Last Updated: October 17, 2025

This Privacy Policy explains how Pacific Intelligence Works, Inc. d/b/a Unusual (“Unusual,” “we,” “us,” or “our”) collects, uses, and discloses personal information when you visit our websites or use our services. It also explains choices and rights you may have. This Policy is incorporated into our Terms of Service.

1) Scope and Roles

1.1 What this Policy covers

This Policy applies to personal information we process about: (a) visitors to our websites and marketing pages, (b) prospects and business contacts, and (c) users of our AI Relations platform.

1.2 Controller vs. Processor

  • Processor/“Service Provider” role. For information contained in Customer Content that your organization uploads or generates within the Services (e.g., brand briefs, reference pages we host for you, meeting notes), we act as your processor/service provider and process that data solely under your instructions and our Data Processing Addendum (“DPA”).

  • Controller role. For our own websites, sales and account administration, billing, support, product analytics, and security logs, we act as a controller/business.

We do not use Customer Content to build or improve models for other customers, except in aggregated or de-identified form that does not identify you or your end users.

2) Information We Collect

2.1 Data you provide to us (controller context)

  • Business contact data: name, work email, company, role, phone, communications with us.

  • Account data: workspace/account identifiers, authentication and role information.

  • Support content: information you include in tickets or calls.

2.2 Information in Customer Content (processor context)

Materials you or your users upload or generate in the Services (e.g., product/brand docs, reference copy for “Content for AI” pages, notes from alignment meetings). You should not upload regulated or sensitive data (e.g., PHI, PCI, precise geolocation, data about children, special categories) unless we have a signed addendum expressly permitting it.

2.3 Automatic data (controller context)

  • Usage & device data: IP address, device/browser type, pages or screens viewed, timestamps, referral URLs.

  • Diagnostics & security logs: events needed to operate and secure the Services.

2.4 Payment information

We use third-party processors (e.g., Stripe). We do not retain full card numbers; processors handle them under their own policies.

3) Sources of Personal Information

  • Directly from you or your organization (forms, emails, meetings, uploads).

  • Automatically through the Services (usage, diagnostics).

  • From our service providers and subprocessors (cloud hosting, analytics, communications).

  • From publicly available business sources (e.g., your company website or business listings) for B2B outreach.

4) How We Use Information (Controller)

We use personal information to:

  • Provide and secure the websites and Services (including troubleshooting, preventing abuse, and maintaining availability).

  • Operate our business (billing, account management, communications).

  • Improve the Services (feature development, quality, reliability) using aggregated or de-identified analytics.

  • Comply with law and enforce our Terms.

We do not use personal information for ad personalization or cross-context behavioral advertising.

5) How We Process Customer Content (Processor)

When acting as your processor/service provider, we:

  • Process Customer Content only to deliver the Services and as directed in the DPA and your admin settings;

  • Implement reasonable and appropriate security measures;

  • Do not sell or share Customer Content;

  • Delete or return Customer Content upon termination or your instruction, subject to backups and legal holds.

6) AI Providers and Model Handling

  • The Services may send prompts and context to third-party model providers (e.g., LLM APIs) and cloud vendors you or we select.

  • Where such providers offer controls (contractual or technical), we configure them to disable provider training on your prompts/outputs or otherwise restrict provider use to operating their service. Provider policies vary and remain under the provider’s control.

  • We maintain a current list of our subprocessors and their purposes at /legal/subprocessors.

7) Disclosures of Personal Information

We disclose personal information to:

  • Service providers/subprocessors that host, support, or help us operate the Services (under contracts restricting their use of the data).

  • Your organization and administrators.

  • Professional advisers (lawyers, accountants, insurers) bound by confidentiality.

  • Authorities when required by law or to protect rights, safety, or the Services.

  • Transaction parties in a merger, acquisition, or similar corporate event (subject to appropriate safeguards).

We do not sell personal information and do not share personal information for cross-context behavioral advertising.

8) International Data Transfers

We may transfer personal information to the United States and other countries where we and our providers operate. Where required, we rely on Standard Contractual Clauses or comparable transfer mechanisms and implement appropriate safeguards. If we certify under a recognized data-transfer framework, we will reflect that on this page.

9) Security

We implement reasonable and appropriate technical and organizational measures, including access controls, encryption in transit (and at rest where applicable), logging/monitoring, vulnerability management, and workforce confidentiality obligations. No method of transmission or storage is 100% secure.

10) Retention

We retain personal information for as long as necessary to provide the Services, comply with legal obligations, resolve disputes, enforce agreements, and for legitimate business purposes. For Customer Content, retention follows the DPA and your instructions.

11) Your Choices

  • Marketing communications: You may opt out via the unsubscribe link or by contacting us.

  • Cookies/Tracking: You can manage cookies through your browser settings and, where offered, our site banner. We currently do not use cookies for ad personalization.

  • Global Privacy Control (GPC): Where legally required, we honor GPC signals as opt-out preferences for sale/share (we do not sell/share).

12) Your Rights (Region-Specific)

12.1 California (CPRA) and certain U.S. states

Subject to exceptions, you may have the right to know/access, delete, correct, port, and opt out of sale/share (not applicable to us at this time). You also have the right to limit the use/disclosure of sensitive personal information (we do not use sensitive PI for purposes requiring this right). If we deny a request, you may submit an appeal by replying to our decision email.

12.2 EEA/UK/Switzerland (GDPR)

Where we act as controller, our legal bases include contract, legitimate interests (e.g., security, product improvement, B2B communications), consent (where required), and legal obligations. You may have rights to access, rectify, erase, restrict, object, and portability. You may lodge a complaint with your local supervisory authority.

12.3 Exercising your rights

If we are controller, contact us at founders@unusual.ai. If we are processor/service provider, contact your organization’s administrator; we will assist them in fulfilling requests.

13) Cookies and Similar Technologies

We use only the cookies and similar technologies necessary to operate and measure the Services (e.g., session, security, and basic analytics). We do not use them for ad personalization. See your browser’s help for how to control cookies.

14) “Content for AI” Hosting

If you use our optional hosting of reference pages (e.g., a subdomain with brand/reference content):

  • You control the content and are responsible for accuracy and lawful basis.

  • We may collect operational logs (e.g., uptime, traffic volumes) to run the service.

  • On termination, you may export your content; we will delete hosted copies within a commercially reasonable period consistent with the DPA, subject to backups and legal holds.


15) Children

Our websites and Services are not directed to children under 16, and we do not knowingly collect personal information from children.

16) Changes to this Policy

We may update this Policy from time to time. The “Last Updated” date reflects the latest changes. Material changes will be posted on this page, and your continued use of the Services after the effective date constitutes acceptance.

17) Contact Us

Pacific Intelligence Works, Inc. d/b/a Unusual

San Francisco, California, USA

founders@unusual.ai