Cookie Policy
https://sterrasol.ai
Sterra Solutions LLC
1. Introduction and Scope
This Cookie Policy ("Policy") sets out how Sterra Solutions LLC ("we", "us", "our") uses cookies and similar tracking technologies on https://sterrasol.ai and any associated subdomains, web applications, APIs, and mobile interfaces (collectively, the "Platform").
This Policy forms part of, and should be read alongside, the Privacy Policy published at https://sterrasol.ai/privacy-policy. In the event of inconsistency between this Policy and the Privacy Policy on matters relating to cookies, this Policy takes precedence.
This Policy applies to all visitors, registered users, clients, freelancers, and other persons who access the Platform, irrespective of jurisdiction. Where applicable law imposes specific requirements in relation to cookies including the EU ePrivacy Directive, the UK Privacy and Electronic Communications Regulations (PECR), India's Digital Personal Data Protection Act 2023 (DPDPA), or US state privacy statutes those requirements apply as detailed in Section 10 of this Policy.
Consent model: Only Strictly Necessary cookies are active by default. All other categories, analytics, Functional, and Marketing are disabled until the user provides explicit, informed consent via the Cookie Consent Banner. Consent may be withdrawn at any time via the "Cookie Settings" link in the Platform footer.
2. Definitions
In this Policy, the following terms have the meanings set out below:
"Cookie" means a small text file placed on a user's device by a website, which is retrieved on subsequent visits to allow the website to recognise the device or browser.
"First-Party Cookie" means a cookie set directly by the Platform operator (i.e., by us).
"Third-Party Cookie" means a cookie set by a party other than the Platform operator, typically via a third-party service embedded in or connected to the Platform.
"Strictly Necessary Cookie" means a cookie that is essential to the functioning of the Platform and cannot be disabled without impairing core services.
"Consent" means a freely given, specific, informed, and unambiguous indication of the data subject's agreement, expressed by a clear affirmative act.
"Personal Data" has the meaning ascribed to it under the applicable privacy law of the relevant jurisdiction, including but not limited to any data that identifies or could identify a natural person.
"Tracking Technology" means any technology functionally equivalent to cookies, including web beacons, pixel tags, local storage, session storage, device fingerprinting, and mobile SDKs.
"CMP" means Consent Management Platform, the technology we use to record, manage, and honour user cookie consent choices.
3. Cookies and Similar Tracking Technologies
3.1 Cookies
Cookies are widely used by websites to operate efficiently, improve user experience, and generate reporting information. Cookies cannot execute code, deliver malicious software, or access files on your device beyond the information they were designed to store. Upon each visit to the Platform, the cookies previously set by the Platform are retrieved by your browser and sent to the Platform server.
3.2 Similar Tracking Technologies
In addition to traditional cookies, the Platform may use the following technologies that operate in a functionally similar manner:
(a) Web Beacons and Pixel Tags
Transparent single-pixel images embedded in web pages or emails that record whether a page or email has been opened, the IP address of the requesting device, the time of access, and the type of browser or email client used. Used for analytics and email engagement measurement.
(b) Local Storage and Session Storage
Browser-based storage mechanisms that hold data locally on the user's device on a persistent basis (Local Storage) or for the duration of a browsing session (Session Storage). Used for performance optimisation and preference storage where cookies are technically unsuitable.
(c) Device Fingerprinting
Collection of technical attributes of a user's device (such as browser version, installed fonts, screen resolution, time zone, and hardware configuration) to generate a pseudonymous device identifier. We use device fingerprinting strictly for fraud prevention and platform security. We do not use device fingerprinting for advertising profiling.
(d) Mobile SDK Tracking
In mobile applications, third-party software development kits (SDKs) may collect analytics and crash-reporting data in a manner functionally analogous to cookies. SDK-based data collection is governed by this Policy and our Privacy Policy.
3.3 Purposes of Use
We use cookies and similar technologies for the following purposes:
to ensure the Platform is operational, secure, and available;
to authenticate users and maintain session integrity;
to detect and prevent fraud, abuse, and unauthorised access;
to remember user preferences and personalisation settings;
to analyse aggregate user interactions with the Platform for improvement purposes;
to deliver relevant advertising to users who have provided consent to marketing cookies;
to fulfil legal obligations, including consent management and regulatory audit requirements.
4. Categories of Cookies
Consent Status: Strictly Necessary cookies are always active and do not require consent. Analytics, Functional, and Marketing cookies are disabled by default and require the user's prior consent before activation.
4.1 Strictly Necessary Cookies
Strictly necessary cookies are essential to the provision of services requested by the user on the Platform. Without these cookies, core functions including user authentication, account management, payment processing, and security mechanisms cannot operate. These cookies do not track users for marketing purposes and do not collect information about users for any purpose beyond enabling the requested service.
These cookies are exempt from the consent requirement under the EU ePrivacy Directive, the UK PECR, and equivalent national implementing legislation, on the basis that they are strictly necessary to deliver a service expressly requested by the user. Under India's DPDPA 2023, their processing falls within Legitimate Uses as defined in Section 7 of that Act. They cannot be disabled without rendering the Platform non-functional.
Cookie / Technology
Provider
Purpose
Classification
Retention
Opt-Out
session_id
First-party
Maintains authenticated session state across page requests. Deleted on browser close.
Strictly Necessary
Session
Not applicable
csrf_token
First-party
Prevents Cross-Site Request Forgery attacks on all form submissions.
Strictly Necessary
Session
Not applicable
auth_token
First-party
Keeps the user securely authenticated across requests without repeated credential entry.
Strictly Necessary
30 days
Not applicable
cookie_consent
First-party
Records consent choices to avoid re-prompting and to demonstrate regulatory compliance.
Strictly Necessary
12 months
Not applicable
load_balancer
First-party
Routes requests consistently to the correct server for session continuity.
Strictly Necessary
Session
Not applicable
Secure-2PSID
First-party
Security cookie for authenticated account sessions (Secure and HttpOnly flags set).
Strictly Necessary
2 years
Not applicable
4.2 Analytics and Performance Cookies
Analytics cookies collect information about how users interact with the Platform, for example, which pages are visited most frequently, where users leave the Platform, and whether error messages are encountered. This information is collected in aggregate and is not linked to any individual user. Its purpose is to enable us to understand usage patterns, diagnose technical problems, and improve Platform performance and usability.
Where third-party analytics providers are used, we have: (i) enabled IP address anonymisation; (ii) disabled advertising features and data sharing with advertising products; (iii) entered into a Data Processing Agreement (DPA) with each provider; and (iv) configured data retention to the minimum period operationally necessary.
These cookies require your prior consent before activation.
Cookie / Technology
Provider
Purpose
Classification
Retention
Opt-Out
_ga
Google Analytics 4
Assigns anonymous ID to distinguish users for aggregate usage analytics. IP anonymisation enabled.
Analytics
2 years
Yes, see Section 5
_ga_[ID]
Google Analytics 4
Maintains GA4 session state and event tracking for the configured property.
Analytics
2 years
Yes, see Section 5
_gid
Google Analytics 4
Distinguishes users within a 24-hour analytics session.
Analytics
24 hours
Yes, see Section 5
_gat_gtag_[ID]
Google Tag Manager
Throttles analytics request rate to prevent data flooding.
Analytics
1 minute
Yes, see Section 5
mp_[token]
Mixpanel
Tracks product interaction events and user funnels (anonymised data only).
Analytics
1 year
Yes, see Section 5
_hjSessionUser
Hotjar
Assigns anonymous ID for session recording and heatmap analysis to identify usability issues (if deployed).
Analytics
1 year
Yes, see Section 5
4.3 Functional and Preference Cookies
Functional cookies enable the Platform to remember choices made by the user and to provide enhanced or personalised features. Examples include the user's selected language, timezone, interface theme, and notification preferences. These cookies do not track user activity across third-party websites.
If functional cookies are disabled, certain features may not operate as intended, for example, language preferences may not persist between sessions, and settings may need to be reconfigured on each visit.
These cookies require your prior consent before activation.
Cookie / Technology
Provider
Purpose
Classification
Retention
Opt-Out
lang_pref
First-party
Stores selected language preference across sessions.
Functional
12 months
Yes, see Section 5
tz_offset
First-party
Stores timezone setting so timestamps display in the user's local time.
Functional
12 months
Yes, see Section 5
ui_theme
First-party
Stores light/dark mode or custom theme preference.
Functional
12 months
Yes, see Section 5
notif_prefs
First-party
Stores notification delivery preferences set in Account Settings.
Functional
6 months
Yes, see Section 5
recently_viewed
First-party
Caches recently viewed profiles or project listings to improve navigation.
Functional
30 days
Yes, see Section 5
sidebar_state
First-party
Remembers whether the navigation sidebar is collapsed or expanded.
Functional
30 days
Yes, see Section 5
4.4 Marketing and Advertising Cookies
Marketing and advertising cookies are used to build a profile of the user's interests and deliver targeted advertising on the Platform and on third-party websites. They record which pages and content a user has interacted with, and this information may be shared with advertising networks to serve relevant advertisements.
We will not activate marketing cookies without the user's explicit, affirmative consent. We do not rely on pre-ticked boxes, bundled consent, or implied consent by continued use of the Platform. Withdrawal of consent for marketing cookies does not affect the number of advertisements displayed; it affects only the degree to which those advertisements are tailored to the user's interests.
We do not sell personal data to third parties for monetary consideration. However, the operation of advertising cookies may constitute the "sharing" of personal data for cross-context behavioural advertising within the meaning of the California Consumer Privacy Act as amended by the California Privacy Rights Act (CCPA/CPRA). Users may exercise their opt-out rights as described in Section 10 below.
These cookies require your explicit prior consent before activation.
Cookie / Technology
Provider
Purpose
Classification
Retention
Opt-Out
_fbp
Meta Platforms, Inc.
Identifies browsers for ad delivery and conversion tracking across Meta platforms.
Marketing
90 days
Yes, see Section 5
_fbc
Meta Platforms, Inc.
Tracks click-through attribution from Facebook and Instagram ad campaigns.
Marketing
90 days
Yes, see Section 5
_gcl_au
Google LLC
Stores ad conversion data from Google Ads campaigns for attribution reporting.
Marketing
90 days
Yes, see Section 5
li_sugr
LinkedIn Corporation
Tracks conversions and enables retargeting audiences on LinkedIn.
Marketing
90 days
Yes, see Section 5
UserMatchHistory
LinkedIn Corporation
Syncs LinkedIn ad audience IDs for cross-device audience matching.
Marketing
30 days
Yes, see Section 5
_ttp
TikTok Inc.
Tracks behavioural data for TikTok ad targeting and conversion measurement.
Marketing
13 months
Yes, see Section 5
IDE
Google DoubleClick
Registers and reports ad interactions for frequency capping and attribution.
Marketing
1 year
Yes, see Section 5
The cookie register above is reviewed on a quarterly basis. New third-party cookies introduced between scheduled reviews are disclosed in the live cookie scanner accessible via "Cookie Settings" in the Platform footer. Where a new marketing or advertising cookie deployment materially changes the purposes of processing, we will update this Policy and re-obtain consent as required.
5. Third-Party Cookies and Service Providers
Certain cookies on the Platform are set by third-party service providers whose technologies we have integrated. We do not directly control the content of third-party cookies once set by those providers. We nevertheless take the following steps to protect users in respect of third-party cookies:
We conduct a privacy and security assessment of all third-party providers prior to deploying their technologies on the Platform;
All third-party data processors operating on our behalf are required to execute a Data Processing Agreement containing adequate contractual safeguards;
All non-essential third-party cookies are disabled by default and activated only upon receipt of the user's explicit consent;
We maintain a register of all third-party cookies active on the Platform, accessible via the Cookie Settings scanner;
We will not integrate new third-party cookie technologies that materially alter the purposes of processing without first updating this Policy and re-obtaining consent where required.
Third-party service providers whose cookies or tracking technologies may operate on the Platform (subject to the user's consent choices) currently include:
Google LLC: Google Analytics 4; Google Ads; Google Tag Manager; reCAPTCHA. Privacy Policy: policies.google.com/privacy
Meta Platforms, Inc.: Meta Pixel; Facebook Ads conversion tracking. Privacy Policy: facebook.com/privacy/explanation
LinkedIn Corporation: LinkedIn Insight Tag; audience analytics and retargeting. Privacy Policy: linkedin.com/legal/privacy-policy
Mixpanel, Inc.: Product analytics and user behaviour tracking (if deployed). Privacy Policy: mixpanel.com/legal/privacy-policy
Hotjar Ltd.: Session recording; heatmap analysis (if deployed). Privacy Policy: hotjar.com/legal/privacy-policy
TikTok Inc.: TikTok Pixel; conversion measurement (if deployed). Privacy Policy: tiktok.com/legal/privacy-policy
Since third-party providers may in turn share cookie data with their own sub-processors, users are encouraged to review the privacy and cookie policies of each provider listed above. Links are provided as a convenience; we are not responsible for the content of third-party privacy policies or for changes to those policies after the date of publication of this Policy.
6. Consent Management
6.1 Obtaining Consent
Upon the user's first visit to the Platform, a Cookie Consent Banner is displayed before any non-essential cookies are activated. The banner provides three distinct options: (i) Accept All; (ii) Reject All Non-Essential; and (iii) Manage Preferences. The banner:
clearly describes each category of cookies and their purposes in plain language;
does not employ dark patterns, including pre-ticked boxes, misleading prominence of the acceptance option, or confusing toggle mechanisms;
makes refusal of consent as easy as giving it;
does not condition access to the Platform on consent to non-essential cookies (no consent wall);
records the user's choice together with a timestamp, the version of the Policy in force at the time, and the categories consented to.
Consent choices are stored in the strictly necessary "cookie_consent" cookie for a period of twelve months, following which users are re-prompted. A server-side record of consent is also maintained for auditability.
6.2 Granular Consent by Category
Via the "Manage Preferences" option in the consent banner, or via the "Cookie Settings" panel accessible at any time from the Platform footer, users may selectively enable or disable individual cookie categories as follows:
Strictly Necessary: always enabled; cannot be disabled;
Analytics / Performance: disabled by default; enables aggregate usage tracking;
Functional / Preference: disabled by default; enables persistence of personalisation settings;
Marketing / Advertising: disabled by default; enables personalised advertising.
6.3 Withdrawing or Amending Consent
Users may withdraw or amend their consent at any time without detriment. Withdrawal does not affect the lawfulness of processing that occurred prior to withdrawal. The following mechanisms are available:
Cookie Settings Panel: accessible via the "Cookie Settings" or "Manage Cookies" link in the footer of any page on the Platform.
Account Settings: registered users may navigate to Account > Privacy > Cookie Preferences.
Browser Controls: see Section 6.4 below.
Industry Opt-Out Tools: Digital Advertising Alliance (optout.aboutads.info); Network Advertising Initiative (optout.networkadvertising.org); European Interactive Digital Advertising Alliance (youronlinechoices.eu).
Withdrawal of consent takes effect within one browsing session. Manual deletion of cookies via browser settings will also reset the consent record; the consent banner will be displayed again on the next visit to the Platform.
6.4 Browser-Level Cookie Controls
All major browsers provide mechanisms for controlling cookie settings independently of our CMP. Instructions for commonly used browsers are as follows:
Google Chrome: Settings > Privacy and Security > Cookies and other site data.
Mozilla Firefox: Options > Privacy & Security > Cookies and Site Data.
Apple Safari: Preferences > Privacy > Manage Website Data.
Microsoft Edge: Settings > Cookies and site permissions > Cookies and site data.
Opera: Settings > Advanced > Privacy & Security > Site Settings > Cookies.
Where the Platform is accessed from multiple devices or browsers, cookie preferences must be configured on each device and browser separately. Clearing browser cookies resets all stored preferences, including consent choices.
Blocking all cookies at the browser level, including Strictly Necessary cookies, will prevent access to authenticated Platform features such as user login and payment processing. We recommend using the Cookie Settings panel to manage individual cookie categories rather than blocking all cookies indiscriminately
6.5 Global Privacy Control (GPC)
The Global Privacy Control (GPC) is a browser-based signal communicating a user's preference to opt out of the sale or sharing of personal data. Our Platform is configured to detect GPC signals. Where a valid GPC signal is received from a user in a jurisdiction in which GPC is legally recognised as a valid opt-out mechanism, including California under CCPA/CPRA, the Platform will treat it as a "Do Not Sell or Share My Personal Information" instruction and will disable marketing and advertising cookies accordingly.
6.6 Do Not Track
There is currently no universally accepted technical or legal standard for the Do Not Track (DNT) browser signal. Our Platform does not respond to DNT signals uniformly. Equivalent privacy protection may be achieved by disabling Analytics and Marketing cookies via the Cookie Settings panel. We will reassess our DNT practices if a recognised standard is formally adopted.
7. Retention Periods
Cookies operate on one of two retention models:
Session Cookies: exist only for the duration of the user's browser session and are deleted automatically upon closure of the browser. Used for authentication, CSRF protection, and load balancing.
Persistent Cookies: remain on the user's device for a defined period as specified in the cookie register in Section 4, or until manually deleted. Used for preference storage, analytics, and advertising purposes.
Specific retention periods for individual cookies are set out in the register at Section 4. Where a third-party provider controls retention, the period stated reflects our contractual specification with that provider; actual retention at the provider's end is governed by the provider's own data retention policy.
Users may delete all cookies at any time via their browser settings. Deletion of cookies will also delete stored consent choices and personalisation preferences, which will need to be reconfigured upon the next visit to the Platform.
8. Personal Data Processed via Cookies
Depending on the type and category of cookie, the following categories of personal data may be processed:
Unique Identifiers: pseudonymous identifiers (random alphanumeric strings) assigned to the user's device or browser session, not directly linked to name or contact details without additional processing.
Technical Device Data: IP address (anonymised or truncated for analytics purposes), browser type and version, device type and operating system, screen resolution, time zone.
Usage and Behavioural Data: pages visited, features used, buttons clicked, scroll depth, time spent on pages, search queries submitted, and error events encountered on the Platform.
Cross-Site Behavioural Data (Marketing cookies only): pages and content interacted with on third-party websites that use the same advertising or analytics service, used to build interest profiles for targeted advertising.
Preference Data: language, timezone, theme, and notification settings stored in functional cookies on the user's device.
Ad Interaction Data (Marketing cookies only): records of whether a user has seen or clicked a particular advertisement and whether a conversion followed, used for frequency capping and attribution.
Cookie-based personal data is processed in accordance with the Privacy Policy. All data subject rights described in the Privacy Policy, including rights of access, rectification, erasure, restriction, portability, and objection, apply equally to personal data collected through cookies.
9. Cookie Security Measures
We apply the following technical security measures to first-party cookies:
Secure Flag: all authentication and session cookies are flagged as Secure, meaning they are transmitted exclusively over HTTPS encrypted connections and cannot be intercepted over unencrypted HTTP.
HttpOnly Flag: session and authentication cookies are flagged as HttpOnly, preventing client-side JavaScript from accessing them and defending against Cross-Site Scripting (XSS) attacks.
SameSite Attribute: first-party cookies are configured with SameSite=Lax or SameSite=Strict to prevent Cross-Site Request Forgery (CSRF) and unauthorised cross-origin transmission.
Cookie Name Prefixes: where supported by the browser, we use the __Secure- or __Host- prefix on sensitive cookies to enforce additional browser-level security guarantees.
Data Minimisation: cookies are designed to contain the minimum data necessary for their stated purpose. Sensitive personal data, including payment card numbers, government identification numbers, and passwords, is never stored in cookies.
We are unable to guarantee the security of third-party cookies set by external providers. Users are encouraged to review the security practices of third-party providers whose cookies may operate on the Platform, as listed in Section 5.
10. Cross-Border Transfers of Cookie Data
Cookie data may be transferred to and processed in countries other than the country in which the user is located, including countries whose data protection laws may differ from those of the user's jurisdiction. This occurs principally where analytics and advertising cookies transmit data to third-party providers based in the United States.
We ensure that all such cross-border transfers are subject to appropriate safeguards:
European Union / EEA (GDPR): transfers to countries without an adequacy decision are governed by Standard Contractual Clauses (SCCs) approved by the European Commission or other appropriate safeguards.
United Kingdom: transfers are subject to the UK International Data Transfer Agreement (IDTA) or UK Addendum to the EU SCCs.
All Jurisdictions: we conduct transfer impact assessments for transfers to high-risk jurisdictions and contractually require equivalent data protection standards from all third-party processors, including cookie technology providers.
11. Jurisdiction-Specific Rights and Obligations
11.1 European Union and European Economic Area
Our cookie consent practices comply with the EU ePrivacy Directive (2002/58/EC as amended) as implemented in member state legislation, and with the EU General Data Protection Regulation (GDPR). We obtain prior explicit opt-in consent before placing any non-essential cookies. Our consent banner has been designed in accordance with guidance issued by the European Data Protection Board (EDPB), including requirements to avoid dark patterns in consent interfaces. Users may lodge a complaint with their national data protection supervisory authority. A directory of EU supervisory authorities is available at edpb.europa.eu.
11.2 United Kingdom
Our cookie practices comply with the UK Privacy and Electronic Communications Regulations 2003 (PECR) and the UK GDPR. The consent standard applied is equivalent to that required under EU law. Complaints may be directed to the Information Commissioner's Office (ICO) at ico.org.uk.
11.3 United States - California
For California residents, marketing and advertising cookies that involve the sharing of personal data for cross-context behavioural advertising are subject to opt-out rights under the CCPA/CPRA. Users may exercise this right via: (i) the Cookie Settings panel; (ii) the "Do Not Sell or Share My Personal Information" link in the Platform footer; or (iii) a valid GPC browser signal as described in Section 6.5. We do not sell personal data for monetary consideration.
11.4 United States - Other States
We extend equivalent targeted advertising opt-out rights to residents of Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Texas (TDPSA), and other US states with enacted comprehensive privacy legislation. Requests may be submitted to kiran@lyseis.in.
11.5 Canada
For Canadian users, non-essential cookies require express or implied consent under the Personal Information Protection and Electronic Documents Act (PIPEDA). We obtain express opt-in consent via the Cookie Consent Banner. Enhanced disclosure and consent obligations under Quebec Law 25 are addressed by this Policy and our consent infrastructure. Enquiries may be directed to kiran@lyseis.in.
11.6 Australia
For Australian users, our cookie practices comply with the Privacy Act 1988 (Cth) and the Australian Privacy Principles. Complaints may be directed to the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.
11.7 Singapore
For Singapore users, our cookie practices comply with the Personal Data Protection Act 2012 (PDPA) as amended. Complaints may be directed to the Personal Data Protection Commission (PDPC) at pdpc.gov.sg.
12. Amendments to This Policy
We review and update this Policy at least once every twelve months, and additionally upon any material change to the cookie technologies deployed, our consent management approach, or applicable law.
Upon a material amendment, we will:
update the "Last Updated" date on this Policy;
display a notification on the Platform prompting users to review and, where required, renew their consent;
re-obtain consent for any category of cookies where the purpose of processing has materially changed;
Previous versions of this Policy are available upon written request. Non-material amendments, such as typographical corrections or updates to third-party provider links do not trigger a re-consent requirement.
13. Contact Details and Complaints
All enquiries, complaints, and requests relating to this Policy or to cookie-based data processing should be directed to the following:
Entity: Sterra Solutions LLC
Platform: https://sterrasol.ai
Registered Address: 609 S Volusia Ave, Orange City, FL 32763-6503, United States
Privacy / Cookie Enquiries: accounts@sterrasol.ai
Data Protection Officer: Namratha Reddy Swarna, Sterra Solutions LLC
DPO Email: accounts@sterrasol.ai
We will respond to all cookie-related enquiries within 30 calendar days of receipt. For complex requests, we will acknowledge receipt within 30 calendar days and, if additional time is required, advise the user accordingly. The maximum total response period is 90 calendar days from the date of the original request.
14. Website Disclaimer
Sterra Solutions LLC makes reasonable efforts to ensure that the content published on https://sterrasol.ai is accurate, complete, and current. However, we make no warranty, express or implied, that the content is free from error or that it reflects the most recent legal, regulatory, or factual developments at all times.
If any content on the Platform is believed to be inaccurate, outdated, or misleading, we invite users to notify us by email to accounts@sterrasol.ai, specifying the URL of the relevant page and the nature of the identified error. We will investigate the matter and provide a response within 30 calendar days.
To the fullest extent permitted by applicable law, we disclaim liability for:
any loss or damage arising from inaccuracies, errors, or outdated information on the Platform;
any loss arising from interruptions, delays, or failures in internet or network transmission;
any loss resulting from reliance on advice, data, recommendations, or ideas provided on the Platform;
any loss or damage arising from third-party unauthorised access to or misuse of our systems, provided we have implemented reasonable and proportionate technical and organisational security measures;
the content, privacy practices, or security of third-party websites or services linked from or integrated into the Platform.
Use of the Platform, including any forums, web forms, interactive features, or communication tools is subject to our Terms of Service, available at https://sterrasol.ai/terms-of-service. Access to and use of the Platform constitutes acceptance of those terms.
Enquiries submitted via email or web form will be acknowledged and addressed in writing. Standard queries will receive a substantive response within 30 calendar days. Complex or legally sensitive requests will be acknowledged within 30 calendar days, with a final response provided within a maximum of 90 calendar days from the date of original submission. Personal data provided in the course of submitting an enquiry will be processed in accordance with our Privacy Policy.
We implement appropriate technical and organisational security measures, including encryption in transit and at rest, role-based access controls, vulnerability monitoring, penetration testing, and incident response procedures, to protect Platform systems from unauthorised access and misuse. These measures are reviewed and updated on a regular basis. Notwithstanding the foregoing, no internet-based system is entirely immune to security risk, and we accept no liability for loss or damage arising from third-party attacks or system failures where we have fulfilled our reasonable security obligations.
This Platform has been designed and developed with reference to the Web Content Accessibility Guidelines (WCAG) 2.1 Level AA. We are committed to ongoing accessibility improvement, in particular for users with disabilities who rely on assistive technologies. Users who experience accessibility difficulties are invited to contact us at accounts@sterrasol.ai.