1. Introduction and Acceptance of Terms

These Terms and Conditions ("Agreement") govern your access to and use of Pixsoffice's artificial intelligence-powered features, including but not limited to face detection technology, biometric data storage systems, and AI agent automation services (collectively, "AI Services"). This Agreement is a legally binding contract between you ("User", "Customer", or "Data Subject") and Pixsoffice ("Company", "We", "Us", or "Our").

By accessing, installing, activating, or using any AI Service offered by Pixsoffice, you expressly acknowledge that you have read, understood, and agree to be bound by this Agreement. If you do not accept these terms, you must immediately discontinue use of all AI Services.

NOTICE

These terms include important provisions regarding biometric data collection under applicable Indian law (including the Information Technology Act, 2000 and DPDP Act, 2023), AI-generated decisions, and your rights as a data subject.

2. Definitions

For the purposes of this Agreement, the following terms shall have the meanings ascribed to them:

• "AI Agent" means any automated software system deployed by Pixsoffice that can perceive inputs, make decisions, and take actions autonomously or semi-autonomously on behalf of the User or the Company.

• "Biometric Data" means any physiological or behavioral characteristic data used for automated recognition of individuals, including facial geometry, facial recognition vectors, and facial templates derived from face detection processes.

• "Face Detection" means the use of computer vision and machine learning algorithms to identify the presence, location, and characteristics of human faces within digital images or video streams.

• "Facial Recognition" means the use of AI algorithms to identify or verify a person's identity by analyzing facial features and comparing them against stored biometric templates.

• "Processing" means any operation performed on Personal Data, including collection, storage, use, disclosure, erasure, or destruction.

• "Personal Data" means any information that identifies or can identify a natural person, including Biometric Data.

• "AI-Generated Decision" means any decision made wholly or partly by automated means, including decisions made by AI Agents.

• "Data Subject" means the individual to whom the Personal Data or Biometric Data belongs.

3. AI Face Detection Services

3.1 Scope of Face Detection

Pixsoffice's face detection capabilities may include one or more of the following functions, subject to the specific product tier and features you have subscribed to:

• Real-time face detection in live camera feeds and uploaded images

• Facial landmark identification including eyes, nose, mouth, and facial contour points

• Age and gender estimation from facial analysis (indicative only, not definitive)

• Emotion and sentiment analysis based on facial expressions

• Liveness detection to differentiate between real persons and photographs or spoofing attempts

• Face matching and similarity comparison across stored templates

• Crowd density and anonymous headcount analytics

• Access control and attendance management via facial verification

3.2 Technical Limitations and Disclaimers

You acknowledge and agree to the following inherent limitations of AI-based face detection:

• Face detection and recognition systems have measurable error rates. Pixsoffice does not guarantee 100% accuracy in any face detection or facial recognition output.

• Performance may vary based on lighting conditions, image quality, camera angle, occlusion (e.g., masks, glasses, headwear), and image resolution.

• AI models may exhibit differential accuracy across demographic groups. Pixsoffice is actively working to minimize such disparities but cannot guarantee uniform performance.

• The system should not be used as the sole basis for critical decisions including law enforcement, medical diagnosis, credit decisions, or employment termination without human review.

3.3 Prohibited Uses of Face Detection

You must NOT use Pixsoffice's face detection services for:

• Surveillance or tracking of individuals without their knowledge and explicit consent

• Identifying individuals in public spaces for law enforcement purposes without lawful authority

• Profiling individuals based on protected characteristics including race, religion, political opinion, or sexual orientation

• Creating databases of individuals who have not consented to biometric enrollment

• Any use that violates applicable laws, including the Digital Personal Data Protection Act, 2023 (India)

• Targeting minors under 18 years of age without explicit verifiable parental consent

• Creating deepfakes, synthetic faces, or other manipulated biometric content

4. Biometric Data Collection and Storage

4.1 Types of Data Collected

In connection with face detection services, Pixsoffice may collect and process the following categories of data:

Data Category

Examples

Retention Period

Biometric Templates

Facial feature vectors, landmark coordinates, recognition embeddings

As per service agreement; max 3 years without re-consent

Raw Images/Video

Captured frames used for detection and verification

90 days unless extended by User configuration

Metadata

Timestamp, device ID, location coordinates, detection confidence score

12 months from date of capture

Audit Logs

Access events, identity verification records, agent actions

5 years (regulatory compliance)

Analytical Data

Anonymized headcount, dwell time, heat maps

24 months in aggregated form

4.2 Consent Requirements

Pixsoffice requires that you, as the Data Controller deploying our AI Services, obtain appropriate and lawful consent from all Data Subjects before enrolling them in face detection or recognition systems. Specifically:

• Consent must be freely given, specific, informed, and unambiguous.

• Consent for biometric data collection must be explicit and cannot be bundled with general terms of service acceptance.

• You must provide Data Subjects with a clear privacy notice at the point of collection explaining what data is collected, why, how long it is retained, and their rights.

• Withdrawal of consent must be as easy as giving it. Data Subjects must be able to opt out without penalty.

• For employees subject to workplace face detection (e.g., attendance systems), you must maintain records of individual consent and conduct impact assessments.

4.3 Data Security and Encryption

Pixsoffice implements the following security measures for all stored biometric and personal data:

• AES-256 encryption for biometric templates at rest

• TLS 1.3 or higher for all data in transit

• Role-based access controls limiting data access to authorized personnel only

• Regular penetration testing and vulnerability assessments (minimum quarterly)

• Multi-factor authentication required for administrative access to biometric databases

• Segregated storage of raw images from processed biometric templates

• Automatic deletion workflows upon expiry of the configured retention period

4.4 Data Localization

All biometric data collected from Indian residents will be stored on servers located within India, in compliance with applicable data localization requirements under the Digital Personal Data Protection Act, 2023 and any rules issued thereunder. Cross-border transfer of biometric data is prohibited except where explicit prior consent is obtained and the destination country provides adequate data protection.

4.5 Data Breach Notification

In the event of a confirmed data breach involving biometric or personal data, Pixsoffice will:

• Notify affected Users within 72 hours of becoming aware of the breach

• Notify the Data Protection Board of India as required under applicable law

• Provide a detailed breach report including nature of data affected, scope, and remediation steps

• Cooperate fully with any regulatory investigation

5. AI Agents: Capabilities and Governance

5.1 Definition and Scope of AI Agents

Pixsoffice deploys AI Agents as autonomous or semi-autonomous software systems that can perform tasks on behalf of users or the organization. AI Agents within the Pixsoffice ecosystem may include:

• Face-triggered automation agents that perform actions upon identification of specific individuals (e.g., door unlock, check-in logging, alert generation)

• Monitoring agents that continuously analyze video or image feeds and generate reports or alerts

• Decision-support agents that synthesize biometric and behavioral data to provide recommendations to human operators

• Workflow automation agents that orchestrate multi-step processes involving face detection outputs

• Compliance agents that monitor data retention, access patterns, and consent statuses

5.2 Human Oversight and Accountability

Pixsoffice affirms and you agree to uphold the following principles of human oversight in AI Agent deployments:

• No AI Agent shall have the authority to make final decisions that significantly impact a person's rights, safety, or access to services without a human review step unless explicitly and lawfully authorized.

• All AI Agent actions must be logged with sufficient detail for audit and accountability purposes.

• You must designate a responsible human operator or administrator for each AI Agent deployment.

• AI Agents must include mechanisms for human intervention, override, and shutdown at any time.

• Any AI-Generated Decision that adversely affects a Data Subject must be reviewable upon that individual's request.

5.3 AI Agent Permissions and Scope Limitation

AI Agents deployed by or through Pixsoffice operate under the principle of least privilege. Specifically:

• Each AI Agent is granted only the minimum permissions necessary to accomplish its defined task.

• AI Agents shall not access data beyond their defined operational scope without explicit authorization.

• Permissions granted to AI Agents must be reviewed and reauthorized at minimum every 12 months.

• AI Agents must not be configured to share personal data with third-party systems outside of the approved integration list.

5.4 Algorithmic Transparency

Pixsoffice is committed to transparency about how AI Agents reach conclusions and take actions. Upon written request, Pixsoffice will provide:

• A plain-language description of the logic applied by AI Agents in making decisions

• Information about the training data categories used to build AI models

• Details on confidence thresholds and escalation logic used in automated decisions

• Summary information about model accuracy, bias evaluations, and known limitations

6. Data Subject Rights

Pixsoffice recognizes and supports the following rights of Data Subjects whose biometric data is processed through our AI Services. You, as the Data Controller, are responsible for ensuring Data Subjects can exercise these rights:

• Right to Access: Data Subjects may request a copy of their stored biometric data and information about how it is being used.

• Right to Correction: Data Subjects may request correction of inaccurate personal or biometric data held by the system.

• Right to Erasure ('Right to be Forgotten'): Data Subjects may request deletion of their biometric data, which Pixsoffice will process within 30 days of receiving a valid request.

• Right to Restriction of Processing: Data Subjects may request that processing of their data be restricted to storage only while a dispute is being resolved.

• Right to Object to Automated Decision-Making: Data Subjects may object to decisions made solely by AI Agents and request human review.

• Right to Data Portability: Data Subjects may request their personal data in a structured, machine-readable format.

• Right to Withdraw Consent: Withdrawal of consent will not affect the lawfulness of prior processing but will require cessation of future processing.

To exercise any of the above rights, Data Subjects or their authorized representatives may submit a request to: privacy@pixsoffice.com. Requests will be acknowledged within 72 hours and responded to within 30 days.

7. Compliance with Applicable Laws

7.1 Indian Law Compliance

Pixsoffice's AI Services are designed and operated in compliance with the following Indian legislation and regulatory frameworks:

• Digital Personal Data Protection Act, 2023 (DPDP Act)

• Information Technology Act, 2000 and the IT (Amendment) Act, 2008

• Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011

• Any guidelines or regulations issued by the Data Protection Board of India

• Sector-specific regulations applicable to the User's industry

7.2 International Standards

For users accessing services from or operating in jurisdictions outside India, the following international standards and regulations may apply:

• European Union General Data Protection Regulation (GDPR) - for EU residents

• California Consumer Privacy Act (CCPA) - for California residents

• ISO/IEC 27001:2022 - Information Security Management

• ISO/IEC 30107 - Biometric Presentation Attack Detection

• NIST AI Risk Management Framework

7.3 Your Compliance Obligations

As the User or Data Controller deploying Pixsoffice AI Services within your organization, you are independently responsible for:

• Conducting a Data Protection Impact Assessment (DPIA) before deploying face detection in high-risk contexts

• Ensuring your use case complies with employment, labor, and privacy laws in your jurisdiction

• Maintaining required records of processing activities

• Providing adequate privacy notices and consent mechanisms to your end users and employees

• Not using AI Services in any manner prohibited by law or this Agreement

8. Intellectual Property

All AI models, algorithms, software, facial recognition engines, agent frameworks, training methodologies, and associated intellectual property used in the delivery of Pixsoffice AI Services are and remain the exclusive property of Pixsoffice or its licensors. Nothing in this Agreement shall be construed to grant you any ownership rights in any underlying AI technology.

You retain ownership of the raw data (images, video) you provide to the system. By using the AI Services, you grant Pixsoffice a limited, non-exclusive license to process your data solely for the purpose of delivering the contracted services.

Pixsoffice reserves the right to use anonymized and aggregated (non-personally identifiable) data derived from the operation of AI Services to improve model performance, subject to applicable data protection laws.

9. Limitation of Liability

To the maximum extent permitted by applicable law:

• Pixsoffice's total aggregate liability to you under this Agreement shall not exceed the fees paid by you to Pixsoffice in the twelve (12) months preceding the event giving rise to the claim.

• Pixsoffice shall not be liable for any indirect, incidental, special, consequential, or punitive damages, including loss of profit, loss of data, or business interruption, even if Pixsoffice has been advised of the possibility of such damages.

• Pixsoffice is not liable for any damages arising from reliance on AI-Generated Decisions without appropriate human oversight, or from your failure to implement security controls in your own environment.

• Pixsoffice is not responsible for any regulatory penalties, fines, or third-party claims arising from your non-compliance with applicable data protection laws.

10. Termination and Data Deletion

Either party may terminate this Agreement upon written notice if the other party materially breaches any provision and fails to cure such breach within 30 days of written notice.

Upon termination of the Agreement or cancellation of AI Services:

• Pixsoffice will cease processing all biometric and personal data associated with your account within 30 days.

• You may request an export of your data within 15 days of termination notice.

• All biometric templates and raw images will be permanently and irrecoverably deleted within 60 days of termination, unless a longer retention period is required by law.

• Audit logs required for regulatory compliance may be retained for the legally mandated period after which they will also be deleted.

• Pixsoffice will provide written certification of deletion upon request.

11. Modifications to These Terms

Pixsoffice reserves the right to update or modify this Agreement at any time. We will provide notice of material changes through one or more of the following methods:

• Email notification to the registered administrator email address

• In-application notification within the Pixsoffice platform

• Prominent notice on our website at www.pixsoffice.com

Continued use of AI Services following the effective date of updated terms constitutes acceptance of the revised Agreement. If you do not agree to the updated terms, you must discontinue use of the AI Services before the effective date of the change.

12. Governing Law and Dispute Resolution

This Agreement shall be governed by and construed in accordance with the laws of the Republic of India. Any dispute, controversy, or claim arising out of or relating to this Agreement shall be resolved through the following process:

• Step 1 - Good Faith Negotiation: The parties shall first attempt to resolve the dispute through good faith negotiations for a period of 30 days from the date the dispute is raised in writing.

• Step 2 - Mediation: If negotiations fail, the dispute shall be referred to mediation conducted by a mutually agreed mediator in Chennai, Tamil Nadu, India.

• Step 3 - Arbitration: If mediation fails, the dispute shall be finally resolved by binding arbitration under the Arbitration and Conciliation Act, 1996, with arbitration proceedings held in Chennai, Tamil Nadu, India.

• Step 4 - Courts: For matters not subject to arbitration, the courts of Chennai, Tamil Nadu, India shall have exclusive jurisdiction.

13. Contact Information

Privacy - support@pixsoffice.com | Data Subject Rights & DPDP Requests

Legal - support@pixsoffice.com | Terms, Contracts & Compliance Inquiries

Security - support@pixsoffice.com | Data Breaches & Vulnerability Reports

Support - support@pixsoffice.com | General AI Services Support