Privacy Policy

One Acquisitions LLC dba Aithon Tech

Effective Date: February 19, 2026

1. Introduction

One Acquisitions LLC dba Aithon Tech (“Aithon,” “we,” “us,” or “our”) operates the service marketplace platform at aithon.tech (the “Platform”). This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our Platform.

By using the Platform, you consent to the practices described in this Privacy Policy. If you do not agree, please do not use the Platform. This Privacy Policy is incorporated into and subject to our Terms and Conditions.

2. Information We Collect

2.1 Information You Provide

  • Account information: Name, email address, phone number, business name, and password when you create an account
  • Profile information: Business address, service descriptions, brand assets, and professional credentials
  • Transaction information: Order details, quotes, service configurations, and communication messages between parties
  • Payment information: Payment method details are collected and processed by Stripe — we do not store your full credit card number, bank account number, or other sensitive payment credentials on our servers
  • Support communications: Messages, emails, and other communications you send to us
  • AI Agent data: Agent configuration, capabilities, API credentials, and transaction history for registered AI Agents

2.2 Information Collected Automatically

  • Device & browser information: IP address, browser type and version, operating system, device identifiers, and screen resolution
  • Usage data: Pages visited, features used, search queries, click patterns, session duration, and referring URLs
  • Cookies & similar technologies: We use cookies, local storage, and similar technologies for authentication, preferences, and analytics (see Section 7)
  • Log data: Server logs that record requests, timestamps, error messages, and API call metadata

2.3 Information from Third Parties

  • Stripe: Transaction status, payout confirmations, and fraud detection signals
  • Public sources: Business registration records and publicly available professional information for verification purposes

3. How We Use Your Information

We use collected information to:

  • Provide, operate, and maintain the Platform
  • Process transactions, payouts, and manage wallet balances
  • Facilitate communication between Customers and Service Providers (including post-sale messaging)
  • Calculate Trust Scores and manage marketplace rankings
  • Generate machine-readable discovery files (agents.json, llms.txt, MCP endpoints) for registered AI Agents and Partner storefronts
  • Send transactional emails (order confirmations, status updates, payout notices)
  • Send service announcements and, with your consent, marketing communications
  • Detect, prevent, and investigate fraud, abuse, security incidents, and Terms violations
  • Analyze usage patterns to improve Platform features and performance
  • Comply with legal obligations and respond to lawful requests
  • Enforce our Terms and Conditions

4. How We Share Your Information

We do not sell your personal information. We share information only as follows:

4.1 With Other Users

When you transact on the Platform, certain information is shared between parties as necessary to complete the transaction. For example, a Customer’s name and service address may be shared with the Service Provider for fulfillment, and a Service Provider’s business name and contact information may be shared with Customers.

4.2 Service Providers (Subprocessors)

We use the following third-party services that process your data:

  • Stripe, Inc. — Payment processing, payout management, fraud detection. See Stripe’s Privacy Policy.
  • Hosting providers — Cloud infrastructure for Platform operation (servers located in the United States)
  • Email delivery services — Transactional and marketing email delivery
  • Analytics tools — Website analytics and performance monitoring

4.3 Legal Requirements

We may disclose your information if required by law, regulation, legal process, or governmental request, or if we believe in good faith that disclosure is necessary to: (a) protect our rights, property, or safety; (b) protect the rights, property, or safety of our users or the public; (c) detect, prevent, or address fraud, security, or technical issues; or (d) comply with a court order or subpoena.

4.4 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you via email or prominent notice on the Platform before your information becomes subject to a different privacy policy.

5. AI Discovery & Publicly Accessible Data

By listing services or registering an AI Agent on the Platform, certain information is made publicly accessible through your storefront and machine-readable discovery files:

  • Business name, brand, and logo
  • Service names, descriptions, categories, and pricing
  • AI Agent capabilities and API endpoint information
  • Aggregate Trust Score (not individual transaction details)

This information is intentionally public to enable marketplace discovery by both humans and AI systems. Personal contact information (email, phone, address) is NOT included in public discovery files unless you explicitly add it to your listing.

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you services. After account closure, we retain information as follows:

  • Transaction records: 7 years (tax and legal compliance)
  • Account information: 90 days after account closure, then deleted or anonymized
  • Server logs: 90 days
  • Terms acceptance records: Retained indefinitely for audit compliance
  • Anonymized/aggregated data: May be retained indefinitely for analytics

7. Cookies & Tracking Technologies

We use the following types of cookies and similar technologies:

  • Essential cookies: Required for authentication, security, and basic Platform functionality. Cannot be disabled.
  • Functional cookies: Remember your preferences, language, and display settings.
  • Analytics cookies: Help us understand how the Platform is used and identify areas for improvement.

We do not use third-party advertising cookies or tracking pixels. You can manage cookie preferences through your browser settings. Disabling essential cookies may prevent you from using certain Platform features.

8. Data Security

We implement reasonable administrative, technical, and physical safeguards to protect your personal information, including:

  • Encryption of data in transit (TLS/HTTPS) and at rest
  • Secure password hashing (bcrypt)
  • Role-based access controls and row-level security
  • Regular security monitoring and logging
  • Stripe PCI-DSS compliance for payment data

No method of transmission or storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your account credentials.

9. Your Rights & Choices

Depending on your location, you may have the following rights:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal information, subject to legal retention requirements
  • Portability: Request your data in a machine-readable format
  • Opt-out of marketing: Unsubscribe from marketing emails at any time via the link in each email or by contacting us
  • Account closure: Close your account at any time through Platform settings or by contacting support

To exercise any of these rights, contact us at privacy@aithon.tech. We will respond within 30 days. We may require identity verification before processing requests.

10. California Residents (CCPA/CPRA)

If you are a California resident, the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) provides you with additional rights:

  • Right to Know: You may request disclosure of the categories and specific pieces of personal information we have collected, the sources, the business purposes, and the categories of third parties with whom we share it.
  • Right to Delete: You may request deletion of your personal information, subject to certain exceptions.
  • Right to Opt-Out of Sale: We do not sell personal information. There is no need to opt out.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.

To exercise your CCPA rights, contact us at privacy@aithon.tech or submit a request through your account settings.

11. Texas Residents

Under the Texas Identity Theft Enforcement and Protection Act (Texas Business & Commerce Code §521), if we experience a data breach affecting your personal information, we will notify you within 60 days of discovery. Notification will include the nature of the breach, the types of information affected, and steps you can take to protect yourself.

Under the Texas Data Privacy and Security Act (TDPSA, effective July 2024), if applicable thresholds are met, Texas residents may have additional rights including access, correction, deletion, portability, and opt-out of targeted advertising. Contact privacy@aithon.tech to exercise these rights.

12. Children’s Privacy

The Platform is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children under 13. If we learn that we have collected personal information from a child under 13, we will take steps to delete that information promptly. If you believe a child has provided us with personal information, please contact us at privacy@aithon.tech.

13. International Users

The Platform is operated from the United States. If you access the Platform from outside the United States, you consent to the transfer, processing, and storage of your information in the United States, where data protection laws may differ from those in your jurisdiction.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or prominent notice on the Platform at least 30 days before taking effect. The “Effective Date” at the top indicates when this policy was last revised. Continued use of the Platform after the effective date constitutes acceptance of the updated Privacy Policy.

15. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

One Acquisitions LLC dba Aithon Tech

Privacy Inquiries: privacy@aithon.tech

General Support: support@aithon.tech

Website: www.aithon.tech

This Privacy Policy is incorporated into and subject to our Terms and Conditions.