Privacy Policy

GerardiAI ("GerardiAI," "we," "us," "our") respects your privacy. This Privacy Policy (the "Privacy Policy") describes how we collect, use, disclose, and protect your Personal Information (defined below) and how to exercise any rights you might have with respect to this information. This Privacy Policy governs information we collect through our website and mobile website (collectively, "Site") and information we collect from you or third parties through any other means to provide our AI voice and conversational AI services or perform other business activities (collectively, "Services").

Scope of Policy

This Privacy Policy applies only to data collected by GerardiAI through the Site and Services and does not apply to our privacy practices with regard to data we process on behalf of companies for whom we perform work ("Clients"). For information about the collection, use, and disclosure of your information by our Clients or by us on behalf of our Clients, please review the relevant Client's privacy policy.

Please carefully read this Privacy Policy, which is part of our Terms of Use, before using our Site and/or Services. If you do not agree with the Terms of Use and/or this Privacy Policy, you must refrain from using our Site and/or Services. By accessing or using our Site and/or Services you agree to our use of your information consistent with the Terms of Use and this Privacy Policy.

Changes to This Privacy Policy

We occasionally update this Privacy Policy to reflect changes in our products and services and customer feedback, or if required by applicable US law. When we post changes, we revise the "last updated" date at the top of this statement. Your use of the Site is subject to the then effective Privacy Policy.

Conflict Between This Policy and Local Laws and Regulations

When local laws and regulations require a higher level of protection for your Personal Information, they take precedence over this Privacy Policy. In addition, the specific requirements of this Privacy Policy apply only when local laws and regulations permit.

Children's Privacy

* GerardiAI's Services are designed for and intended for use by individuals who are 18 years of age or older. We do not knowingly collect, use, or process personal information from individuals under the age of 18.

* Our data collection practices include:

* Age verification during the registration process

* Regular monitoring for potential underage user activity

* Immediate data deletion if we discover information collected from users under 18

* If we discover that we have inadvertently collected personal information from an individual under 18 years of age, we will:

* Immediately cease processing such information

* Take steps to promptly delete the information from our servers

* Implement additional measures to prevent future collection of underage user data

* Parents and legal guardians who believe we may have collected personal information from their child under the age of 18 can:

* Contact us immediately at [email protected]

* Request a review of the collected information

* Request immediate deletion of any collected information

* Ask questions about our youth data protection measures

* We comply with all applicable laws and regulations regarding the protection of children's privacy, including:

* The Children's Online Privacy Protection Act (COPPA)

* General Data Protection Regulation (GDPR) requirements regarding minors

* Other applicable regional and international privacy laws concerning minors

SMS Data Collection

We collect SMS data when you interact with our SMS services, including messages sent and received, as well as metadata such as the time and date of messages. We do not share or sell your SMS data to third parties. Your SMS data is used exclusively for service-related purposes, such as confirming appointments, sending reminders, and providing customer support. We are committed to maintaining the confidentiality and security of your SMS data, and we do not disclose or sell it for marketing or any other purposes.

Information We Collect

We may collect information that personally identifies, relates to, describes, or is capable of being associated with you ("Personal Information"), including:

* Identifiers such as name, mailing address, service address, email addresses, phone numbers, and GerardiAI account login information;

* Commercial information such as payment card or bank account information, and the type(s) of service subscribed to;

* Internet or other electronic network activity information such as browsing/search history, IP address, data collected by cookies and similar technologies, device information (device IDs, specifications, operating system, etc.);

* Geolocation data such as non-precise geographic location indicators from mobile devices, websites, and service addresses;

* Audio, electronic, visual, or similar information such as voice recordings, chat transcripts, and email correspondence;

* Professional/employment information such as employer and occupation;

* Inferences drawn from other Personal Information or data that relate to your preferences, interests, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

Some of the Personal Information listed above may be considered Sensitive Personal Information under relevant privacy laws. This includes GerardiAI account login credentials. Each type of Sensitive Personal Information may overlap with a category of Personal Information listed above.

Usage Data and Site Activity

We automatically collect information in connection with the actions you take on our Site ("Usage Data"). For example, each time you use our Site, we may collect the type of web browser you use, the type of device you use, your device ID, your operating system and version, your IP address, your internet service provider, the pages you view, referring and exit pages, the date and time of your visit, and the number of clicks to, from, and within our Site, and the duration of your visits. Among other things, this data helps us estimate our audience size and usage patterns, recognize you when you return to our Site, store information about your preferences, customize our Site according to your interests, and speed up your searches. If the data we automatically collect is capable of being associated with you directly or indirectly, we treat it as Personal Information under the categories of Identifiers or Internet or other electronic network information, as appropriate. If this information is not capable of being individually associated with you, we treat it as Usage Data.

Communication Recordings

We may record calls and retain the content of text messages, chat transcripts, or other written/electronic communications between you and us. Important for Massachusetts Residents: Massachusetts is a two-party consent state for call recordings. When required by local law, you will be informed that the call is being recorded and have the option to terminate the call or continue. By communicating with us, you consent to our recording and retention of communications where permitted.

How We Collect Information

From You

We collect information from you when you use the Site with or without registration, upon registration, and when you use our Services. You are not required to provide us your Personal Information; however, if you choose not to provide the requested information, you may not be able to use some or all of the features of the Site or Services, or we may not be able to fulfill your requested interaction. You are responsible for ensuring the accuracy of the information you submit to GerardiAI in connection with your use of the Site. You are also responsible for the use of your password and its use by anyone to whom you disclose it or who obtains it from you.

Third-Party Personal Information Sources

We may collect Personal Information from third-party data sources such as the Clients we serve.

Cookies & Other Automated Tools

GerardiAI uses third-party advertising and analytics services to help analyze how you use the Site. GerardiAI and these services use "cookies," which are text files placed on your computer, to collect standard Internet log information and visitor behavior information. Some of the information generated by the cookies about your use of the website (including IP address) is transmitted to service providers and used to evaluate your use of the Site and to compile statistical reports on website activity and audience data for GerardiAI.

You may choose to accept or decline cookies. Most web browsers automatically accept them, but you can modify your web browser settings to decline cookies. If you reject cookies by changing your browser settings, be aware that this may disable some of the functionality on our Site.

By registering and using the Services, you consent to GerardiAI sending you communications and marketing materials related to services or products provided to you by GerardiAI or that may otherwise be of interest to you, including services or products of our partners or third parties. You will have an opportunity to opt out of receiving marketing communications by following the instructions provided in the communication, or by replying "STOP" to any text message if applicable.

How We Use and Disclose Your Information

Generally

We may use Personal Information for business purposes, such as to:

* Provide you with the Site and Services;

* Service consumer accounts;

* Communicate with you (including via text messages,calls and emails subject to your consent);

* Market products and services to you;

* Evaluate, develop, and improve business operations;

* Perform marketing and other types of research and analytics;

* Develop new or modified products and services;

* Operate information security and anti-fraud programs;

* Comply with applicable legal requirements, industry standards, contractual obligations, our policies, and take actions that we deem necessary to preserve and enforce our rights and the rights of others;

* Perform day-to-day business operations such as accounting and general management; and

* Respond to governmental and other legal requests.

We use Sensitive Personal Information as follows:

GerardiAI account login information – to permit access to customer online accounts, and in connection with our security and anti-fraud programs.

We may also use Personal Information and/or Sensitive Personal Information as described to you at the point of collection, with your consent, or as otherwise required or permitted by applicable laws.

Service Providers

We may disclose your Personal Information to other businesses ("Service Providers") to provide services to us or on our behalf. Categories of service providers we use include:

* Fulfillment and account servicing vendors (help us provide products, services, and information to you);

* Payment processors (help us accept and process payments for our products/services);

* Marketing and communications vendors (help us market our products/services to you);

* Research and development vendors (help us develop and improve our products and services);

* Data and business analytics vendors (help us collect, analyze, and improve the accuracy of our data);

* IT and network administration vendors (provide services such as data storage and management, website hosting, and data security);

* Professional service firms (provide accounting, legal, auditing, and other professional services); and

* General service providers (help us with day-to-day business operations such as office support services, courier services, facilities management, and document destruction).

We require each Service Provider to use reasonable security measures appropriate to the nature of the information involved to protect your Personal Information from unauthorized access, use, or disclosure. Service Providers are prohibited from using Personal Information we provide to them other than as specified by us. We disclose the following categories of personal information for a business purpose: Identifiers/Contact Information, Commercial information, Internet or other electronic network activity information, geolocation, visual and audio information, and inferences drawn from the above.

Third Party Selling and Sharing

We do not sell or share (for targeted or cross-context behavioral advertising purposes) your Personal Information to other companies that do not provide services to us.

Other Third-Party Disclosures

We may occasionally disclose your Personal Information to third parties for purposes such as:

* To comply with the law;

* To respond to legal requests (including court orders, investigative demands, and subpoenas) if, in our discretion, we believe it is necessary or appropriate;

* To prevent or stop any illegal, unethical, or legally actionable activity;

* To protect the safety, property, or rights of ourselves, consumers, or any other third party;

* If we are merged, acquired, or sold, or in the event of a divestiture, restructuring, reorganization, or transfer of some or all of our assets and the disclosure is necessary to complete the transaction;

* To businesses controlling, controlled by, or under common control with us; and

* For additional purposes with your consent, where such consent is required by law.

Security

* We recognize the importance of safeguarding the confidentiality of Personal Information from loss, misuse, or alteration. Accordingly, we employ commercially reasonable administrative, technical, and physical safeguards to protect such Personal Information from unauthorized access, disclosure, and use.

* Even with these safeguards, no data transmission over the Internet or other network can be guaranteed 100% secure. As a result, while we strive to protect information transmitted on or through our Site or Services, you transmit information at your own risk.

Additional US State Privacy Rights

If you are a resident of a state with an applicable privacy law, you may have additional rights to access and control your Personal Information. Exemptions may apply. Consumer privacy rights for residents of these states include:

Right to Access

You have the right to request twice per 12-month period that we provide you:

* The categories or specific pieces of Personal Information we collected about you;

* The categories of sources from which we collected your Personal Information;

* The business or commercial purpose for which we collected your Personal Information;

* The categories of Third Parties with whom we sold, shared, or disclosed your Personal Information, including the categories of Personal Information sold, shared, or disclosed to each and the purposes for doing so.

Right to Deletion

You have the right to request that GerardiAI delete any of your Personal Information we have collected from or about you. We may not delete your Personal Information if GerardiAI:

* Needs to retain the personal information to comply with applicable law, exercise our rights, detect and protect against fraudulent and illegal activity, or comply with other legal obligations;

* Uses the personal information internally in a manner that you have authorized or is reasonably within your expectations as a consumer, such as if we need to complete a transaction for you.

Right to Correct

* You have the right to request that we correct inaccurate Personal Information we maintain about you.

* After you request to correct inaccurate Personal Information, we will provide instructions for you to provide us with optional documentation to support your request and we will consider it.

* We may decline to correct your Personal Information if we determine that your request is fraudulent or abusive or if we determine, based on the totality of the circumstances, that your correction is more likely inaccurate than accurate.

* We may decide to delete your allegedly inaccurate Personal Information instead of correcting it.

* If you only wish to update your contact information or other Personal Information rather than disputing its accuracy, please make the changes directly in your account or email us at [email protected]

Right to Appeal

* You have the right to appeal our decision to deny, in full or in part, one or more of your privacy requests.

* We will process appeal requests within 45 days of receipt, subject to any applicable exemptions and extensions permitted by law.

* If we deny your appeal, we will provide you with a written explanation of the reasons for our decision.

Right to Opt-Out from the Sale or Sharing of Personal Information

* You have the right to direct us not to sell or share (for targeted or cross-context behavioral advertising purposes) your Personal Information to Third Parties.

* We will process requests within 15 business days, subject to any applicable exceptions and extensions permitted by law.

Authorized Agent

* If you are an authorized agent submitting a request on behalf of a California resident, you must provide a copy of a lawful power of attorney or a written signed authorization from the consumer along with proof of your identity.

* You may provide this documentation via email to [email protected] after submitting the request.

* We may contact you and/or the consumer on whose behalf you claim to act to verify your authorization.

Non-Discrimination Notice

* We will not discriminate against any consumer for exercising their privacy rights under law or this Privacy Policy.

California "Do Not Track" Disclosure

* Do Not Track is a web browser privacy preference that causes the web browser to broadcast a signal to websites requesting that a user's activity not be tracked. At this time, our Site and Services do not respond to "do not track" signals.

Links to Other Sites

The Site contains links to other third-party websites. GerardiAI is not responsible for the privacy practices of such third-party websites. We strongly recommend that you review the privacy policy of each website that you access prior to providing any personal information to make sure you understand what data is collected and how such data is used by third parties.

Data Security and Compliance

GerardiAI maintains commercially reasonable safeguards to protect Personal Information. We comply with applicable data security laws, including Massachusetts regulations regarding the protection of personal information (201 CMR 17.00). Please note that no website or internet transmission is ever completely secure, so we cannot guarantee that unauthorized access, hacking, data loss, or other breaches will never occur.