Privacy Policy (SonicLinker.com)

Effective Date:

August 25, 2025

SonicLinker Pvt. Ltd. ("SonicLinker," "Company," "we," "our," or "us") builds agentic commerce infrastructure, including AI traffic analytics, an Agentic CDN, and Agentic Commerce APIs (beta). This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our websites, dashboards, SDKs, APIs, and related services (collectively, the "Services").

Scope & Roles

• When you visit our websites or interact with us as a prospective or existing customer, we act as a controller of your personal information.

• When our customers deploy SonicLinker on their own properties (e.g., websites/apps) to measure or serve AI agents and users, we act as a processor/service provider to those customers. In that case, the customer's privacy policy governs, and we process data according to our Data Processing Addendum ("DPA").

1. Information We Collect

A. Business & Website Visitor Information (we are the Controller)

We collect information you provide and information collected automatically when you interact with our websites, demo pages, and sales/support channels:

Contact & Account Data: name, email, company, role, phone; authentication and workspace settings.
Billing Data: billing address, tax IDs, and limited payment details (processed by our payment provider; we do not store full card numbers).
Communications: emails, support chats, meeting notes, feedback, and survey responses.
Device & Usage Data: IP address (which may indicate approximate location), user‑agent, referrer, pages viewed, timestamps, product usage events, and cookies or similar technologies (see Cookies below).

B. Service Data From Customer Properties (we are the Processor)

When customers implement our SDKs, APIs, or server-side collectors on their sites/apps, we process the following categories of data on their behalf:

Request Metadata: IP address, user‑agent and model signatures, referrer, URL path and query parameters (customers can mask or drop specific parameters), HTTP headers, timestamps, and response codes.
Event & Performance Metrics: page loads, route changes, latency, error events, and dwell/engagement signals (e.g., time on page, re‑query rate).
Derived Classifications: AI‑agent vs human detection, detected agent class/model where available (e.g., assistant/browser), intent categories (research vs transaction), and fraud/abuse risk scores.
Identifiers: a first‑party cookie or local-storage ID and/or server-issued pseudonymous ID scoped to the customer’s domain; optional customer-provided user IDs or order IDs where configured.