Privacy Policy

Last updated: May 27, 2026 · Effective date: May 27, 2026

Last updated: May 27, 2026

1. Scope and Roles

This Privacy Policy describes how Axiant Partners ("Axiant", "we", "our", or "us") collects, uses, shares, sells, and protects information when you visit jyni.io, interact with our marketing pages, or use the JYNI service (together, the "Service").

For most data processed inside a customer's JYNI workspace (leads, contacts, documents, call notes, outbound campaign content, etc. — together "Customer Data"), Axiant acts as a processor (or "service provider" under CCPA/CPRA) on behalf of the Axiant customer, who acts as the controller (or "business"). The customer decides what personal data they put into the Service, for what purpose, and for how long. If you are an end-user, lead, or contact whose information was placed into JYNI by one of our customers, you should contact that customer directly about your rights. We will cooperate with the customer as required.

For data we collect directly (e.g., when you visit our marketing site, sign up for a trial, contact support, create an account, or use the Service — together "Account Information"), Axiant acts as the controller.

This Privacy Policy is incorporated by reference into our Terms of Service. The Terms include important data-license, data-sale, indemnity, and limitation-of-liability provisions that apply to your relationship with us.

2. Information We Collect

a. Information you give us

  • Account & billing. Name, work email, company name, role/title, password hash, phone number (optional), billing address, and payment details (processed by Stripe; we do not store full card numbers).
  • Communications. Messages you send to sales, support, or via our contact form.
  • Customer Data submitted to the Service. Records you upload or create (companies, deals, contacts, leads, documents, notes, calendar events, outbound campaign content, etc.).
  • Ad Studio inputs. Audience descriptions, offer details, product descriptions, creative briefs, and any other content you enter into the Ad Studio feature to generate advertising copy or audience plans. These inputs are processed via our AI sub-processors (including Anthropic) and are treated as Customer Data subject to the restrictions in our Terms of Service.

b. Information collected automatically

  • Usage & device data. IP address, browser type, operating system, referring pages, interactions with UI elements, feature usage, approximate location inferred from IP, and diagnostic data.
  • Cookies and similar technologies. Session cookies, authentication tokens, and limited analytics. See Section 9 (Cookies).
  • Telephony metadata. When you use voice or SMS features, our telephony provider (Telnyx) generates call detail records, SMS logs, recordings where enabled, and related metadata. Enabling recording is your choice and is your responsibility to disclose to participants as required by law.
  • Error telemetry. Crash, exception, and performance data (via Sentry) used to debug and improve the Service.

c. Information from third parties and public sources

  • Lead discovery ("Jynis"). If your plan includes AI lead discovery, we operate crawlers and use public data sources (search engines, directories, public business registries) and third-party enrichment APIs to surface potential business leads. The data surfaced is intended to be public business-contact information (company name, website, listed business phone/email, publicly posted principal).
  • Enrichment and verification providers. We may receive enrichment results from providers like Apollo, Hunter, Google Programmable Search, and e-mail verification services when those integrations are enabled.
  • Auth providers. If you sign in via a third-party identity provider, we receive basic profile information per your authorization.

We do not intentionally collect sensitive data. You agree not to upload health records, children's data, government IDs beyond EINs, full credit reports regulated by the FCRA, or other sensitive categories except as permitted by our Terms of Service.

3. How We Use Information

We use Account Information and Customer Data to:

  • Provide, operate, secure, and improve the Service;
  • Authenticate users and apply plan-based entitlements;
  • Process payments and manage subscriptions;
  • Generate AI outputs (classifications, drafts, scores, summaries, advertising content) you request through the Service, including Ad Studio inputs processed via our AI sub-processor (Anthropic) — your Ad Studio inputs are not used to train any third-party foundation model (see AI model training note above);
  • Deliver transactional communications (service announcements, security alerts, billing notices);
  • Send marketing communications to business contacts where lawful and where you have not opted out;
  • Detect, prevent, and respond to fraud, abuse, security incidents, or violations of our Terms;
  • Analyze aggregated, de-identified usage to improve the Service and produce industry benchmarks;
  • Train and improve Axiant's own internal classifiers, scorers, prompts, and analytics (we do not use Customer Data to train third-party foundation models — see below);
  • Comply with law and enforce our agreements.

AI model training (third-party). We do not use Customer Data to train third-party foundation models. AI outputs are generated by third-party model APIs (including Anthropic Claude) under contracts that prohibit training on customer-submitted prompts and responses.

4. Legal Bases (GDPR / UK GDPR)

Where the GDPR or UK GDPR applies, our legal bases for processing are: performance of a contract (to provide the Service you signed up for); legitimate interests (to secure and improve the Service, prevent abuse, monetize aggregated and de-identified data, and conduct B2B direct marketing); compliance with legal obligations (tax, accounting, response to lawful requests); and consent (where we ask for it, such as for non-essential cookies or where we sell or share personal data with third parties for their own use). Where we rely on legitimate interests, we balance those interests against your rights. EEA, UK, and Swiss residents may object to processing based on legitimate interests at any time by emailing privacy@jyni.io.

5. How We Share, Sell, and License Information

5.1 Sub-processors (service delivery)

Third parties that process data on our behalf to deliver the Service. Our current sub-processor list:

  • Supabase (database, authentication, file storage)
  • Railway (application hosting)
  • Stripe (payments and billing)
  • Anthropic (AI model inference)
  • Resend (transactional and marketing email delivery)
  • Telnyx (voice and SMS telephony)
  • Sentry (error monitoring)
  • Cloudflare (DNS, edge, and managed cold-outreach domains)
  • Porkbun (domain registration when you purchase a sender domain through us)
  • Formspree (marketing contact-form submissions)
  • Lead-enrichment providers you enable (e.g., Apollo, Hunter, Google Programmable Search)

These sub-processors act on our instructions and are contractually bound to confidentiality and security obligations.

5.2 At your direction

When you ask us to share information with a third party (e.g., a connected mailbox, a lender form fill, an export to CSV, or an API integration you authenticate).

5.3 Legal reasons

To comply with applicable law, valid legal process, or a good-faith request from a government or law-enforcement agency, or to protect rights, property, or safety.

5.4 Business transfer

In connection with a merger, acquisition, financing, restructuring, or sale of all or substantially all of the relevant assets. We will notify you of any change in ownership or use of your data.

5.5 Aggregated or de-identified data

We may use, sell, license, publish, and commercialize aggregated, anonymized, and de-identified data that does not reasonably identify you, any user, or any identifiable natural person — including in industry reports, market benchmarks, lead-quality datasets, advertising, and partner data products. As provided in Section 5 of our Terms of Service, Axiant owns this aggregated data.

5.6 Account Information — sharing, selling, and licensing

You acknowledge that, separate from Customer Data, we may share, sell, or license Account Information (such as name, business name, work email address, phone number, and role) and related usage and inferred-interest signals with selected third parties — including data partners, lead-enrichment providers, marketing partners, advertising networks, B2B data resellers, and affiliates — for purposes including:

  • (a) JYNI-product marketing, lifecycle communications, partner referrals, and co-marketing;
  • (b) producing industry benchmarks, market research, and B2B information products that may include personally identifying business-contact attributes where lawful;
  • (c) third parties' own marketing, sales, and analytics use, where lawful and disclosed to you in this policy.

Under California's CCPA/CPRA and similar U.S. state privacy laws (Colorado CPA, Connecticut CTDPA, Utah UCPA, Virginia VCDPA, Texas TDPSA, Oregon OCPA, Montana MCDPA, and others), some of the activities in 5.5 and 5.6 may constitute a "sale" or "sharing" of personal information. You may opt out at any time as described in Section 10. Opting out does not affect our ability to use Account Information to deliver, secure, or bill the Service or to send transactional communications.

5.7 We do not sell or share Customer Data with third parties for their own use

Customer Data (the data you put into your JYNI workspace — your leads, contacts, documents, etc.) is not sold or licensed to third parties for their own marketing or sales use. Customer Data is processed only as described in Sections 5.1–5.4 and 5.5 (in aggregated, de-identified form), and as instructed by you. This restriction applies in addition to Section 5.6 — that section governs Account Information, not Customer Data.

6. International Transfers

Our Service is hosted in the United States. By using the Service or providing information to us, you understand that your information may be transferred to, stored, and processed in the United States and other countries where our sub-processors operate. When we transfer personal data from the European Economic Area, the UK, or Switzerland to a country that has not received an adequacy decision, we rely on appropriate safeguards such as the EU Standard Contractual Clauses or the UK IDTA.

7. Data Retention

  • Customer Data. Retained for as long as the customer's account is active and for a reasonable period after termination (typically 30 days) to allow export. Longer retention may apply where required by law.
  • Account records. Retained for the life of the account plus 7 years after closure for tax, billing, and dispute-resolution purposes.
  • Logs and telemetry. Typically 30–90 days; security-relevant logs up to 1 year.
  • Marketing lists. Retained until you unsubscribe or object, after which your contact record is suppressed to honor your opt-out.
  • Aggregated/de-identified data. May be retained indefinitely once anonymized.

8. Security

We use administrative, technical, and physical safeguards designed to protect personal information, including TLS encryption in transit, encryption at rest for stored data, role-based access controls, row-level security, multi-factor authentication for our employees, logging and monitoring, and regular security reviews. No system is perfectly secure. If we become aware of a breach affecting your information, we will notify you consistent with applicable law.

9. Cookies and Similar Technologies

We use cookies and similar technologies to authenticate sessions, remember preferences, secure the Service, and measure performance. Most browsers let you block or delete cookies; blocking strictly necessary cookies may break login and other core functions. We do not currently use advertising cookies on the Service. Analytics, where used, is limited and aggregated.

10. Your Rights and Choices

Subject to applicable law and to whether Axiant is acting as controller or processor for the data in question, you may have the right to access, correct, delete, port, restrict, or object to the processing of your personal information, and to withdraw consent where processing is based on consent.

To exercise a right or submit a request, email privacy@jyni.io with the subject line indicating your request (e.g., "Access Request", "Deletion Request", "Do Not Sell or Share"). We will respond within the time required by applicable law (typically 45 days under CCPA/CPRA, 30 days under GDPR). We may verify your identity before processing certain requests.

If you are an end-user or lead whose information was entered into JYNI by one of our customers, please direct your request to that customer. They are the controller of that data. We will assist them as required under our agreement.

Do Not Sell or Share My Personal Information

If you are a resident of California, Colorado, Connecticut, Utah, Virginia, Texas, Oregon, Montana, or another U.S. state with comparable rights, you may opt out of the sale or sharing of your personal information as described in Section 5.6:

  • Email: Send a request to privacy@jyni.io with the subject line "Do Not Sell or Share My Personal Information". Include the email address and name associated with your JYNI account.
  • Global Privacy Control (GPC): We honor GPC signals where technically detectable and legally required.
  • Authorized agent. You may use an authorized agent to submit a request on your behalf; we may require written authorization and identity verification.

We will process opt-out requests within 15 business days (or sooner where required by law). Opting out applies to forward-going sale/share activity; it does not retract data we have already shared in good-faith reliance on your prior consent or our legitimate-interest analysis.

California residents (CCPA / CPRA)

In the prior 12 months we have collected the categories of personal information described in Section 2 for the business and commercial purposes described in Section 3. We have shared and may have "sold" or "shared" (as those terms are defined under CCPA/CPRA) the following categories of personal information for the purposes described in Section 5.6:

  • Identifiers (name, business name, work email, phone, role)
  • Commercial information (subscription plan, billing status, usage signals)
  • Internet or other electronic-network activity information (limited to inferred interest signals)
  • Professional or employment-related information (role, company, industry)

We have not sold or shared the contents of Customer Data (your leads, deals, documents, etc. inside your workspace) — see Section 5.7. We do not knowingly sell or share the personal information of anyone we know to be under 16. We do not use sensitive personal information for purposes that would require offering a "Limit the Use of Sensitive Personal Information" right.

California residents have the right to know, delete, correct, port, opt out of sale/share, and not be retaliated against for exercising these rights. To exercise any right, see the contact instructions in this Section 10.

EEA, UK, and Swiss residents

You have the right to lodge a complaint with your local supervisory authority. Our UK/EU representative is available on request.

Other U.S. state rights

Residents of Colorado, Connecticut, Utah, Virginia, Texas, Oregon, Montana, and other states with comprehensive privacy laws have comparable rights (access, deletion, correction, portability, opt-out of sale/share, opt-out of targeted advertising and profiling). We honor those rights as required.

11. Children

The Service is not directed to children under 16, and we do not knowingly collect personal information from children. If you believe a child has provided personal information, contact us and we will take steps to delete it.

12. Automated Decision-Making and AI

Certain Features (lead scoring, deal-routing suggestions, pipeline health alerts) involve automated processing by AI models. These are informational tools to assist our customer's sales team; they do not produce legal or similarly significant effects about individuals on their own. Customers remain responsible for their own decisions, including lender submissions, hiring, credit, and other material decisions. You have the right to ask for human review of any automated decision that materially affects you; email privacy@jyni.io.

13. Third-Party Links

Our site and Service may contain links to third-party sites. We are not responsible for the privacy practices of those sites. Review their policies before submitting information.

14. Marketing Communications

We may send marketing emails to business contacts who inquire about the Service or whose employers are customers. Every marketing email includes an unsubscribe link. To opt out of SMS marketing, reply STOP. Opting out of marketing does not stop transactional communications necessary to deliver the Service (receipts, security alerts, etc.). Marketing opt-out is separate from the "Do Not Sell or Share" opt-out described in Section 10.

15. Changes to This Policy

We may update this Privacy Policy from time to time. We will post the updated version with a new "Last updated" date and, for material changes (such as changes to our sale/share practices or your rights), provide reasonable advance notice by email or in-product. Continued use of the Service after the effective date constitutes acceptance.

16. Contact

Privacy questions or rights requests: email privacy@jyni.io. For legal notices, use legal@jyni.io. Postal mail to Axiant Partners at the address published on our contact page.