Privacy Policy

AiK Engine (“AiK Engine”, “we”, “our”, or “us”) operates Watchtower, a B2B client portal and automation platform. This Privacy Policy explains how we collect, use, and protect information in connection with the Watchtower platform and related services.

By accessing or using Watchtower, you agree to the collection and use of information as described in this policy. If you do not agree, please discontinue use of the service.

When you or your organization is provisioned a Watchtower portal account, we collect: your email address, full name, and role within your organization. Account credentials are managed through Supabase Auth and are never stored in plaintext.

Watchtower allows you to import and manage lead records (prospective contacts) on behalf of your business. This data — including names, email addresses, company names, job titles, and LinkedIn URLs — is provided by you and processed solely to execute the outbound automation workflows you configure.

We log email send events, open events (where tracking is enabled), reply signals, and unsubscribe actions. These logs are associated with the lead record and used to manage campaign state and CAN-SPAM / CASL compliance.

We record actions taken within the platform (e.g., email sent, lead imported, campaign updated) along with the timestamp, user identifier, and IP address. These logs exist for security, accountability, and debugging purposes.

We may collect IP addresses, browser type, and request metadata when you access the platform. This data is used for rate limiting, fraud detection, and service security.

• To provision and operate your Watchtower portal account.
• To execute outbound email sequences and automation workflows on your behalf.
• To enforce unsubscribe and opt-out requests in compliance with CAN-SPAM and CASL.
• To display pipeline analytics, reporting, and activity history in your portal.
• To detect and prevent fraudulent or abusive use of the platform.
• To communicate service-critical updates (e.g., security notices, billing changes).

We do not sell, rent, or trade your data or your lead data to any third party. We do not use your lead data to train machine learning models or for any purpose outside the scope of operating your account.

Lead records are retained for the duration of your engagement with AiK Engine. Leads that have not been updated within the preceding 12 months are automatically transitioned to an “archived” pipeline stage as part of our data minimization practice. Archived records are not deleted; they remain accessible in your portal and can be reactivated. Active account data (user profiles, client settings) is retained for as long as your account is active.

On account termination, we will delete or anonymize your data within 30 days of a written deletion request, subject to any legal retention obligations.

Every outbound email sent through Watchtower includes a signed unsubscribe link compliant with CAN-SPAM and CASL, as well as machine-readable List-Unsubscribe headers (RFC 8058 one-click) for Gmail and Outlook. When a lead unsubscribes, their record is flagged opted_out = true and no further outbound emails are sent to that address for any client using the platform. Suppression is permanent unless explicitly reversed by the lead owner with documented re-consent.

Your data is stored in a PostgreSQL database hosted by Supabase on infrastructure in Canada (ca-central-1). Row-level security (RLS) policies ensure that client data is logically isolated — no client can access another client’s records.

All data is encrypted in transit (TLS 1.2+) and at rest. Access to production infrastructure is restricted to AiK Engine personnel with a documented need.

Despite these measures, no system is perfectly secure. If you discover a security vulnerability, please disclose it responsibly to privacy@aikengine.com.

Watchtower integrates with the following third-party services to operate. Each is bound by its own privacy policy:

• Supabase — database, authentication, and storage (supabase.com)
• Microsoft Graph API / Azure — for clients using Microsoft 365 email sending (microsoft.com)
• Google Gmail API — for clients using Google Workspace email sending (google.com)
• OpenAI — used for AI-generated content features (openai.com)
• n8n — workflow automation infrastructure (n8n.io)

We do not share your personal data with advertising networks, data brokers, or analytics aggregators.

Depending on your jurisdiction, you may have the right to: access the personal data we hold about you; request correction of inaccurate data; request deletion of your data; withdraw consent for processing; and lodge a complaint with your local data protection authority.

To exercise these rights, contact us at privacy@aikengine.com. We will respond within 30 days.

Watchtower uses a single session cookie issued by Supabase Auth to maintain your login state. We do not use advertising cookies, third-party tracking pixels, or analytics cookies. No cookie consent banner is required.

Watchtower is a business-to-business service and is not directed at children under 13 years of age. We do not knowingly collect personal information from children. If you believe we have inadvertently collected such information, contact us at privacy@aikengine.com.

We may update this Privacy Policy from time to time. Material changes will be communicated via the platform or by email. The “Effective” date at the top of this page indicates when the current version took effect. Continued use of Watchtower after a policy change constitutes acceptance of the revised terms.

Questions about this Privacy Policy or your data should be directed to: