Privacy Policy

1. Who we are

MantAI Inc. is a Delaware C corporation formed under the laws of the State of Delaware, United States. We provide predictive maintenance software and related services to help logistics and fleet operators reduce vehicle maintenance costs and unplanned downtime. In this policy, "MantAI," "we," "us," and "our" refer to MantAI Inc. unless the context requires otherwise.

For data protection law, the controller of personal information collected through this website is:

• Legal entity name: MantAI Inc.
• Corporate form: Delaware corporation (C corporation)
• Principal / registered office address: [Insert business or registered agent address]

If you are unsure who the controller is for your relationship with us (for example, a pilot with a separate agreement), check your contract or ask us using the contact details below.

2. Scope of this policy

This Privacy Policy applies to the MantAI marketing website served from this repository (the pages you browse here, including the home page, documentation area, and optional demo pages such as animated login).

Our mobile application and fleet dashboard are separate products. They may process additional categories of data (for example, vehicle or operational data). Their privacy terms may be described in separate notices or in-product settings. For technical context across products, you may review our documentation—that page is informational and does not replace a product-specific privacy notice where one exists.

3. Personal data we collect

Depending on how you use the site, we may process the following categories:

3.1 Website usage and technical data

When you visit pages, standard web technologies and our hosting provider may process data such as IP address, approximate location derived from IP, browser type and version, device type, referring URL, pages viewed, and timestamps. We use this information to operate, secure, and improve the site and to understand aggregate traffic patterns.

3.2 Analytics

We use Vercel Web Analytics on this site. Analytics may use cookies or similar technologies to collect usage metrics in a privacy-oriented way as described in Vercel's documentation. See Vercel's Privacy Policy.

3.3 Scheduling (Calendly)

If you book a meeting through our Calendly embed or link, you submit information directly to Calendly (for example, name, email address, and meeting preferences). Calendly processes that information as described in its own policies. We receive the information needed to hold the meeting. See Calendly's Privacy Policy. Opening the scheduling widget may load third-party scripts or cookies from Calendly; those are governed by Calendly's terms and settings.

3.4 Optional demo authentication (Supabase)

Certain pages (for example, an animated login demo) may allow you to authenticate using Supabase. If you use that feature, we process account-related data such as email address, authentication credentials (stored using industry-standard hashing by the auth provider), and session tokens stored in cookies or local storage as needed for the session. See Supabase's Privacy Policy. If you do not use that feature, we do not collect this category through the demo flow.

3.5 Communications you send us

If you email us or contact us through other channels, we process the content of your message and associated metadata (such as your email address) to respond and, where relevant, to manage our relationship with you.

We do not use this marketing site to collect special categories of data (such as health data) and we do not ask you to upload fleet operational databases here unless we explicitly offer a secure channel for that purpose in the future.

4. Purposes and legal bases (EEA, UK, Switzerland)

Where the GDPR or similar laws apply, we rely on one or more of the following legal bases:

• Legitimate interests (Article 6(1)(f) GDPR): operating and securing the website, understanding aggregate usage, fraud prevention, and improving our services, where not overridden by your rights.
• Consent (Article 6(1)(a) GDPR): where we rely on consent (for example, if we add optional marketing cookies or similar in the future), we will obtain it separately and you may withdraw consent at any time.
• Performance of a contract or pre-contract steps (Article 6(1)(b) GDPR): where processing is necessary to respond to your request to enter into or perform a contract with us.
• Legal obligation (Article 6(1)(c) GDPR): where we must retain or disclose information to comply with law.

You may object to processing based on legitimate interests as described in the rights section below.

5. Cookies and similar technologies

We and our service providers may use cookies, local storage, pixels, and similar technologies for the purposes described in this policy. Strictly necessary technologies may be used to provide security and core functionality (for example, session management when you use optional authentication).

Third-party technologies may include Vercel Analytics and, when you interact with it, Calendly. Those providers may set or read their own cookies when their content loads.

If we introduce a cookie consent tool for non-essential cookies in a given region, we will update this policy and the site UI accordingly. Until then, you can control many cookies through your browser settings. Note that blocking some cookies may affect site functionality.

6. Recipients and subprocessors

We share personal information with service providers who process it on our behalf:

• Vercel Inc. — website hosting and analytics (United States and other locations per their infrastructure).
• Calendly LLC — meeting scheduling when you use our booking flow.
• Supabase — authentication backend when you use optional demo login features that we connect to Supabase.

We may also disclose information if required by law, legal process, or to protect the rights, safety, and security of MantAI Inc., our users, or others. If we are involved in a merger, acquisition, or asset sale, information may be transferred as part of that transaction subject to appropriate safeguards and notice where required.

7. Retention

We retain personal information only as long as necessary for the purposes described in this policy, unless a longer period is required or permitted by law.

• Server and analytics data: retained according to our hosting and analytics providers' configurations and our internal policies.
• Calendly: retained under Calendly's policies; we retain meeting correspondence as needed for our business relationship.
• Supabase auth (demo): retained according to project settings in Supabase and our account configuration; you may request deletion of demo accounts where applicable.

8. Security

We implement appropriate technical and organizational measures designed to protect personal information against unauthorized access, alteration, disclosure, or destruction. No method of transmission over the Internet is completely secure; we cannot guarantee absolute security.

9. Your privacy rights

Depending on your location, you may have rights to access, correct, delete, or export your personal information, and to object to or restrict certain processing. You may also have the right to lodge a complaint with a supervisory authority.

To exercise rights, contact us at the email below. We may need to verify your identity before fulfilling certain requests.

10. California residents (CPRA / CCPA)

If you are a California resident, you may have additional rights under the California Consumer Privacy Act (CCPA) as amended by the CPRA, including:

• Right to know the categories and specific pieces of personal information collected.
• Right to delete personal information we hold, subject to exceptions.
• Right to correct inaccurate personal information.
• Right to opt out of the "sale" or "sharing" of personal information for cross-context behavioral advertising, where applicable.

We do not sell your personal information for monetary consideration in the traditional sense. We use analytics and scheduling tools as described above; if a jurisdiction treats certain disclosures as "sharing" requiring an opt-out, we will provide mechanisms as required by law after legal review.

You may designate an authorized agent to make requests on your behalf, subject to verification requirements.

11. Children

This website is not directed at children. We do not knowingly collect personal information from anyone under 16 years of age in the EEA/UK, or under 13 in the United States. If you believe we have collected information from a child inappropriately, please contact us and we will take appropriate steps.

12. International transfers

MantAI Inc. is a U.S. company incorporated in Delaware. Primary processing of data we control is likely to occur in the United States, in addition to locations where our subprocessors operate.

We may process and store information in the United States and other countries where we or our service providers operate. Where we transfer personal data from the EEA, UK, or Switzerland to countries not deemed adequate by the relevant authority, we rely on appropriate safeguards such as the Standard Contractual Clauses adopted by our vendors or other lawful transfer mechanisms.

13. Changes to this policy

We may update this Privacy Policy from time to time. We will post the revised version on this page and update the "Last updated" date. If changes are material, we will provide additional notice as required by law (for example, a banner or email where appropriate).

14. Contact

For privacy questions or requests, contact us at: info@mantai.io (replace with your official privacy inbox).

You may also use the contact options shown in the website footer (for example, info@mantai.io) for general inquiries; for data-protection requests, please use the dedicated privacy inbox once configured.