8F
← Back to Home

Privacy Policy

Last updated: March 2026

8thFloor (“we,” “our,” or “us”) is operated by Neo-2 Consulting, based in Saskatoon, Saskatchewan, Canada. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the 8thFloor platform and related services (collectively, the “Service”).

By accessing or using the Service, you agree to this Privacy Policy. If you do not agree, please do not use the Service.

1. Information We Collect

Account Information

When you create an account, we collect your name, email address, password (stored in hashed form), company or team name, and any profile information you choose to provide.

Usage Data

We automatically collect information about how you interact with the Service, including pages visited, features used, session duration, referring URLs, browser type, device type, and IP address.

Marketing Data

When you use our marketing tools, we process data related to your email campaigns (subscriber lists, open rates, click rates), social media accounts and posts, SEO metrics and keywords, content you create or upload, and analytics and performance reports.

AI Interactions

We collect the prompts, messages, and instructions you send to our AI agents, as well as the responses generated. This data is used to provide the Service and improve our AI capabilities.

2. How We Use Your Information

  • Provide the Service: Deliver and maintain the 8thFloor platform, including all marketing tools, dashboards, and AI features.
  • AI Processing: Process your inputs through our AI models (powered by Anthropic’s Claude) to generate marketing strategies, copy, analyses, and recommendations.
  • Analytics & Improvement: Analyze usage patterns to improve platform performance, develop new features, and fix issues.
  • Communication: Send you transactional emails (account confirmations, billing receipts), product updates, and marketing communications (with your consent).

3. Data Storage & Security

Your data is stored in encrypted PostgreSQL databases hosted on AWS infrastructure. We implement industry-standard security measures including:

  • Encryption at rest and in transit (TLS 1.2+)
  • Hashed and salted passwords
  • Role-based access controls
  • Regular security audits and monitoring
  • Automatic backups with point-in-time recovery

While we strive to protect your data, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security.

4. Third-Party Services

We share data with the following third-party services as necessary to operate the platform:

  • Anthropic (Claude AI): Your prompts and contextual data are sent to Anthropic’s API for AI processing. Anthropic’s data usage policies apply to this processing.
  • Stripe: Payment information is processed securely by Stripe. We do not store your full credit card number on our servers.
  • Social Platform APIs: When you connect social media accounts, we interact with their APIs (e.g., Meta, X/Twitter, LinkedIn) subject to their respective terms and privacy policies.

5. Your Rights

You have the right to:

  • Access: Request a copy of the personal data we hold about you.
  • Delete: Request deletion of your account and associated personal data.
  • Export: Export your data in a machine-readable format.
  • Opt-out: Unsubscribe from marketing communications at any time.
  • Correct: Request correction of inaccurate personal data.

To exercise any of these rights, contact us at [email protected].

6. Cookies

We use the following types of cookies:

  • Session Cookies: Essential for authentication and maintaining your logged-in state.
  • Preference Cookies: Remember your settings such as theme, language, and dashboard layout.
  • Analytics Cookies: Help us understand how visitors interact with the Service so we can improve the user experience.

You can control cookies through your browser settings. Disabling essential cookies may affect the functionality of the Service.

7. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Service. If you delete your account, we will remove your personal data within 30 days, except where retention is required by law or for legitimate business purposes (e.g., billing records, fraud prevention). Aggregated, anonymized data may be retained indefinitely.

8. Children’s Privacy

The Service is not intended for individuals under the age of 16. We do not knowingly collect personal data from children under 16. If we become aware that we have collected personal data from a child under 16, we will take steps to delete that information promptly. If you believe a child under 16 has provided us with personal data, please contact us at [email protected].

9. International Data Transfers

Our servers and service providers are located in Canada and the United States. If you access the Service from outside these regions, your data may be transferred to and processed in these countries. By using the Service, you consent to such transfers. We ensure appropriate safeguards are in place in accordance with applicable data protection laws, including Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA).

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the “Last updated” date. For significant changes, we may also send you an email notification. Your continued use of the Service after changes constitutes acceptance of the revised policy.

11. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

  • Email: [email protected]
  • Company: Neo-2 Consulting
  • Location: Saskatoon, Saskatchewan, Canada