Back to MoyaTerms of Service

Privacy Policy

Effective Date: June 14, 2026  ·  Version 1.1

Moya Tech LLC ("Company," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our trade compliance and classification platform ("Service"). By using our Service, you consent to the data practices described in this policy.

1. Information We Collect

1.1 Information You Provide

  • Account Information: Email address, name, and password for user authentication.
  • Product Data: Product descriptions and HTS codes submitted for classification.
  • Payment Information: Credit card details processed securely via Stripe — we do not store card numbers.

1.2 Information Collected Automatically

  • Usage Data: Pages visited, features used, and session duration for service improvement.
  • Device Information: Browser type, operating system, and IP address for security and analytics.
  • Log Data: Access times, error logs, and API calls for troubleshooting.

1.3 Information from Third Parties

We may receive information from authentication providers (if using SSO), payment processors (Stripe), and analytics services.

2. How We Use Your Information

  • Provide Services: Process classifications and manage your account.
  • Improve Services: Analyze usage patterns and develop new features.
  • Communication: Send service updates and respond to inquiries.
  • Security: Detect fraud, prevent abuse, and ensure platform integrity.
  • Legal Compliance: Meet regulatory requirements and respond to legal requests.

3. Data Storage and Security

3.1 Storage Location

  • User credentials: PostgreSQL (US-West), passwords stored as bcrypt hashes.
  • Session data: PostgreSQL, encrypted with AES-256-GCM.
  • Documents: Cloud Storage with at-rest encryption.
  • Vector embeddings: Qdrant with at-rest encryption.

3.2 Security Measures

  • All data encrypted in transit (TLS 1.3) and at rest (AES-256).
  • Role-based access control with principle of least privilege.
  • Automatic masking of sensitive data (emails, phone numbers, SSN).
  • Rate limiting and WAF protection against abuse and DDoS.

4. Data Sharing and Disclosure

We do not sell your personal information. We may share data with:

  • Service Providers: Infrastructure and payment processing partners, as necessary to operate the Service.
  • AI Providers: Product descriptions may be processed by secure Enterprise AI providers to generate classifications.
  • Legal Authorities: When required by law, court order, or to protect rights and safety.
  • Business Transfers: In the event of a merger, acquisition, or reorganization (with prior notice).

5. Data Retention

  • Account data: Retained until account deletion, plus a 30-day grace period.
  • Classification history: 2 years for audit trail purposes.
  • Documents: 90 days after processing, unless retained by user.
  • Log data: 12 months for troubleshooting.

6. Your Rights

6.1 All Users

  • Access: Request a copy of your personal data.
  • Correction: Update inaccurate information.
  • Deletion: Request deletion of your account and data.
  • Export: Download your data in a portable format.

6.2 California Residents (CCPA)

  • Right to know what personal information we collect.
  • Right to delete personal information.
  • Right to opt-out of sale (we do not sell your data).
  • Right to non-discrimination for exercising CCPA rights.

6.3 EU Residents (GDPR)

  • Rights to access, rectification, and erasure.
  • Right to data portability.
  • Right to restrict or object to processing.
  • Right to withdraw consent at any time.

To exercise these rights, contact us at privacy@moyatech.ai.

7. Children's Privacy

Our Service is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

8. International Data Transfers

If you access our Service from outside the United States, your data may be transferred to and processed in the United States. We implement appropriate safeguards for international transfers, including Standard Contractual Clauses for EU transfers and Data Processing Agreements with service providers.

9. Cookies and Tracking

  • Essential cookies: Authentication and security (session duration).
  • Functional cookies: Language preferences (1 year).
  • Analytics cookies: Usage statistics (1 year).

You can control cookies through your browser settings.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email notification or a prominent notice on our Service. Continued use after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at: privacy@moyatech.ai

For data protection inquiries in the EU: dpo@moyatech.ai

Mailing address: Moya Tech LLC, 2010 El Camino Real #1487, Santa Clara, CA 95050, United States.