Gravity Digital Solutions — covers our website, products, and services
Last Updated: April 2026
Gravity Digital Solutions, LLC ("GDS," "we," "us," or "our") builds AI systems and software for tolling, transportation, and infrastructure organizations. This Privacy Policy describes how we collect, use, disclose, and protect personal information in connection with this website (gravitydigitalsolutions.com), our products — Neural Compress Pro, Neural Sentinel, and Neural Sentient — and our Professional Services engagements (collectively, the "Service").
Our products are delivered as business-to-business platforms under signed commercial agreements with our customers, who are typically transportation authorities, tolling operators, public-sector agencies, and enterprise partners. As a result, most personal information we encounter is provided to us by these organizations in their role as data controller or business, and we act in the role of service provider or processor under the applicable US state privacy laws. The specific scope of each deployment, including retention periods, access controls, and disclosure obligations, is governed by the applicable Master Services Agreement ("MSA"), Statement of Work ("SOW"), or Data Processing Addendum ("DPA"). Where those documents conflict with this Policy, the signed document controls.
By using the Service or providing information to us, you acknowledge that you have read and understood this Policy. If you do not agree with our practices, please do not use the Service and contact us with any concerns.
The categories of personal information we collect depend on how you interact with us. When you visit this website, we automatically collect standard analytics information such as pages viewed, session duration, approximate location at the regional level (derived from an anonymized IP address), referring site category, and basic device and browser characteristics. This is collected through Google Analytics 4 with IP anonymization enabled and is used strictly to understand aggregate traffic patterns, not to build profiles of individuals or to serve cross-site advertising.
When you submit an inquiry through the contact page, request a demo, or otherwise reach out to us by email, we collect the information you choose to provide, which typically includes your name, business email address, organization, job role, and the substance of your message. We use this information solely to respond to your inquiry and to follow up in a business context.
When your organization engages us to deploy or operate one of our products, we may process authentication information for operators and administrators (such as email addresses, hashed passwords, role assignments, and multi-factor authentication enrollment data), operational audit logs that identify which authenticated user performed a given action, and aggregated platform telemetry used to monitor performance, detect faults, and improve our models. We do not collect or process the content of operational data — such as license-plate images, vehicle attributes, or agency roadway telemetry — outside of the deployment environment specified in the MSA, and we treat that data as confidential information belonging to the customer.
Where the Service is invoiced under a commercial agreement, we collect billing-contact information and transactional records as needed to issue, collect, and account for payment. We do not operate self-service checkout on this website and do not store payment-card numbers ourselves; any processing of payment instruments is carried out by a qualified third-party processor under its own terms.
We use the personal information described above to provide and operate the Service; to authenticate users and maintain the security and integrity of our platforms; to respond to inquiries, support requests, and contractual obligations; to issue invoices and manage commercial relationships; to improve our products, including training and evaluating models where permitted and where data has been appropriately scoped or de-identified; to satisfy legal, regulatory, audit, and tax obligations; and to protect our rights, customers, and users against fraud, abuse, and unlawful activity.
We do not sell personal information, and we do not share personal information with third parties for cross-context behavioral advertising. We do not build consumer profiles for marketing. Information you provide in a business context is used to operate that business relationship.
GDS maintains administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, disclosure, alteration, and destruction. These safeguards include encryption of data in transit using current TLS standards, encryption of sensitive data at rest, least-privilege role-based access controls, audit logging, periodic vulnerability testing, and documented incident response procedures. Access to customer deployments is limited to authorized GDS personnel with a documented business need, and access events are logged.
No system is perfectly secure. If we become aware of a security incident that materially affects personal information we process, we will notify affected customers and, where required, affected individuals and regulators, in accordance with applicable law and the terms of any governing agreement.
We use a limited set of established service providers to operate our website and support our business functions. This includes Google Analytics 4 for aggregate website analytics (with IP anonymization enabled and advertising features disabled), commercial email providers for transactional and business correspondence, and our cloud-infrastructure vendors for hosting. For customer deployments of Neural Sentinel and Neural Sentient, any processors used within the deployment, including the cloud provider and any integrated subprocessors, are disclosed to the customer and governed by the applicable MSA and DPA.
We select vendors that maintain security and privacy standards consistent with our obligations to customers. We remain responsible to our customers for the processing performed by these vendors on our behalf, but we are not responsible for independent practices of third parties that are outside the scope of a processing engagement with us.
Each of our products is deployed under a signed agreement that defines the scope of data processing, the deployment environment, permitted uses, retention windows, and deletion obligations. Neural Compress Pro is delivered as a business-to-business service tailored to each customer's volumes, retention, and compliance requirements. Neural Sentinel is deployed either as a multi-tenant service operated by GDS or inside a customer-hosted environment, with logical tenant isolation in either case; every operator action is traceable to the authenticated user, and retention is configured per tenant. Neural Sentient is typically deployed inside the customer agency's cloud environment or a dedicated private tenancy, with the agency retaining ownership of operational data. Professional Services engagements are performed, whenever feasible, inside the customer's own infrastructure under confidentiality and, where applicable, data-processing agreements executed before work begins.
Because deployment details vary materially by customer and offering, individuals whose personal information is processed within a customer's deployment should generally direct privacy requests to the deploying organization, which acts as the controller or business with respect to that data. We will assist our customers in responding to such requests as required by the applicable agreement and by law.
This website uses a small number of first-party cookies and local-storage entries necessary for basic functionality, together with Google Analytics 4 for aggregate traffic analysis. We do not use advertising cookies, remarketing pixels, or cross-site tracking technologies. You can control cookie behavior through your browser settings, and you can opt out of analytics collection entirely as described in Section 8 and on our Do Not Sell or Share My Personal Information page. We honor the Global Privacy Control (GPC) signal as a valid opt-out request.
We do not sell personal information, and we do not share personal information with third parties for cross-context behavioral advertising. Residents of US states with applicable privacy laws may opt out of any analytics collection on this site at any time. For the full opt-out statement and the mechanisms available to you, please see our dedicated Do Not Sell or Share My Personal Information page.
Depending on your state of residence and the nature of our processing, you may have the right to request access to the personal information we hold about you, to request correction of inaccurate information, to request deletion, to obtain a portable copy of your information, to opt out of sale or sharing (we do neither), to opt out of targeted advertising (we do not conduct it), and to appeal an adverse decision on any of these requests. We will not discriminate against you for exercising any of these rights.
To exercise a right, please contact us at contact@gravitydigitalsolutions.com. We will acknowledge valid requests and respond within the timeframe required by applicable law, typically within 45 days, subject to any extension permitted by that law. We may need to verify your identity before responding, using information proportionate to the sensitivity of the request. If your personal information is processed on behalf of a customer within that customer's deployment, we will route your request to the customer and assist their response.
We retain personal information for as long as necessary to provide the Service, to operate our business, and to satisfy legal, regulatory, accounting, and reporting obligations. Website analytics data is retained in an aggregated and anonymized form in accordance with the retention configuration of our analytics provider. Business correspondence and billing records are retained for the periods required by applicable law. Personal information processed inside a customer deployment is retained for the period specified in that customer's agreement and deleted or returned at the end of the engagement in accordance with that agreement. When information is no longer needed, we securely delete or anonymize it.
The Service is directed to business, government, and transportation-industry users and is not intended for use by children. We do not knowingly collect personal information from individuals under the age of 18 through this website or through our products. If you believe that a minor has provided personal information to us, please contact us at contact@gravitydigitalsolutions.com and we will take prompt steps to remove that information.
We may update this Privacy Policy from time to time to reflect changes in our practices, in the law, or in the Service. When we do, we will update the "Last Updated" date at the top of this page and, for material changes, provide reasonable advance notice through the Service or by direct communication where appropriate. Your continued use of the Service after the effective date of a revised Policy constitutes your acknowledgment of the updated terms.
Questions, concerns, or requests regarding this Privacy Policy should be directed to us at the address below. We are committed to resolving privacy matters promptly and in good faith.
Gravity Digital Solutions, LLC
Email: contact@gravitydigitalsolutions.com
Website: gravitydigitalsolutions.com