Privacy Policy

Who we are

CNS Labs, Inc. is a Delaware C-Corporation operating shodai.network as a remote-first team. For the purposes of EU and UK data protection law, CNS Labs, Inc. is the data controller for personal information collected through the Site.

Privacy contact: hello@shodai.network

Information we collect

Information you provide. When you complete our contact form, we collect the information you submit, which typically includes your name, email address, company, role, and the contents of your message.

Information collected automatically. When you visit the Site, we and our analytics provider may collect limited technical information, including pages and content viewed, referring URL, approximate location derived from IP address, device and browser type, language preference, and basic interaction events. Our analytics configuration is set up to limit the collection of full IP addresses where supported by the provider.

We do not knowingly collect special categories of personal data (such as health, biometric, or financial account information) through the Site, and we ask that you not submit such information through the contact form.

How we use information

We use the information described above to:

• operate, maintain, and secure the Site;
• understand aggregate traffic patterns and the performance of our content;
• respond to inquiries submitted through the contact form;
• communicate with you about your inquiry or, where you have opted in, related updates;
• detect, prevent, and respond to fraud, abuse, or security incidents; and
• comply with legal obligations and enforce our rights.

For visitors in the EU, UK, and other GDPR-regulated jurisdictions, we rely on the following legal bases: your consent (for analytics and functional cookies that are not strictly necessary), our legitimate interests (in operating and securing the Site and responding to inquiries), and compliance with legal obligations.

Cookies and similar technologies

We use cookies and similar technologies on the Site, in two categories:

• Strictly necessary. Required for the Site to function and for your consent preferences to be remembered. These are always active.
• Analytics and functional. Loaded only after you accept analytics cookies in our consent banner. These include Google Analytics 4 cookies (e.g., _ga, _ga_*) and HubSpot cookies (e.g., __hssc, __hssrc, __hstc, hubspotutk) used to measure traffic and operate the contact form.

You can decline analytics and functional cookies in the banner, and you can change your decision at any time by clearing the shodai_cookie_consentvalue in your browser's site data, or by emailing us at hello@shodai.network and we will help. Most browsers also let you delete or block cookies through their settings.

We do not use the Site for advertising, retargeting, or ad personalization, and we do not currently respond to "Do Not Track" browser signals because no common standard for them has been finalized.

Service providers and international transfers

We rely on the following service providers to operate the Site. Each processes information on our behalf, subject to their own terms and privacy commitments:

• Google LLC (Google Analytics 4) - website analytics.
• HubSpot, Inc. - contact form delivery, CRM, and related functional tracking.
• Vercel Inc. - Site hosting and content delivery.

These providers operate primarily in the United States. If you access the Site from outside the United States, your information will be transferred to and processed in the United States and other jurisdictions whose data protection laws may differ from those in your country. Where required, transfers from the EU, UK, or Switzerland are made under appropriate safeguards such as the EU Standard Contractual Clauses or successor mechanisms relied on by the relevant provider.

How we share information

We do not sell personal information, and we do not share personal information for cross-context behavioral advertising. We may disclose information:

• to the service providers listed above, only as needed to operate the Site;
• to comply with applicable law, legal process, or enforceable governmental request;
• to protect the rights, property, or safety of CNS Labs, our users, or others, including for fraud prevention and security; and
• in connection with a corporate transaction such as a merger, acquisition, or sale of assets, in which case we will require the recipient to honor commitments consistent with this Policy.

Data retention

We keep contact form submissions and related correspondence for as long as necessary to respond to your inquiry, maintain our business records, and comply with legal, accounting, or reporting obligations. Analytics data is retained according to the configuration of our analytics provider; we use the shortest retention period that meets our reporting needs and the provider's available options. When information is no longer needed, we delete or de-identify it.

Security

We use reasonable administrative, technical, and organizational measures designed to protect personal information against unauthorized access, loss, misuse, and alteration. No method of transmission over the internet or method of electronic storage is fully secure, however, and we cannot guarantee absolute security.

Your privacy rights

Depending on where you live, you may have the following rights regarding your personal information:

• access a copy of the information we hold about you;
• correct inaccurate or incomplete information;
• request deletion of your information;
• restrict or object to certain processing;
• request portability of information you provided to us;
• withdraw consent where processing is based on consent (for example, analytics cookies); and
• lodge a complaint with your local data protection authority.

EU, UK, and Swiss residents (GDPR / UK GDPR)

If you are located in the EU, UK, or Switzerland, you can exercise the rights above by emailing hello@shodai.network. We will respond within the timeframes required by applicable law. You also have the right to complain to your supervisory authority if you believe we have not handled your information appropriately.

California residents (CCPA / CPRA)

If you are a California resident, you have the right to:

• know what personal information we collect, use, and disclose about you;
• request deletion of your personal information;
• correct inaccurate personal information;
• opt out of the "sale" or "sharing" of your personal information; and
• be free from discrimination for exercising your rights.

We do not sell or share personal information as those terms are defined under the CCPA/CPRA, and we have not done so in the preceding twelve months. To submit a request, email hello@shodai.networkwith the subject line "California Privacy Request." We will verify your request using information reasonably necessary to confirm your identity. You may use an authorized agent, in which case we may require written authorization and verification.

Children's privacy

The Site is not directed to children under the age of 16, and we do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us so we can delete it.

Changes to this Policy

We may update this Policy from time to time. When we do, we will revise the "Last updated" date above. Material changes will be communicated through the Site or by other reasonable means before they take effect.

Contact us