Privacy Policy

4. AI Technologies and Data Processing

Automatica AI’s core offering involves AI technologies. While our website (www.automaticai.ca) does not directly offer AI services or AI interactions, once you become a client, our services utilize AI as follows:

AI Features We Use (Post-Client Onboarding)

Our services integrate advanced AI features to assist your business:

• AI text agents for customer support and communication.
• AI voice agents for automated assistance and interaction.
• Other AI features integrated into our products and services to enhance efficiency.

Voice and Conversation Data (Post-Client Onboarding)

When your staff or customers interact with our AI voice agents (as part of the service we provide to you, our client):

• Voice recordings are processed solely to provide the requested services. They may be retained temporarily for quality assurance, training, and service improvements specific to your service delivery.
• Users will typically be notified when recording begins and may have the option to opt out as per your (our client's) configuration.
• Voice data may be transcribed into text for further processing by our AI.
• Enhanced security measures protect this data.
• As a client, you may request deletion of recordings related to your service by contacting [email protected].

AI Ethics and Commitments

As we develop and deploy AI technologies, Automatica AI is dedicated to upholding the following ethical principles:

• Transparency: We clearly disclose when and how AI is used within our services.
• Human Oversight: Our AI systems operate under appropriate human supervision and review.
• Data Privacy: We process personal data for AI training and operations only with proper consent and robust safeguards.
• Non-Discrimination: We regularly test our AI systems for bias to ensure fair and equitable treatment.
• Security: We implement strong security measures to protect data processed by our AI technologies.
• Accountability: We accept full responsibility for the functioning and impacts of our AI systems.

We continuously assess our AI technologies against these principles and update our practices accordingly. Our development roadmap includes ongoing ethical reviews and impact assessments to maintain responsible AI use.

5. Data Sharing and Third Parties

We value your trust and your data.

We Do Not Sell Your Data: We never sell or trade your personal information, or the personal information of your customers, to third parties.

Limited Sharing With Trusted Service Providers: We share data only as needed with trusted third parties who assist us in operating our website and providing our services. These include:

• Stripe and PayPal for secure payment processing.
• GoHighLevel CRM for customer relationship management and lead nurturing.
• Hosting and cloud storage providers for data storage.
• SMS message providers for authorized text communications sent on behalf of our clients.
• AI technology providers powering our services, including Retell AI and n8n, which facilitate our AI voice and text interactions and workflow automation.
• Analytics and advertising partners (like Google and Facebook, as detailed below).

We have Data Processing Agreements (DPAs) or similar contractual safeguards in place with these providers to ensure they meet our privacy standards and are legally obligated to keep your data confidential, comply with privacy laws, and use your data only for the specific purposes we define.

AI Service Provider Limitations

When we share data with our AI technology providers (like Retell AI and n8n), they are restricted to:

• Processing data only for our agreed purposes related to providing the AI services.
• Maintaining strict security and confidentiality measures.
• Not using your data, or your clients' data, for their own AI training or other purposes without explicit consent from you and/or your clients.
• Notifying us promptly of any security incidents.
• Deleting or returning data after the service ends, as per our agreements.

GoHighLevel (GHL) Data Handling

We utilize GoHighLevel as our CRM and for managing client accounts. GoHighLevel acts as a Data Processor for the data you upload to their platform, and you (our client) act as the Data Controller. GoHighLevel is committed to data privacy and security, as outlined in their policies:

• Data Processing Agreement (DPA): GoHighLevel provides a DPA that clarifies roles and responsibilities.
• Data Usage: GoHighLevel states they do not use personal data uploaded by their users for their own purposes or for training AI/ML models without instruction from the user.
• Security: They implement administrative, technical, and organizational security measures, including encryption (TLS for data in transit, AES-256 for data at rest), and conduct regular security assessments such as SOC 2 audits.
• Compliance Support: GoHighLevel provides tools to help its users (our agency) comply with privacy regulations like GDPR, CCPA, and PIPEDA, but the ultimate responsibility for compliance of the uploaded data rests with the user (the Data Controller).

For more details, please refer to the GoHighLevel Privacy Policy and their Privacy and Security information.

n8n Data Handling

We use n8n for workflow automation. n8n's privacy practices include:

• Data Processing Agreement (DPA): n8n includes a Data Processing Agreement as part of its standard Terms of Service, which incorporates Standard Contractual Clauses (SCCs) for GDPR compliance.
• Data Minimization: n8n takes care to keep self-hosted data anonymous and avoids collecting sensitive data. For n8n Cloud, they only retain data for as long as necessary to provide the core service.
• Security: n8n encrypts credentials and implements security measures to protect user data. They undergo annual SOC 2 audits.
• Data Usage: n8n does not use personal data for training AI/ML models. Data shared with AI services is limited to workflow context and is generally deleted after 30 days.

For more details, please refer to n8n Legal and n8n Privacy and Security.

Retell AI Data Handling

We use Retell AI for AI-powered voice interactions. Retell AI's data handling practices include:

• Data Security: Retell AI implements measures to protect Protected Health Information (PHI) and offers Business Associate Agreements (BAAs) for HIPAA compliance.
• Data Usage: Retell AI processes call data to provide its services, including transcription and analysis. They offer features to opt out of sensitive data storage.
• Consent: Retell AI requires customers to obtain necessary consent for AI-generated calls.

For more details, please refer to the Retell AI Privacy Policy.

6. SMS/Text Message Privacy

Automatica AI does not send SMS/text messages directly to its own website visitors or clients. Our SMS services are exclusively used for sending messages on behalf of our clients to their customers or leads.

Regarding SMS/Text Messages Sent on Behalf of Our Clients:

When Automatica AI sends SMS/text message reminders, confirmations, follow-ups, or promotional messages to your customers/leads as part of the services we provide to you (our client):

• Our clients are solely responsible for obtaining and maintaining legally compliant consent from their customers or leads to receive these messages, in accordance with Canada's Anti-Spam Legislation (CASL), the U.S. TCPA, CTIA guidelines, and other applicable laws.
• All messages include opt-out instructions. Recipients can stop messages at any time by replying "STOP." Automatica AI will confirm the opt-out via SMS, cease messaging immediately, and notify the client of the opt-out status. Recipients may also reply "HELP" for assistance.
• We do not sell or share recipient phone numbers or opt-in data with any third parties. Data is securely processed only to provide the contracted messaging service on behalf of our clients.
• Automatica AI adheres to industry-standard carrier guidelines and legal frameworks governing SMS communication, including CTIA and CASL regulations.
• Message and data rates may apply. Message frequency may vary based on client campaign settings.

Sample Client Consent Language: Clients should use clear language like: “By providing my phone number, I consent to receive SMS messages for appointment reminders, promotions, and follow-ups from [Client's Business Name]. Message and data rates may apply. Reply STOP to unsubscribe.”

For more information, please review our Terms of Service.

7. Emails and Communications

When you fill out an advertisement form or a form on our website (www.automaticai.ca), you're opting in to receive email correspondence directly from Automatica AI, such as responses to your inquiries or information about our services. You can opt out of receiving future email correspondence from us by selecting the appropriate option when you register or make a purchase, or by contacting us at [email protected].

Please note: As part of the services we provide, we also send email reminders, confirmations, and promotional content on behalf of our clients to their customers. These automated emails will appear to originate from our clients' own domain email addresses, powered by Automatica AI's automation systems (such as GoHighLevel subaccounts), not directly from Automatica AI. This process is detailed further in the "How We Use Your Information" section.

8. Marketing Communications

Automatica AI does not send its own marketing communications to website visitors or direct clients. Any marketing or promotional content you may receive via email or SMS will be sent by Automatica AI **solely on behalf of our clients** to their customers. These communications will appear to originate from the client's own domain or designated number, and are only facilitated where our clients have obtained the necessary legal consent from their recipients.

9. Processing Restrictions

In certain situations, you may request that we restrict the processing of your personal data—for example, if you contest its accuracy or object to its processing while we verify your concerns. During this restriction period, we will retain your data but will not share it with third parties without your consent, except as necessary to comply with legal obligations or protect rights. You may also choose to opt out of data processing entirely, but doing so may result in termination of your account and loss of access to our services.

10. Complaints

If you believe we have misused your data or violated your rights under this Privacy Policy or applicable law, you have the right to file a complaint with us directly at [email protected] or with an appropriate regulatory authority or data protection agency.

11. Fair Information Practices (PIPEDA Compliance)

Automatica AI is committed to complying with the Personal Information Protection and Electronic Documents Act (PIPEDA) and the Fair Information Principles it embodies. These principles guide the responsible collection, use, and disclosure of personal information and ensure your privacy rights are respected.

In accordance with PIPEDA, we follow these core principles:

• Accountability: We are responsible for the personal information under our control and designate individuals who oversee our privacy compliance.
• Identifying Purposes: We clearly explain why we collect personal information before or at the time of collection.
• Consent: We obtain your meaningful consent for the collection, use, or disclosure of your personal information, except where inappropriate or otherwise permitted by law. For information provided to us by our clients (e.g., their customers' data), we rely on our clients to obtain all necessary consents.
• Limiting Collection: We collect only the personal information necessary for the identified purposes.
• Limiting Use, Disclosure, and Retention: Personal information is used and disclosed only for the purposes for which it was collected, unless further consent is obtained or permitted by law. We retain information only as long as necessary to fulfill those purposes.
• Accuracy: We take reasonable steps to ensure personal information is accurate, complete, and up-to-date as necessary.
• Safeguards: We protect personal information with appropriate security safeguards to prevent unauthorized access, disclosure, or misuse.
• Openness: We make our policies and practices relating to personal information readily available.
• Individual Access: Upon request, we inform you of the existence, use, and disclosure of your personal information and provide access to that information.
• Challenging Compliance: You may challenge our compliance with these principles, and we have procedures to investigate and respond to complaints.

Data Breach Notification:

In the event of a privacy breach that poses a real risk of significant harm, we will promptly notify affected individuals as required by Canadian privacy law and cooperate with authorities.

You have the right to seek recourse through the Privacy Commissioner of Canada or other applicable regulatory authorities if you believe your rights have been violated.

12. International Data Transfers

Our servers and providers are located in Canada and the United States. By using our services, you consent to the transfer, processing, and storage of your data in these countries, which may have different privacy laws than your home country.

13. Data Retention

We keep your personal data (information collected directly from you as a website visitor or client) only as long as necessary for business or legal reasons.

For data processed on behalf of our clients (e.g., voice recordings and transcripts of their customers' interactions with our AI, or their customers' contact information):

• Voice recordings are generally retained for up to **90 days** unless otherwise required by contract or law.
• Transcripts may be kept for up to **12 months** for service improvement purposes.
• Client customer contact information (names, emails, phone numbers) used for messaging is retained as long as necessary to provide the services to our client, or until an opt-out or deletion request is received and processed, subject to legal obligations.

Anonymized or aggregated data may be stored indefinitely for analytical purposes.

14. Security

We implement industry-standard technical and organizational measures, including encryption and access controls, to protect your data from unauthorized access, alteration, disclosure, or destruction. However, no system is 100% secure. You acknowledge this inherent risk by using our services. We will promptly notify you of any breaches that may expose you to serious risk.

15. Sensitive Data

Do not send us sensitive data (e.g., social security numbers, health, genetic data). If you do, you consent to its processing under this Policy. Our AI systems are designed to detect and filter sensitive information when possible, and you can request deletion of such data.

16. Your Rights

As a website visitor or Automatica AI client, you have certain rights regarding your personal data, subject to applicable laws and reasonable limitations:

• Update and Correct: You may update or correct any personal information you have provided. Contact us to request changes or deletions.
• Access and Confirmation: You have the right to request confirmation of what personal data we hold about you, how we use it, and whether it is shared with third parties. We will provide copies of your data unless doing so infringes on others’ rights.
• Consent Management: You may withdraw or change your consent for the use of your personal data. Note that withdrawing consent may limit your access to some services or require account deletion.
• Data Portability: You may request a copy of your data in a machine-readable format and ask us to transfer it to another service provider, unless it poses an undue burden.
• Data Deletion: You can request that we delete your personal data, subject to legal or legitimate business retention requirements. Deletion requests may result in account termination and loss of access.
• Fees and Verification: We may charge a reasonable fee for repeated requests and will verify your identity before processing data requests to protect your privacy.

AI-Specific Rights (for Automatica AI Clients)

If you are an Automatica AI client:

• You may request information about any significant decisions made solely by AI about you (as a client).
• You have the right to request human review of automated decisions that have significant effects related to your Automatica AI service.
• You may request deletion of AI-collected data related to your service, including voice recordings and transcripts.

For Customers of Our Clients: If you are a customer or lead of one of our clients and wish to exercise your privacy rights regarding data we process on their behalf, please direct your request to our client directly. As the Data Controller, they are responsible for fulfilling your request. We will cooperate with our clients to fulfill legitimate requests in accordance with our agreements.

To exercise any of these rights, please contact us at [email protected].

17. Ontario Privacy Rights

If you are a resident of Ontario, Canada, you have the right to:

• Request access to the personal information we hold about you.
• Request correction of inaccurate or incomplete personal information.
• Request deletion of your personal information, subject to legal or business retention requirements.
• Withdraw consent to the collection, use, or disclosure of your personal information, which may affect your access to certain services.
• File a complaint with us regarding our handling of your personal data.

We will verify your identity before fulfilling any request and respond within a reasonable timeframe as required under Canadian privacy laws.

To exercise your rights or for privacy-related inquiries, please contact us at [email protected].

18. COPPA

We do not knowingly collect personal information from children under 13 and do not market to them. Our services are intended for businesses and adults.

19. Canada Anti-Spam Legislation (CASL) Compliance

We comply with Canada’s Anti-Spam Legislation (CASL), which regulates commercial electronic messages by requiring:

• Consent before sending commercial emails or texts.
• Clear identification of the sender.
• An unsubscribe mechanism in every message.
• Prompt action on unsubscribe requests.

When sending commercial electronic messages (including reminders, confirmations, and promotions) on behalf of our clients, which may appear to originate from their domain, we rely on our clients to have obtained and maintained proof of valid consent from their customers/recipients in accordance with CASL. We act as a service provider to facilitate these communications through our automation systems, and our clients are responsible for ensuring the sender identification in such messages is accurate and compliant.

For more details on CASL, please visit the official government site: https://ised-isde.canada.ca/site/canada-anti-spam-legislation/en

20. Cookies and Tracking

We use cookies and similar technologies (e.g., web beacons, pixels) on www.automaticai.ca to:

• Improve website functionality: To make our site work correctly and enhance your browsing experience.
• Analyze usage: To understand how visitors interact with our website, which pages are most popular, and identify areas for improvement.
• Deliver relevant advertising: To show you ads that might be of interest to you based on your browsing habits (see "Third-Party Integrations" below).

You can manage your cookie preferences directly through your browser settings. Please be aware that disabling cookies may reduce the functionality of certain parts of our website.

Third-Party Integrations

We utilize third-party services on our website for analytics and advertising purposes:

• Google: We use Google Analytics for website traffic analysis and Google advertising services (e.g., Google Ads, remarketing, demographic reporting). You may opt out of Google Analytics tracking via the Google Analytics Opt-Out Browser Add-On: https://tools.google.com/dlpage/gaoptout
• Facebook: We use Facebook Pixel and advertising features for retargeting and reporting on ad campaign effectiveness. You can learn more about opting out of Facebook interest-based ads here: https://www.facebook.com/help/568137493302217

21. Updates to This Privacy Policy

We may update this Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. Updates will be posted at www.automaticai.ca/privacy with a new effective date. Your continued use of our website after any updates signifies your acceptance of the revised Policy.

22. Contact Us

Questions, requests, or complaints can be directed to:

Automatica AI

Email: [email protected]