personalize and improve user experience, enable AI features, provide support, maintain security, perform analytics, and run permitted marketing and advertising.

8. How We Use AI and Machine Learning

AI features operate on workspace data and prompts. We do not use identifiable workspace content to train public foundation models. De‑identified and aggregated data may be used to improve models. Limited human review may occur for investigations or quality control. Bites Box devices may run local AI models as configured by Customers.

9. Cookies, Tracking Technologies and Similar Tools

We use cookies, pixels, SDKs and similar tools to authenticate users, remember preferences, measure usage, and support advertising. See our Cookie Policy for controls and details.

10. How We Share Personal Data

We do not sell personal data. We share data with service providers, third‑party integrations (at your direction), advertising/analytics partners (limited data), during business transfers, and when required for legal reasons.

11. Data Retention

We retain personal data as needed to provide Services, comply with legal obligations, and resolve disputes. Retention depends on data type and Customer configuration; when no longer needed, data will be deleted or anonymised unless legal requirements prevent it.

12. International Data Transfers

We may process and store data outside your country. We use adequacy decisions, Standard Contractual Clauses, and other safeguards to protect international transfers where required.

13. Your Rights and Choices

Depending on local law, you may have rights such as access, rectification, erasure, restriction, objection, portability, and withdrawing consent. If Bites.com is the controller, contact us using details below. If we act as processor, we will assist the Customer with rights requests.

14. Marketing Communications, Preferences and Opt-Out

We may send service-related and marketing communications where permitted. Opt out via unsubscribe links, account settings, or by contacting us. Opting out of marketing does not affect service or transactional communications.

15. Meta/Facebook and Other Lead Ads

Lead ads and similar forms may provide us with contact information and campaign context. We use this to respond to requests and follow up where permitted. We do not sell lead form data to third parties.

16. Security

We implement organizational and technical measures such as encryption, access controls, network security, logging, backups, and monitoring to protect personal data. No system is perfectly secure, but we continuously improve safeguards.

17. Location Data

We collect and use location data to verify that users are physically present at the assigned task locations before allowing task execution.

Location access is used only while the app is in use or when performing a task that requires verification of physical presence.

This data is securely transmitted and is not shared with third parties except when required for essential services such as map providers or legal compliance.

We do not sell location data.

18. Bites Box, Home Assistant and IoT Data

Customers control which devices and sensors are integrated with Bites Box. Device and sensor data may be processed to support automations and analytics. Customers must provide required notices and configure retention and sync settings.

19. Children’s Privacy

Our Services are not intended for children. We do not knowingly collect personal data from children where parental consent is required. If discovered, we will take reasonable steps to delete such data.

20. Third-Party Websites and Services

Our Services may link to third-party websites. We are not responsible for their privacy practices. Review third-party policies before using their services.

21. Changes to This Privacy Policy

We may update this Privacy Policy for service, legal, or operational reasons. We will update the effective/last updated dates and may notify users of material changes. Continued use after updates constitutes acceptance.

22. Contact Us

If you have questions or requests regarding this Policy, contact us at:

Bites.com, Inc.

7300 State Highway 121, McKinney, TX 75070

Email: info@bites.com

Website: https://bites.com