Last updated · May 21, 2026
Privacy Policy
This policy describes the information ThreeDayTech collects, why we collect it, how we use and share it, and the choices you have. It applies to our marketing site, to our engagements with clients, and to the AI systems we deploy and operate on behalf of those clients.
Information we collect
We collect information in three contexts: when you interact with our marketing site, when you engage us as a client, and when we operate AI systems we have deployed inside your business.
Information you give us. When you book a diagnostic, sign a contract, or email us, we collect your name, business email, employer, role, and the contents of your correspondence. During an engagement we collect the business context required to scope and deliver the work — workflow descriptions, sample documents, system access credentials, and the decisions made by your team.
Information generated by use. Systems we deploy generate operational telemetry: model invocations, latency, error traces, token counts, and the decisions an agent took on a given input. Where you ask us to host or operate a system on your behalf, we retain this telemetry for monitoring, debugging, and evaluation.
Information from your visit. Our marketing site logs standard server-side request data — IP address, user agent, referrer, and the pages you viewed — for security and aggregate analytics. We do not set advertising or tracking cookies.
Why we collect this information
We use the information we collect to deliver the work you have engaged us for, to operate the systems we have deployed for you, to communicate with you about active and prospective engagements, to invoice and collect payment, to meet our legal obligations, and to improve the quality and safety of what we ship.
We do not use client business data to train general-purpose models. Where evaluation datasets are needed to validate a deployment, we build them from your data only for your deployment, with your explicit written approval, and we delete them on request.
Your privacy controls
As a client, you control the data you make available to us, the systems we are permitted to access, and the retention period for engagement artefacts. Your master services agreement and the relevant statement of work set these out; you can revise them at any time on reasonable notice.
As an individual — for example, an employee at one of our clients, or someone who has contacted us — you may ask us what personal information of yours we hold, ask us to correct it, or ask us to delete it, subject to the legal and contractual obligations we owe to your employer.
Keeping your information secure
We use industry-standard controls to protect the information entrusted to us: encryption in transit and at rest, least-privilege access with single sign-on and multi-factor authentication, audit logging on production systems, time-bounded credentials, environment isolation between clients, and code review on every change shipped to a client environment.
No system is perfectly secure. If we become aware of a security incident affecting your information, we will notify you without undue delay and cooperate with you on investigation, containment, and any required disclosures.
Exporting and deleting your information
On request, we will export the data and artefacts associated with your engagement — source code, prompts, evaluation sets, configuration, and telemetry — in a portable format, and we will delete our copies on the timeline set out in your agreement, subject only to backups that age out on their normal schedule and to information we are legally required to retain.
Retaining your information
We keep information only as long as needed for the purpose we collected it. Operational telemetry for systems we operate is typically kept for ninety days unless your agreement specifies otherwise. Engagement artefacts are kept for the duration of the engagement plus the period required to support warranty, audit, and tax obligations. Contact and correspondence records are kept while we have an active business relationship and for a reasonable period afterwards.
Compliance and cooperation with regulators
We comply with the privacy and data protection laws applicable to our operations and to the engagements we deliver. Where you operate under a specific regime — HIPAA, GDPR, India's Digital Personal Data Protection Act, sector-specific rules in financial services or government — we will sign the corresponding agreements (business associate, data processing, or equivalent) before processing data covered by that regime.
We respond to lawful requests from regulators and authorities. Where the law allows, we will tell you before disclosing your information.
About this policy
ThreeDayTech is a brand operated by Celer Analytics Solutions LLP. This policy applies to ThreeDayTech and to the marketing site at threedaytech.ai. It does not apply to the products and services of our clients, nor to the practices of third-party model and infrastructure vendors, which are governed by their own policies.
We may update this policy from time to time. When the changes are material, we will update the date at the top of the page and, where appropriate, give notice to active clients.
Contact us
Questions about this policy, or requests about your information, should be directed to [email protected].