Flux Logo
  • Home
  • Odin Platform
  • Careers
  • Get a Demo
Legal

Privacy Policy

We take privacy seriously. This policy explains what data we collect, why we collect it, how we use it, and what rights you have — in plain language, without burying the important parts.

Effective date: January 1, 2025 Last updated: June 1, 2025
On this page
  • 1. Who We Are
  • 2. What We Collect
  • 3. How We Use Data
  • 4. Legal Basis
  • 5. Data Sharing
  • 6. Operational Data
  • 7. Cookies & Tracking
  • 8. Data Retention
  • 9. Security
  • 10. Your Rights
  • 11. International Transfers
  • 12. Children's Privacy
  • 13. Changes
  • 14. Contact
Section 01

Who We Are

Flux Auto, Inc. ("Flux Auto," "we," "us," or "our") is a Delaware corporation with principal offices in Houston, Texas. We provide autonomous vehicle technology for industrial environments, including the Odin AI platform and hardware retrofit systems.

Flux Auto is the data controller for personal data collected through our website (fluxauto.ai), our marketing and sales activities, and our customer account management. For personal data processed as part of delivering the Odin platform to enterprise customers, Flux Auto acts as a data processor on behalf of those customers.

Questions about this policy can be directed to contact@fluxauto.ai.

Section 02

What We Collect

We collect information in three ways: directly from you, automatically when you use our services, and from the Odin platform operating at customer facilities.

Information you provide directly
Category Examples When collected
Contact information Name, job title, company, email address, phone number Demo requests, contact forms, account signup
Account credentials Email address, password (hashed), MFA tokens Odin dashboard account creation
Business information Company name, industry, fleet size, facility details Sales discussions, onboarding questionnaires
Payment information Billing address, payment method details Order processing (processed via PCI-compliant provider)
Communications Emails, support tickets, call recordings (with consent) Customer support, sales, training
Job applications CV, cover letter, employment history, references Careers page applications
Information collected automatically
  • IP address, browser type, operating system, referring URLs, and pages visited on fluxauto.ai
  • Odin dashboard usage data: feature interactions, session duration, error logs, and API call logs
  • Device identifiers for mobile dashboard access
  • Cookies and similar tracking technologies (see Section 7)
Operational platform data (from Odin)

When the Odin platform operates at a customer facility, it generates data including: LiDAR point cloud scans, vehicle telemetry (position, speed, load status, mission status), safety event logs, and system performance metrics. This data is associated with vehicles and facilities, not with named individuals. See Section 6 for full details.

Section 03

How We Use Data

We use the data we collect for the following purposes:

  • Providing the Services — delivering the Odin platform, processing orders, performing installations, and providing customer support
  • Account management — creating and managing customer accounts, authenticating users, and maintaining dashboard access
  • Product improvement — using aggregated, anonymised telemetry to improve Odin's perception models, navigation algorithms, and safety systems
  • Safety & compliance — monitoring for safety incidents, investigating anomalies, and maintaining audit logs required by applicable regulations
  • Communications — sending transactional emails (invoices, deployment updates, support responses) and, with your consent, marketing communications
  • Analytics — understanding how our website and dashboard are used to improve the user experience
  • Legal obligations — complying with applicable laws, responding to lawful requests, and enforcing our Terms of Service
  • Hiring — evaluating job applications and communicating with candidates

We do not use your data for: selling to third-party advertisers, building consumer profiles for resale, profiling individual workers within customer facilities, or any automated decision-making that produces legal or similarly significant effects on individuals.

Section 04

Legal Basis for Processing

For customers and contacts in jurisdictions with applicable data protection laws (including the EU/EEA under GDPR and the UK under UK GDPR), we process personal data on the following legal bases:

Processing activityLegal basis
Delivering contracted services to customersPerformance of a contract
Processing payments and maintaining accountsPerformance of a contract
Sending transactional and service communicationsPerformance of a contract / Legitimate interests
Improving the Odin platform using anonymised dataLegitimate interests
Website analyticsLegitimate interests / Consent (where required)
Marketing communicationsConsent (opt-in) or Legitimate interests (existing customers)
Compliance with legal obligationsLegal obligation
Responding to legal requests and enforcing our rightsLegitimate interests / Legal obligation

Where we rely on legitimate interests, we have assessed that our interests are not overridden by your rights and freedoms. You may object to processing based on legitimate interests at any time (see Section 10).

Section 05

Data Sharing & Disclosure

We do not sell your personal data. We share data only in the following circumstances:

Service providers

We work with trusted third-party vendors who process data on our behalf under strict contractual obligations. These include cloud infrastructure providers (AWS), customer relationship management software, email delivery services, payment processors, and analytics tools. All vendors are bound by data processing agreements.

Enterprise customers

If you are an employee or contractor of a Flux Auto enterprise customer and your employer has deployed Odin at a facility, your employer (as the data controller) may have access to platform usage data associated with your account. Please refer to your employer's privacy policy for details.

Legal requirements

We may disclose data if required to do so by law, court order, or government authority, or if we reasonably believe disclosure is necessary to prevent imminent harm to persons or property, protect our legal rights, or investigate fraud.

Business transfers

In the event of a merger, acquisition, asset sale, or restructuring, personal data may be transferred to the successor entity, subject to equivalent privacy protections. We will notify affected users via email or prominent website notice.

We will never share your data with third parties for their own marketing or advertising purposes. Full stop.

Section 06

Operational Data from the Odin Platform

The Odin platform uses LiDAR sensors and cameras to operate autonomously in industrial environments. This section specifically addresses how that sensor data is handled.

What Odin's sensors collect
  • LiDAR point cloud data — 3D spatial maps of the facility environment, used for navigation, obstacle avoidance, and SLAM mapping. Point clouds are processed in real time and are not stored as raw scan files.
  • Camera imagery — Used for object detection and classification (pallets, obstacles, dock doors). Camera feeds are processed locally on the edge compute unit and are not continuously streamed or stored remotely.
  • Vehicle telemetry — Position, speed, heading, load status, battery/fuel level, and mission status. Transmitted to the fleet dashboard and retained for operational analytics and safety audit purposes.
  • Safety event logs — Records of detected obstacles, emergency stop events, near-miss flags, and system alerts.
Worker privacy in facilities

Odin's sensors detect human presence as an obstacle category for safety purposes — to slow down or stop the vehicle. We do not use sensor data to identify, track, profile, or monitor individual workers. No facial recognition or biometric identification is performed. No video footage is stored or transmitted to Flux Auto servers.

If you are a worker at a facility where Odin is deployed and have questions about how data is used at your workplace, please contact your employer's HR or operations team, or reach out to us at contact@fluxauto.ai.

Anonymised model training

With customer consent, we may use aggregated and de-identified operational data (such as pallet detection statistics, obstacle frequency, and navigation performance metrics) to improve the Odin AI models. This data cannot be used to identify individual facilities, vehicles, or persons.

Section 07

Cookies & Tracking Technologies

Our website (fluxauto.ai) uses cookies and similar technologies. We categorise our cookies as follows:

CategoryPurposeCan opt out?
Analytics Understanding page traffic, bounce rates, and feature usage. We use privacy-respecting analytics that anonymise IPs. Yes — via cookie banner or browser Do Not Track
Marketing Tracking demo requests and content engagement for our own internal attribution only. We do not serve retargeting ads. Yes — via cookie banner

You can manage cookie preferences at any time via your browser settings.

Section 08

Data Retention

We retain personal data only for as long as necessary for the purposes described in this policy:

  • Customer contact data — retained for the duration of the business relationship plus 3 years for legal and audit purposes
  • Account data — retained until account deletion plus 90 days for backup recovery
  • Vehicle telemetry and operational logs — retained for 24 months for safety audit, performance analysis, and dispute resolution purposes
  • Safety event logs — retained for 5 years to satisfy regulatory and insurance requirements
  • Financial records — retained for 7 years as required by US tax law
  • Job application data — retained for 12 months after the position is filled, or longer if you consent to being considered for future roles
  • Marketing communications data — retained until you unsubscribe or withdraw consent

After the relevant retention period, personal data is securely deleted or anonymised.

Section 09

Security

We implement technical and organisational measures designed to protect your data against unauthorised access, disclosure, alteration, or destruction. Our security practices include:

  • TLS 1.3 encryption for all data in transit
  • AES-256 encryption for data at rest
  • Role-based access controls and least-privilege principles
  • Multi-factor authentication for all Flux Auto employees accessing production systems
  • Regular penetration testing and security audits by independent third parties
  • Incident response procedures with 72-hour breach notification to affected parties and regulators where required

Suspected security issue? Please report it responsibly to contact@fluxauto.ai. We take all reports seriously and will respond within 48 hours.

Section 10

Your Privacy Rights

Depending on your location, you may have the following rights with respect to your personal data. We honour these rights regardless of jurisdiction for all users where technically feasible.

Access
Request a copy of the personal data we hold about you and information about how we use it.
Correction
Ask us to correct inaccurate or incomplete personal data. You can update most information directly in your account settings.
Deletion
Request that we delete your personal data. We will do so unless we have a legal obligation to retain it (e.g. financial records).
Portability
Receive your personal data in a structured, machine-readable format so you can transfer it to another service.
Restriction
Ask us to restrict processing of your data in certain circumstances, such as while a correction request is being assessed.
Objection
Object to processing based on legitimate interests or for direct marketing purposes, which we will honour unconditionally for marketing.
Withdraw consent
Where processing is based on consent, withdraw it at any time without affecting the lawfulness of prior processing.
Complain
Lodge a complaint with your local data protection authority if you believe we have handled your data unlawfully.

To exercise any of these rights, email contact@fluxauto.ai with your request. We will respond within 30 days. We may ask you to verify your identity before processing your request.

California residents: you have additional rights under the CCPA/CPRA, including the right to know, delete, correct, opt out of sale (we don't sell data), and non-discrimination. To exercise CCPA rights, email contact@fluxauto.ai or call us at the number on our contact page.

Section 11

International Data Transfers

Flux Auto is headquartered in the United States. If you are located in the EU, UK, or another jurisdiction with data transfer restrictions, please be aware that your personal data may be transferred to and processed in the United States.

When we transfer personal data from the EU/EEA or UK to the US, we rely on:

  • Standard Contractual Clauses (SCCs) — approved by the European Commission and UK ICO for transfers to third countries
  • Adequacy decisions — where applicable for transfers to countries recognised as providing adequate protection

For customers in India, we process data in accordance with applicable provisions of the Information Technology Act 2000 and, upon its commencement, the Digital Personal Data Protection Act 2023. Flux Auto's Bengaluru operations comply with applicable Indian data localisation requirements.

Section 12

Children's Privacy

The Odin platform and our website are intended for business use by adults. We do not knowingly collect personal data from individuals under the age of 18. If we learn that we have inadvertently collected personal data from a minor, we will delete it promptly. If you believe we have collected data from a minor, please contact contact@fluxauto.ai.

Section 13

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, the Services, or applicable law. When we make material changes, we will:

  • Update the "Last updated" date at the top of this page
  • Send an email notification to the primary contact on active customer accounts at least 30 days before changes take effect
  • Post a prominent notice on our website for significant changes

We encourage you to review this policy periodically. Your continued use of the Services after the effective date of an updated policy constitutes your acceptance of the changes.

Section 14

Contact Us

For any privacy-related questions, requests, or concerns, please reach out to our team:

Flux Auto, Inc.
Houston, Texas, United States

General: contact@fluxauto.ai

For questions about our commercial terms, please see our Terms of Service.

Flux Logo

Physical AI for any vehicle. Anywhere. No new equipment.
Product
Odin Platform How It Works
Company
Careers Contact
Call Us
Bangalore
+91 9880 121 800
Houston
+1 (737) 232-7272
© Flux Auto, Inc. · Bangalore, India · Houston, TX
Terms of Service Privacy Policy
YC W21 ISO 3691-4 Certified VAPT Certified Forbes 30U30