Legal & Privacy
Our policies and terms governing the use of Saffron products and services.
Privacy Policy for Placement Assistant App
Effective Date: April 9, 2026
This privacy policy ("Policy") informs you of our practices when handling your Information through the App Services (both "App" and "App Services" are defined below). In this Policy, "Saffron," "we," "our" or "us" refers to Saffron, LLC, a company registered in Washington State with its registered address located 16517 37th Dr SE, Bothell, WA 98012. When you use the App Services in your personal capacity, we are the data controller under applicable privacy laws, and this Policy applies.
For the purpose of this Policy, "Information" means any information relating to an identified or identifiable individual. This includes information you provide or generated when you use: (a) our apps, including the Saffron Placement Assistant App, Saffron's smartphone app for assisting you in locating an optimal location for receiving internet service via your 4G/LTE/5G Gateway device (each an "App" and collectively the "Apps"); and (b) go-saffron.com and any other dedicated Saffron websites which link to this policy ("Website" and, together with the "Apps", collectively referred to herein as the "App Services"). When you use the App Services, you accept and understand we collect, process, use and store your Information as described in this Policy. If you do not agree with this Policy, you must not use any of the App Services. If you change your mind in the future, you must stop using the App Services and you may exercise your rights in relation to your Information as set out in this Policy.
1. Information We Collect
We will collect and use the following Information about you:
Information you provide to us
Registration information: for example, when you create an account on the Website, you will be asked to provide your name, email, and a password.
Information collected via voluntary activities: for example, when you communicate with us via email, or participate in surveys, we ask you to provide your email address and any Information you choose to provide to allow us to assist you. The Information we collect from you varies depending on the survey, but we typically ask you questions about your interests and habits, your opinion about different products and services and what you'd like to be offered in the future. We also collect your ratings, opinions, preferences, questions, and responses associated with that survey.
Careers: If you decide to apply for a job with us, you may submit your contact information and your resume online. We will collect the Information you choose to provide us as part of your job application, such as your contact information, current employment information, and other information you choose to submit with your application and on your resume.
Information we automatically collect or is generated about you when you use the App Services
Identifiers, such as your IP address, device ID (also referred to as your IMEI number), and device information (such as model, brand and operating system).
Cookies: we use cookies and other similar technologies ("Cookies") to enhance your experience when using the App Services. For more information about our Cookies policy, see below How We Use Cookies and Similar Technologies section.
Information you generate when using the App Services: You may provide Information as part of your use of the App Services, including any Information you provide when sending messages through the App Services.
Information regarding your use of the App Services, such as app use information, interactions with our team, and transaction records.
Usage Data. We automatically receive information about your interactions with our App Services, like the pages or other content you view, referrer information (the website you visited before coming to our App Services), the dates and times of your visits, and the searches you conduct.
Prompts and Outputs. Our App Services include features enabled by artificial intelligence models that allow you to submit text, documents, and other materials to the App Services. Your submitted materials may be combined with other instructions ("Prompts") to generate responses based on your Prompts ("Outputs"). We will collect any information you choose to provide in your Prompts and this information may be reproduced in the Outputs. The models we rely on from our AI Service Providers may access a variety of sources, including third-party sources, publicly available information from the Internet, and data we generate internally. Some of the data the model ingests may be combined with your Inputs to generate your Outputs.
Information we receive from third party platforms: when you register through a third party account (such as Apple or Google), we receive Information which may include your username and email address.
Children
Our App Services are not targeted at children, and we do not knowingly collect Information from children under the age of 18. If you learn that a child has provided us with Information in violation of this Policy, please contact us as indicated below.
2. How We Use Your Personal Information
We use your Information as is necessary to run our business and carry out our day-to-day activities, including providing you with the App Services. We will use your Information to perform our contractual obligation towards you to allow you to create an account and use the App Services. The Information we process when doing so includes your registration information, Information you provide to us when using the App Services, identifiers, Information you generate when using the App Services, and Information regarding your use of the App Services. We also use your Information when you activate certain features of the App Services, such as your Geolocation information when you use the location reminder feature.
It is in our legitimate interests to improve our App Services for our customers. When doing so, we may collect Information we automatically collect or is generated about you when you use the App Services, as well as Information about your device such as device manufacturer, model and operating system. Saffron may use third-party vendors from time to time, including artificial intelligence tools, to capture and/or record information about users' interaction with the Service to help us better improve our App Services for you. In this regard, Saffron may use certain Information generated by your Gateway in order to improve Saffron's machine learning models. However, we do not use information we collect from you, including via artificial intelligence tools, to develop, improve, or train generalized/non-personalized machine learning models or generalized/non-personalized artificial intelligence models.
If you reach out to us for support, we will use your Information to respond to and resolve your queries and complaints and facilitate support (e.g. questions on how to use the app). When doing so, we perform our contractual obligation towards you. The Information we process when doing so includes your registration information, your identifiers, and any other information about you collected via our customer support channels.
It is in our legitimate interests to analyze the use of, and any other interaction or interest in our App Services. When doing so we will process Information we automatically collect or is generated about you when you use the App Services so as to create certain data regarding your App usage, this data shall be handled as set forth in Section 5 (Data Security) below.
It is in our legitimate interest to process the Information that you choose to submit when you apply for a job with us.
It is in our legitimate interest, with your opt-in consent and use of the Saffron Placement Assistant App, to provide your internet service provider that provided you (or which you are otherwise using) the 4G/LTE/5G Gateway device to access your provider's internet services with the Provider Requested Information (as defined in Section 4 below), in order that they may (i) send you any redemption gift they have committed to provide you in connection with your use of this App, and (ii) improve quality of service (including internet service signal strength)for you and other customers. IF YOU DO NOT AGREE WITH SAFFRON PROVIDING YOUR INTERNET PROVIDER WITH THE PROVIDER REQUESTED INFORMATION (AS DEFINED IN SECTION 4 BELOW), YOU MAY NOT USE THE SAFFRON PLACEMENT ASSISTANT APP.
We will send you emails with product news and tips and tricks to use our App Services. When doing so, we process your registration information. Your consent can be withdrawn at any time by following the unsubscribe mechanism at the bottom of each communication, or by sending an email to Saffron at support@go-saffron.com with the subject stating "Unsubscribe".
It is in our legitimate interest to protect our interests by (1) monitoring the use of the App Services to detect fraud or any other user behavior which prejudices the integrity of our App Services, (2) taking steps to remedy aforementioned fraud and behavior, (3) defending ourselves against legal claims or disputes, and (4) enforcing our terms and policies. When doing so, we will process the Information relevant in such a case, including Information you provide us, Information we automatically collect about you, and Information which is provided to us by third parties.
From time to time, we may ask you to participate in surveys and Interviews we conduct which are in our legitimate interest because they help us understand our user base and improve the App Services. If you participate, we process your registration information and any other Information collected through the survey questions.
3. How We Use Cookies and Similar Technologies
We and our third-party partners collect information about your activities on our App Services using cookies, pixel tags, SDKs, or other tracking technologies. Our third-party partners, such as analytics, advertising, and security partners, may also use these technologies to collect information about your online activities over time and across different services. Cookies are small files of letters and numbers that we store on your browser or the hard drive of your computer. They contain information that is transferred to your computer's hard drive.
Our App Services uses Cookies to collect information about your browsing activities and to distinguish you from other users of our App Services. This aids your experience when you use our App Services and also allows us to improve the functionality of our App Services.
We use the following cookies:
Strictly necessary cookies: Some cookies are strictly necessary to make our App Services available to you; for example, to perform your login functionality and for user authentication and security. We cannot provide you with the App Services without this type of cookies.
Functional cookies: These are used to recognize you when you return to our Website. This enables us to personalize our content for you, greet you by name and remember your preferences.
Analytical and advertising cookies. We also use cookies for analytics purposes and advertising in order to operate, maintain, and improve our App Services. We use third party analytics providers, including Google Analytics, to help us understand how users engage with the App Services. Google Analytics uses first-party cookies to track user interactions which helps show how users use our App Services. This information is used to compile reports and to help us improve our App Services. The reports disclose Website trends without identifying individual visitors. You can opt out of Google Analytics without affecting how you visit our Website by going to https://tools.google.com/dlpage/gaoptout or via Google's Ads settings.
We use the following analytical and advertising cookies:
| Cookie | Purpose | Retention |
|---|---|---|
| Google Analytics | Analyzing website traffic and user behavior | 90 days |
You can block cookies by setting your internet browser to block some or all cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to use our App Services. Except for essential cookies, all cookies will expire after maximum 2 years.
4. Who We Share Your Personal Information With
We share your Information with selected third parties, including:
Internet Service Provider Customers of Saffron
The internet service provider that is providing you with internet services via the 4G/LTE/5G Gateway device as with respect to which you are using the Saffron Placement Assistant App is a customer of Saffron. When you use the Saffron Placement Assistant App, we share the following personal data about you with your internet service provider: any redemption code provided to you by your internet service provider, the date you redeemed such code via the App Services, and your 4G/LTE/5G Gateway's device identification information (i.e., IMEI number) (collectively, the "Provider Requested Information"). Upon your internet service provider's receipt of your Provider Requested Information from Saffron, your internet service provider becomes a data controller of your Provider Requested Information in its workspace; please see your internet service provider's privacy policy for information about its privacy practices. Note further that, in collecting the Provider Requested Information, Saffron will also collect the admin password associated with such Gateway device in order to enable the operation of the Saffron Placement Assistant App. Such admin password is set by your internet provider or the Gateway device's manufacturer (the "Default Code"). In the event you or someone else has updated or otherwise modified the Default Code with a different code (each, a "Replacement Code"), the Saffron Placement Assistant App will require that you provide the Replacement Code prior to the Saffron Placement Assistant App being able to communicate with such Gateway device. Saffron does not provide the Default Code and/or the Replacement Code associated with the Gateway to your internet service provider. Indeed, Saffron does not retain or otherwise store the Default Code or Replacement Code, as applicable, on its systems. For Saffron's purposes, then, the Default Code or Replacement Code remains on your mobile phone and not in Saffron's systems.
Vendors and service providers we rely on for the provision of the App Services
We may rely on the following categories of vendors and service providers:
- Cloud service providers who we rely on for data storage, including Microsoft Azure and Amazon Web Services which are based in the U.S. and Google Cloud.
- Customer support solution providers, who help us manage and respond to our customer questions and complaints and triage issues. This includes Zendesk Inc., which is based in the U.S. and which hosts our customer support function; and
- AI Service Providers. We may disclose information we receive to vendors that provide artificial intelligence services that provide backend support for our App Services.
- Analytics providers. We work with a number of analytics, segmentation and mobile measurement service providers who help us understand our user base. This includes Google LLC, which is based in the U.S. You can learn about Google's practices by going to https://www.google.com/policies/privacy/partners/, and opt-out of them by downloading the Google Analytics opt-out browser add-on, available at https://tools.google.com/dlpage/gaoptout.
- Communications platform providers, who help us manage and send newsletters to you in relation to the App Services. This includes Constant Contact, which is based in the U.S.
Legal and safety disclosures
We may disclose your Information to law enforcement agencies, public authorities or other judicial bodies and organizations if we are legally required to do so, or if we have a good faith belief that such use is reasonably necessary to comply with a legal obligation, process or request; enforce our terms of service and other agreements, policies, and standards, including investigation of any potential violation thereof; detect, prevent or otherwise address security, fraud or technical issues; or protect the rights, property or safety of us, our users, a third party or the public as required or permitted by law (including exchanging information with other companies and organizations for the purposes of fraud protection).
Change of corporate ownership
If we are involved in a merger, acquisition, bankruptcy, reorganization, partnership, asset sale or other transaction, we may disclose your Information as part of that transaction.
With your consent
We may also disclose your information with your permission.
5. Data Security
We implement and maintain technical, administrative, and organizational security measures designed to protect your personal data against unauthorized access, use, disclosure, alteration, loss, and destruction. No security program eliminates all risk, and we describe below both the protections we employ and the residual risks that users should understand. Our security measures are subject to periodic review and update in response to evolving threats and applicable legal requirements.
Encryption
Encryption at Rest. Personal data stored on our systems is encrypted at rest using industry-standard cryptographic algorithms (currently AES-256 or equivalent). Encryption at rest is designed to protect the confidentiality of data stored on physical or virtual media in the event of unauthorized access to that media — for example, theft or unauthorized removal of storage hardware or exposure of raw storage files. It does not, by itself, prevent access to data through authenticated application sessions or through compromised account credentials, because the application infrastructure necessarily decrypts stored data to render it usable during an authorized session.
Encryption in Transit. Personal data transmitted between your device and our services, and between our internal systems and services, is encrypted in transit using TLS 1.2 or higher (or equivalent protocols). Unencrypted transmission of personal data over public networks is not permitted.
Key Management. Encryption keys are managed by our infrastructure provider and are separately stored from the data they protect, stored in dedicated key management infrastructure. Key rotation is performed on a scheduled basis and upon any suspected compromise event.
Access Controls
Principle of Least Privilege. Access to personal data is restricted to personnel and systems whose role requires such access. We apply role-based access control (RBAC) to limit the scope of data accessible to any individual or system component to the minimum necessary for their specific function.
Authentication Requirements. Access to systems that process personal data requires authentication through credentials that meet defined complexity and management standards. Multi-factor authentication (MFA) is required for all personnel with access to production systems, administrative interfaces, and data stores containing personal data.
Credential Security and the Limits of Encryption. We take specific measures to reduce the risk of unauthorized access through compromised credentials, including credential-based access monitoring, anomaly detection, session timeout controls, and privileged access management protocols. Users should be aware that any person or system that successfully authenticates to our platform — whether legitimately or through credential compromise — may be presented with personal data in its decrypted, readable form, consistent with the access rights associated with that credential. Our access controls, monitoring, and incident response procedures described in this Section are the primary safeguards against this threat vector.
Third-Party and Subprocessor Access. Where third-party service providers, subprocessors, or contractors are granted access to systems containing personal data, such access is governed by written agreements, scoped to the minimum necessary, and subject to access review and termination procedures.
Monitoring and Incident Response
Security Monitoring. We maintain logging and monitoring of access to systems containing personal data, including detection of anomalous access patterns, unauthorized privilege escalation, and unusual data export activity.
Incident Response. We maintain a written incident response plan that is tested periodically. In the event of a confirmed or reasonably suspected personal data breach, we will take steps to contain and investigate the incident and provide notification to affected individuals and applicable regulatory authorities as required by applicable law, including within 72 hours to supervisory authorities where required under GDPR Article 33, and as required under applicable U.S. state breach notification statutes.
Residual Risks and User Responsibilities
Despite the measures described above, no security program can guarantee complete protection against all threats. Specific residual risks include, without limitation: (i) access to personal data through compromised user or administrative credentials, as described in Section X.3(c); (ii) vulnerabilities in third-party software components; (iii) insider threats; and (iv) sophisticated attacks that evade existing detection controls. We encourage users to protect their account credentials, use strong and unique passwords, enable MFA where offered, and promptly notify us of any suspected unauthorized account access.
6. Third Parties
We are not responsible for how third-party services may collect, use or share your Information you send from the App Services. Please review the privacy policy of such third-party partners before connecting those services to the App Services.
7. Where We Store Your Information
Your Information will be processed by our employees and service providers in the U.S. If you choose to use our App Services from the European Economic Area ("EEA"), the United Kingdom ("UK") or other regions of the world with laws governing data collection and use that may differ from U.S. law, then please note that you are transferring your Information outside of those regions to the U.S. for storage and processing. We may transfer Information from the EEA or the UK to the U.S. and other third countries based on European Commission-approved or UK Government-approved Standard Contractual Clauses, or otherwise in accordance with applicable data protection laws. Also, we may transfer your data from the U.S. to other countries or regions in connection with storage and processing of data, fulfilling your requests, and operating our App Services. You can contact us as detailed below if you want more information about our data transfer practices.
8. How Long We Store Your Information
Your Information is kept for as long as necessary to achieve the purposes set out above. When we process Information for our own purposes, we determine the retention period taking into account various criteria, such as the type of App Services provided to you, the nature and length of our relationship with you, possible re-enrollment with our App Services, the impact on the App Services we provide to you if we delete some Information from or about you, and mandatory retention periods provided by law and the statute of limitations. Generally, we also delete your Information following a valid erasure request (see below Your Rights: Erasure section). Some Information we collect will be stored for longer where we have an overriding legitimate interest to retain such Information (for example, Information on suspicious behavior of certain users of our App Services and transaction records). When deleting Information, we will take measures to make the Information irrecoverable or irreproducible, and electronic files which contain Information will be deleted permanently.
9. Your Choices
Marketing Communications
You can unsubscribe from our promotional emails via the link provided in the emails. Even if you opt-out of receiving promotional messages from us, you will continue to receive administrative messages from us.
10. Your European Rights
If you are based in the EEA or the UK, you have certain rights in relation to your Information. You will find more information below on when which rights can apply. To exercise your rights, please contact us at https://www.go-saffron.com/#contact. Before fulfilling your request, we may ask you to provide reasonable Information to verify your identity. Please note that there are exceptions and limitations to each of these rights, and that while any changes you make will be reflected in active user databases instantly or within a reasonable period of time, we may retain Information for backups, archiving, prevention of fraud and abuse, analytics, satisfaction of legal obligations, or where we otherwise reasonably believe that we have a legitimate reason to do so.
Access
You have the right to access Information, and to receive an explanation of how we use it and who we share it with. In the case you want to obtain this information, please contact customer service at https://www.go-saffron.com/#contact. The right to access is not absolute. For example, we cannot reveal trade secrets, or give you Information about other individuals.
Erasure
You have the right to delete your account and erase your Information and upon deleting your account, all your Information will be removed from our production systems. Usually, only an encrypted copy of your Information will remain on our backup archives for 90 days, although we reserve the right to retain some of your Information where there are valid grounds for us to do so under data protection laws. For example, for the defense of legal claims, respect freedom of expression, or where we have an overriding legitimate interest to do so. Note that where the Information is held by a third party data controller, such as a payment processor, we will use reasonable steps to inform them of your request, but we recommend you contact them directly in accordance with their own privacy policies to ensure your personal data is erased.
Objection
You may have the right to object to our processing of your Information. This is the case where we process such Information on the basis of our legitimate interests (see above under How we use your personal information section), or where the Information is used for direct marketing purposes. You may exercise this right as follows:
- To stop receiving marketing newsletters: You may withdraw your consent through the unsubscribe mechanism at the bottom of each communication.
- To stop our cookies being placed for either advertising or analytics purposes: please change your device or browser settings.
- To object to all other processing based on our legitimate interests, please contact us at https://go-saffron.com/#contact. Please note that we may have an overriding legitimate interest to keep processing your Information, but we will let you know where this is the case
Other European Rights
You also have the following rights:
- Portability. You have the right to receive a copy of Information we process on the basis of consent or contract in a structured, commonly used and machine-readable format, or to request that such Information is transferred to a third party.
- Correction. You have the right to correct any Information held about you that is inaccurate.
- Restriction. You have a right in certain circumstances to stop us processing Information other than for storage purposes.
- You have the right to lodge a complaint with a supervisory authority in your country of residence, place of work or where an incident took place.
11. Contact & Complaints
We welcome questions, comments and requests regarding this Policy. If you wish to make a complaint about how we process your Information, please contact us at:
For Saffron AIQOS users: https://go-saffron.com/#contact
We will endeavor to deal with your complaint as soon as possible. You can also send an email to us at privacy@go-saffron.com.
12. Changes
If we make any material changes to this Policy, we will post the updated Policy here and notify our users through the App Services and/or newsletters. Please check this page frequently to see any updates or changes to this Policy.