Privacy Policy

Feb 20, 2026

Unusual Privacy Policy

Last Updated: February 20, 2026

This Privacy Policy explains how Pacific Intelligence Works, Inc. d/b/a Unusual (“Unusual,” “we,” “us,” or “our”) collects, uses, and discloses personal information when you visit our websites or use our services. It also explains choices and rights you may have. This Policy is incorporated into our Terms of Service.

1) Scope and Roles

1.1 What this Policy covers

This Policy applies to personal information we process about: (a) visitors to our websites and marketing pages, (b) prospects and business contacts, and (c) users of our platform.

This Policy uses defined terms consistent with our Terms of Service (accessible at unusual.ai/legal/terms-of-service). Key data categories referenced in this Policy include "Customer Content," "Insights/Outputs," "Service Data," "Feedback," and "Aggregated Data," each as defined in the Terms of Service.

1.2 Controller vs. Processor

Processor/“Service Provider” role. For information contained in Customer Content that your organization uploads or generates within the Services (e.g., brand briefs, reference pages we host for you, meeting notes), we act as your processor/service provider and process that data solely under your instructions and our Data Processing Addendum (“DPA”).
Controller role. For our own websites, sales and account administration, billing, support, product analytics, security logs, Service Data, Feedback, and Aggregated Data, we act as a controller/business.

We process Customer Content and Insights/Outputs under the licenses and rights described in our Terms of Service (Section 4). This includes using Customer Content, Insights/Outputs, Service Data, and Feedback to operate, improve, and develop the Services and our other products, including training and improving our models and algorithms. When we use such data for purposes beyond delivering the Services to you, we implement safeguards described in Section 4.4 of the Terms, including not making your Insights/Outputs directly available to other customers. We own all Aggregated Data and may use it for any lawful purpose.

2) Information We Collect

2.1 Data you provide to us (controller context)

Business contact data: name, work email, company, role, phone, communications with us.
Account data: workspace/account identifiers, authentication and role information.
Support content: information you include in tickets or calls.

2.2 Information in Customer Content (processor context)

Materials you or your users upload or generate in the Services (e.g., product/brand docs, reference copy for “Content for AI” pages, notes from alignment meetings). You should not upload regulated or sensitive data (e.g., PHI, PCI, precise geolocation, data about children, special categories) unless we have a signed addendum expressly permitting it.

2.3 Automatic data (controller context)

Usage & device data: IP address, device/browser type, pages or screens viewed, timestamps, referral URLs.
Diagnostics & security logs: events needed to operate and secure the Services.

2.4 Payment information

We use third-party processors (e.g., Stripe). We do not retain full card numbers; processors handle them under their own policies.

2.5 Service Data

We automatically collect data generated through your interaction with the Services, including usage logs, feature interaction data, session analytics, performance metrics, query volumes, telemetry, and technical diagnostics ("Service Data"). Service Data does not include the substance of Customer Content or Insights/Outputs but may include metadata about their creation and use. We are the controller of Service Data.

2.6 Feedback

We collect suggestions, enhancement requests, recommendations, ideas, feature requests, bug reports, evaluations, and other feedback regarding the Services that you or your users provide, whether verbally (including during recorded calls and meetings), in writing, through surveys, or through the Services ("Feedback"). We are the controller of Feedback. Feedback is not treated as your Confidential Information regardless of any designation to the contrary, as described in Section 8.3(f) of the Terms of Service.

3) Sources of Personal Information

Directly from you or your organization (forms, emails, meetings, uploads).
Automatically through the Services (usage, diagnostics).
From our service providers and subprocessors (cloud hosting, analytics, communications).
From publicly available business sources (e.g., your company website or business listings) for B2B outreach.

4) How We Use Information (Controller)

We use personal information in our controller capacity to:

Provide and secure the Services (including troubleshooting, preventing abuse, and maintaining availability).
Operate our business (billing, account management, communications).
Improve and develop the Services and our other products and services, including using Service Data, Feedback, and Aggregated Data for feature development, model training and improvement, algorithm development, quality and reliability improvements, benchmarking, and research. We may also use Customer Content and Insights/Outputs for these purposes under the licenses granted in the Terms of Service, subject to the safeguards described therein.
Create Aggregated Data by aggregating, anonymizing, or de-identifying data so that it does not identify you or any individual. We own Aggregated Data and may use it for any lawful purpose, including product development, benchmarking, research, marketing, and commercial purposes.
Comply with law and enforce our Terms.

We do not use personal information for ad personalization or cross-context behavioral advertising.

5) How We Process Customer Content (Processor)

When acting as your processor/service provider, we:

Process Customer Content only to deliver the Services and as directed in the DPA and your admin settings;
Implement reasonable and appropriate security measures;
Do not sell or share Customer Content;
Delete or return Customer Content upon termination or your instruction, subject to backups and legal holds.

For clarity, our use of Customer Content for the platform improvement and development purposes described in Section 4 above and Section 4.3 of the Terms of Service is conducted in our controller capacity under the licenses granted by Customer, not in our processor capacity.

6) AI Providers and Model Handling

The Services may send prompts and context to third-party model providers (e.g., LLM APIs) and cloud vendors you or we select.
Where such providers offer controls (contractual or technical), we configure them to disable provider training on your prompts/outputs or otherwise restrict provider use to operating their service. Provider policies vary and remain under the provider’s control.
We maintain a current list of our subprocessors and their purposes at /legal/subprocessors.

7) Disclosures of Personal Information

We disclose personal information to:

Service providers/subprocessors that host, support, or help us operate the Services (under contracts restricting their use of the data).
Your organization and administrators.
Professional advisers (lawyers, accountants, insurers) bound by confidentiality.
Authorities when required by law or to protect rights, safety, or the Services.
Transaction parties in a merger, acquisition, or similar corporate event (subject to appropriate safeguards).

We do not sell personal information and do not share personal information for cross-context behavioral advertising.

8) International Data Transfers

We may transfer personal information to the United States and other countries where we and our providers operate. Where required, we rely on Standard Contractual Clauses or comparable transfer mechanisms and implement appropriate safeguards. If we certify under a recognized data-transfer framework, we will reflect that on this page.

9) Security

We implement reasonable and appropriate technical and organizational measures, including access controls, encryption in transit (and at rest where applicable), logging/monitoring, vulnerability management, and workforce confidentiality obligations. No method of transmission or storage is 100% secure.

10) Retention

We retain personal information for as long as necessary to provide the Services, comply with legal obligations, resolve disputes, enforce agreements, and for legitimate business purposes. For Customer Content, retention follows the DPA and your instructions. For Service Data and Feedback, we retain such data for as long as necessary to fulfill the purposes described in this Policy, including product improvement, model training, and development of our Services. Aggregated Data may be retained indefinitely.

11) Your Choices

Marketing communications: You may opt out via the unsubscribe link or by contacting us.
Cookies/Tracking: You can manage cookies through your browser settings and, where offered, our site banner. We currently do not use cookies for ad personalization.
Global Privacy Control (GPC): Where legally required, we honor GPC signals as opt-out preferences for sale/share (we do not sell/share).

12) Your Rights (Region-Specific)

12.1 California (CPRA) and certain U.S. states

Subject to exceptions, you may have the right to know/access, delete, correct, port, and opt out of sale/share (not applicable to us at this time). You also have the right to limit the use/disclosure of sensitive personal information (we do not use sensitive PI for purposes requiring this right). If we deny a request, you may submit an appeal by replying to our decision email.

For purposes of the CCPA/CPRA, our use of Customer Content, Service Data, and Feedback for model training and service improvement as described in this Policy constitutes a "business purpose." We do not "sell" or "share" (as defined under the CCPA/CPRA) Service Data or Feedback.

12.2 EEA/UK/Switzerland (GDPR)

Where we act as controller, our legal bases include contract, legitimate interests (e.g., security, product improvement, model/algorithm improvement, benchmarking, B2B communications), consent (where required), and legal obligations. You may have rights to access, rectify, erase, restrict, object, and portability. You may lodge a complaint with your local supervisory authority.

12.3 Exercising your rights

If we are controller, contact us at founders@unusual.ai. If we are processor/service provider, contact your organization’s administrator; we will assist them in fulfilling requests.

13) Cookies and Similar Technologies

We use only the cookies and similar technologies necessary to operate and measure the Services (e.g., session, security, and basic analytics). We do not use them for ad personalization. See your browser’s help for how to control cookies.

14) “Content for AI” Hosting

If you use our optional hosting of reference pages (e.g., a subdomain with brand/reference content):

You control the content and are responsible for accuracy and lawful basis.
We may collect operational logs (e.g., uptime, traffic volumes) to run the service.
On termination, you may export your content; we will delete hosted copies within a commercially reasonable period consistent with the DPA, subject to backups and legal holds.

15) Children

Our websites and Services are not directed to children under 16, and we do not knowingly collect personal information from children.

16) Changes to this Policy

We may update this Policy from time to time. The “Last Updated” date reflects the latest changes. Material changes will be posted on this page, and your continued use of the Services after the effective date constitutes acceptance.