Privacy Policy

Introduction

AIVI LLC ("AIVI," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered communication automation services, including our voice, SMS, email, and document processing platforms.

1.1 Information You Provide

• Contact information (name, email address, phone number, company name)
• Account credentials and authentication information
• Business information and company details
• Payment and billing information
• Communications and correspondence with us

1.2 Information Collected Through Our Services

• Call recordings and transcripts (with appropriate consent)
• SMS and email message content and metadata
• Document uploads and processed data (OCR/AI extracted information)
• Customer interaction data and conversation analytics
• Lead data, campaign performance metrics, and conversion statistics

1.3 Automatically Collected Information

• IP addresses and device identifiers
• Browser type, operating system, and device information
• Usage data, including pages visited and features used
• Cookies and similar tracking technologies
• Performance and error logs

We use the collected information for the following purposes:

• Providing, maintaining, and improving our AI communication services
• Processing and delivering voice calls, SMS messages, and email campaigns
• Analyzing documents using OCR and AI language models
• Training and improving our AI models and algorithms
• Generating analytics, insights, and performance reports
• Processing payments and managing subscriptions
• Providing customer support and technical assistance
• Sending service updates, security alerts, and administrative messages
• Detecting, preventing, and addressing fraud, security issues, and technical problems
• Complying with legal obligations and regulatory requirements

AIVI integrates with and uses the following third-party services to deliver our platform:

3.1 Twilio (Voice & SMS)

We use Twilio for voice calling and SMS messaging services. Data processed through Twilio is subject to Twilio's Privacy Policy and security standards. Twilio is SOC 2 Type II certified and GDPR compliant.

3.2 Voice AI Services

Our AI voice agent capabilities are powered by service providers. Voice conversations may be processed through their infrastructure for real-time AI responses and transcription services.

3.3 N8N (Workflow Automation)

We utilize N8N for workflow automation and integration orchestration. Data flows between integrated systems are processed through our N8N infrastructure with encryption in transit.

3.4 OpenAI & Other AI Providers

We may use OpenAI and other AI service providers for natural language processing, document analysis, and conversation intelligence. Data sent to these services is processed according to their respective privacy policies and data processing agreements.

3.5 CRM and Marketing Integrations

AIVI integrates with various CRM systems (Salesforce, HubSpot, etc.) and marketing platforms. Data synchronization with these systems is governed by your agreements with those providers.

4.1 Security Measures

• End-to-end encryption for data in transit using TLS 1.3
• Encryption at rest for stored data
• SOC 2 Type II certified infrastructure
• Regular security audits and penetration testing
• Multi-factor authentication (MFA) for account access
• Role-based access control (RBAC) and principle of least privilege
• Automated threat detection and incident response procedures

4.2 PII Handling

Personally Identifiable Information (PII) is handled with extreme care. By default, PII is only stored in transit and is not retained in our systems longer than necessary for processing. Sensitive data such as Social Security Numbers, financial account numbers, and health information are processed with additional security controls.

4.3 HIPAA Compliance

For healthcare clients, AIVI offers HIPAA-compliant services with appropriate Business Associate Agreements (BAA). Protected Health Information (PHI) is handled in accordance with HIPAA regulations and stored in segregated, secure environments.

• Call Recordings: Retained for 90 days unless otherwise specified or required by law
• Message Content: SMS and email content retained for 180 days for analytics and compliance purposes
• Documents: Uploaded documents processed and deleted after extraction unless storage is explicitly requested
• Analytics Data: Aggregated and anonymized analytics retained indefinitely for service improvement
• Account Data: Retained for the duration of the business relationship plus applicable retention periods for legal and tax purposes
• Deletion Requests: Users may request deletion of their data by contacting privacy@aivi.com

We do not sell your personal information. We may share your information in the following circumstances:

• Service Providers: With third-party vendors who perform services on our behalf (Twilio, Retell, N8N, cloud hosting providers)
• Business Transfers: In connection with mergers, acquisitions, or asset sales
• Legal Requirements: When required by law, subpoena, or other legal process
• Protection of Rights: To protect our rights, privacy, safety, property, or that of our users
• With Your Consent: When you explicitly authorize data sharing

Depending on your location, you may have the following rights:

• Access: Request access to the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information (subject to legal retention requirements)
• Portability: Request a copy of your data in a structured, machine-readable format
• Opt-Out: Opt out of marketing communications and certain data processing activities
• Restrict Processing: Request restriction of processing under certain circumstances
• Object: Object to processing based on legitimate interests

To exercise these rights, please contact us at privacy@aivi.com.

AIVI operates globally and may transfer data to countries outside your jurisdiction. We ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) for transfers outside the EEA, and compliance with applicable data protection laws.

We use cookies and similar technologies to:

• Maintain user sessions and authentication
• Remember user preferences and settings
• Analyze usage patterns and service performance
• Provide personalized content and recommendations

You can control cookies through your browser settings, but disabling cookies may limit functionality.

AIVI's services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If we learn we have collected information from a child without parental consent, we will delete that information promptly.

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and updating the "Last Updated" date. Your continued use of our services after changes constitutes acceptance of the revised policy.