Privacy Policy

Last updated: April 2026

At AI 365 Assistant ("Company", "we", "our", "us"), we respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. Please read this Privacy Policy carefully. If you do not agree with the terms of this Privacy Policy, please do not access the Service.

1. Information We Collect

We collect several types of information from and about users of our Service:

1.1 Personal Information

  • Name and contact information (email address, phone number)
  • Business information (business name, address, industry)
  • Account credentials (passwords are encrypted and never stored in plain text)
  • Payment information (processed by Stripe; we do not store complete credit card numbers)

1.2 Customer Data

Data you submit through our Service, including:

  • Calendar information and appointment details
  • Customer contact information (names, phone numbers, email addresses)
  • Message history and communication logs
  • Business configuration settings and preferences

1.3 Usage Data

Information automatically collected when you access or use the Service:

  • IP address and device identifiers
  • Browser type and version
  • Operating system
  • Pages visited and features used
  • Time and date of visits
  • Referring website addresses

1.4 AI Processing Data

Conversations and interactions processed by our AI systems may be temporarily stored and analyzed to improve response quality and service performance. This data is anonymized where possible and retained only as necessary for service operation.

2. How We Use Your Information

We use the information we collect for the following purposes:

  • Provide and Maintain Service: To operate, maintain, and provide the features and functionality of the Service
  • Process Transactions: To process payments, subscriptions, and send billing information
  • Communication: To communicate with you about your account, respond to inquiries, and provide customer support
  • Improve Service: To analyze usage patterns, troubleshoot issues, and enhance user experience
  • Security: To detect, prevent, and address fraud, unauthorized access, and technical issues
  • Legal Compliance: To comply with legal obligations, respond to legal requests, and protect our rights

3. Legal Basis for Processing (GDPR)

If you are in the European Economic Area (EEA), we process your personal information based on the following legal grounds:

  • Performance of a Contract: Processing necessary to fulfill our contractual obligations to you
  • Legitimate Interests: Processing necessary for our legitimate business interests, provided they do not override your rights
  • Consent: Processing based on your explicit consent (which you may withdraw at any time)
  • Legal Obligation: Processing necessary to comply with legal requirements

4. Data Storage and Security

4.1 Security Measures

We implement industry-standard security measures to protect your data:

  • Encryption in transit using TLS 1.2 or higher
  • Encryption at rest for stored data
  • Access controls and authentication requirements
  • Regular security audits and vulnerability assessments
  • Secure data centers with redundant backups
  • Employee access limited to need-to-know basis

4.2 Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Upon account deletion:

  • Active account data is deleted within 30 days
  • Backup data is deleted within 90 days
  • Aggregated, anonymized data may be retained for analytics
  • Data required for legal compliance may be retained as necessary

4.3 Data Location

Your data is stored on secure servers in the United States. By using the Service, you consent to the transfer of information to countries outside of your country of residence, which may have different data protection rules.

5. Third-Party Services and Data Sharing

We may share your information with the following categories of third parties:

5.1 Service Providers

We engage trusted third parties to perform functions and provide services:

  • Stripe: Payment processing (PCI DSS compliant)
  • Cloud Infrastructure: Hosting and data storage
  • Analytics Providers: Usage analytics and monitoring
  • Calendar Services: Google Calendar, Calendly, Square integration
  • Messaging Platforms: Telegram for customer communications

5.2 Legal Requirements

We may disclose your information:

  • To comply with legal obligations, court orders, or legal process
  • To enforce our Terms of Service or other agreements
  • To protect our rights, property, or safety, or that of our users or others
  • In connection with a merger, acquisition, or sale of assets

5.3 Business Transfers

If we are involved in a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you of any change in ownership or uses of your personal information.

6. Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal data:

6.1 Access and Portability

You have the right to request copies of your personal data. You may also request that we transfer your data to another organization or directly to you in a structured, commonly used, machine-readable format.

6.2 Correction

You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.

6.3 Erasure (Right to be Forgotten)

You have the right to request that we erase your personal data, under certain conditions. We will comply unless we have a legal obligation to retain the data.

6.4 Restriction of Processing

You have the right to request that we restrict the processing of your personal data, under certain conditions.

6.5 Objection to Processing

You have the right to object to our processing of your personal data, under certain conditions.

6.6 Withdraw Consent

Where we rely on your consent to process your personal data, you have the right to withdraw that consent at any time. This will not affect the lawfulness of processing based on consent before its withdrawal.

7. Exercising Your Rights

To exercise any of these rights, please contact us at privacy@ai.365cloudpro.com. We will respond within 30 days.

We may need to verify your identity before processing your request. We will not charge a fee unless your request is manifestly unfounded or excessive.

8. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to:

  • Maintain your session and authentication status
  • Remember your preferences and settings
  • Analyze usage patterns and improve our Service
  • Provide security features

Most web browsers allow you to control cookies through their settings. Disabling cookies may limit your ability to use certain features of the Service.

9. Children's Privacy

Our Service is not intended for individuals under 18 years of age. We do not knowingly collect personally identifiable information from children under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at privacy@ai.365cloudpro.com. If we become aware that we have collected personal data from children without verification of parental consent, we will take steps to remove that information from our servers.

10. International Data Transfers

Your information, including personal data, may be transferred to — and maintained on — computers located outside of your state, province, country, or other governmental jurisdiction where data protection laws may differ. If you are located outside the United States and choose to provide information to us, please note that we transfer the data to the United States and process it there. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

11. Data Breach Notification

In the event of a data breach that affects your personal information, we will notify you within 72 hours of becoming aware of the breach, in accordance with applicable law. We will also notify relevant supervisory authorities where required.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We will provide additional notice for material changes, which may include an email notification or a prominent notice on our Service. We encourage you to review this Privacy Policy periodically for any changes.

13. Contact Us

If you have any questions about this Privacy Policy, please contact us:

  • Email: privacy@ai.365cloudpro.com
  • Data Protection Officer: dpo@ai.365cloudpro.com
  • Address: AI 365 Assistant, Privacy Department, [Your Business Address]

⚠️ IMPORTANT LEGAL NOTICE

This Privacy Policy is provided as a template and should be reviewed by a qualified attorney before use. Privacy laws vary significantly by jurisdiction (including GDPR in Europe, CCPA in California, and others). This template may not comply with all applicable privacy laws in your region. By using this template, you acknowledge that AI 365 Assistant and its creators are not providing legal advice and shall not be liable for any legal issues arising from the use of this Privacy Policy.