Data Sovereignty & Trust.

1. Introduction

Strix Vision Inc. ("we," "us," or "our") is committed to protecting the privacy and security of law enforcement agencies and their personnel. This Privacy Policy describes how we handle information in connection with our AI-powered intelligence platform (the "Service"), which is deployed within your agency's own infrastructure.

For clarity, your agency remains the controller of its operational data. Strix Vision provides software and related services that process data within your environment.

2. Information We Process

We support the processing of the following categories of information within your agency's environment:

Agency Data: Case files, incident reports, audio/video recordings, officer statements, and related law enforcement intelligence processed by the platform within your agency's infrastructure. Strix Vision does not remove or copy this operational data outside your environment as part of normal platform operation.

User Information: Names, email addresses, badge numbers, agency affiliations, and authentication credentials of authorized users, as required for access control and auditability.

System Logs: Usage data, access logs, timestamps, IP addresses, and other technical information generated by the platform and stored within the agency's environment, as necessary for security auditing, troubleshooting, and platform optimization.

3. How We Use Information

We use information solely to support your agency in connection with the Service. In particular, we use it to:

• Provide AI-powered transcription, summarization, and intelligence generation features within your agency's environment.
• Help maintain platform security and assist in detecting unauthorized access or misuse, using information available within your environment.
• Provide technical support and respond to agency inquiries, using only the minimum data necessary to address an issue.
• Comply with legal obligations that apply to Strix Vision in relation to our own business records.
• Improve system performance, reliability, and user experience through software updates and configuration guidance, without exporting your operational case data from your infrastructure.

We do not use your agency's operational data for unrelated commercial purposes.

4. Data Storage and Security

The Service is designed to operate as an on‑premise solution inside your agency's own environment. Strix Vision does not host or control your operational infrastructure.

Location: All operational agency data processed by the platform remains within your agency's infrastructure on Canadian soil and does not leave your network for AI processing.

Transmission Security: Data transmitted between authorized users and the platform can be protected using agency-managed network encryption (for example, VPNs and TLS), in accordance with your security policies.

Security Controls: Strix Vision provides the software node and AI engine. Your agency is solely responsible for implementing and managing all infrastructure, security controls, user access, and compliance measures within its environment, including (as applicable) at‑rest encryption, network security, identity and access management, vulnerability management, backups, and incident response.

Configuration: Where the software exposes configuration options (such as user roles and logging), your agency determines how to configure and use these options as part of its own security and governance framework.

Your agency retains full control over the security posture of its deployment and remains responsible for compliance with applicable laws, regulations, and internal policies.

5. Data Sharing and Disclosure

We do not sell, trade, or rent your agency's operational data.

No third-party processing of operational data: All processing of case-related data occurs locally within the agency's own infrastructure. We do not transmit your operational case data to external cloud services or third‑party AI APIs.

Limited business records: Strix Vision may maintain limited business records (such as billing information, support tickets, and contact details) in our own systems, which do not include your operational case content.

Information may be disclosed by Strix Vision only:

• With the authorization of your agency or as directed by authorized agency personnel.
• As required to comply with valid legal processes applicable to Strix Vision (for example, warrants, court orders, or subpoenas relating to our own business records).
• Where necessary to protect the safety of officers, the public, or to prevent or respond to illegal activity involving Strix Vision's services.

Your agency remains responsible for responding to disclosure requests relating to its own operational data stored within its environment.

6. AI Training and Model Development

Your operational data is not used to train public or shared AI models.

• Each agency instance is private and logically segregated.
• We do not extract, anonymize, or aggregate your sensitive case data for model training or analytics outside your agency's environment.
• Any improvements to our models or software are developed using separate datasets, synthetic data, or information provided under separate and explicit arrangements that do not involve your agency's operational case data.

7. Data Retention and Deletion

Within your environment: Agency data is retained within your infrastructure according to your internal records retention policies and any applicable legal or regulatory requirements.

Strix-held data: Where Strix Vision temporarily receives or accesses data (for example, for support, diagnostics, or troubleshooting), such data will be limited to what is necessary, handled under strict confidentiality, and retained only for as long as needed for that purpose or as required by law.

Upon request or contract termination, we will cooperate with your agency to support the secure deletion or return of any data under Strix Vision's direct control, consistent with legal and contractual requirements.

Audit logs within your environment may be retained by your agency for compliance and accountability, in line with applicable laws and policies.

8. Your Rights and Agency Responsibilities

Authorized representatives of your agency have the ability, within their instance, to:

• Access and review data stored within the agency's deployment of the platform.
• Request corrections to inaccurate information within the system.
• Export data in machine-readable formats, where technically feasible.
• Request deletion or restriction of data, subject to legal retention obligations and your internal policies.
• Review access logs and user activity for audit and oversight purposes.

End users and data subjects should direct any privacy-related requests (including access, correction, or deletion) to their police service or agency, which remains responsible for responding as the controller of their information.

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will notify agencies via email or in‑platform notifications. Your agency's continued use of the Service after such changes become effective will constitute acceptance of the updated policy.

10. Contact Us

For questions or concerns about this Privacy Policy or our data practices, please contact:

Strix Vision Inc.
Email: [email protected]
Phone: 289-213-6571