Privacy Policy

AI Genesis LLC ("AI Genesis," "we," "us," or "our") is committed to protecting the privacy of individuals who visit our website at ai-genesis.ai ("Website"), as well as the end users of client deployments powered by our Digital Hires platform ("Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information.

1. Information We Collect

1.1 Website Visitors

• Contact information you voluntarily provide when booking a call or submitting a form (name, email address, company name, phone number).
• Usage data collected automatically, including IP address, browser type, operating system, referring URLs, pages visited, and timestamps.
• Device identifiers such as cookies and similar tracking technologies (see Section 6).

1.2 Client Deployments (Digital Hires)

• Conversational data generated when end users interact with a Digital Hire deployed on a client's website, including messages, metadata, and session identifiers.
• Client-provided data such as knowledge bases, FAQs, product catalogs, and business information used to train and configure each Digital Hire.
• Analytics data including conversation volumes, resolution rates, and performance metrics.

2. How We Use Your Information

• To provide, operate, and improve our Website and Services.
• To respond to inquiries, schedule calls, and communicate with prospective and current clients.
• To configure, deploy, and optimize Digital Hires for each client.
• To generate aggregated, de-identified analytics to improve platform performance.
• To detect, investigate, and prevent fraudulent or unauthorized activity.
• To comply with legal obligations and enforce our agreements.

3. Data Sharing and Disclosure

We do not sell, rent, or trade your personal information. Each client's data is logically and infrastructurally isolated. We may share information only in the following circumstances:

• Service providers — Vetted subprocessors who assist with hosting, monitoring, and security, each bound by data processing agreements.
• Legal requirements — If required by law, subpoena, court order, or governmental request.
• Business transfers — In connection with a merger, acquisition, or sale of assets, with prior notice.
• With your consent — When you explicitly authorize disclosure.

Critically, customer data is never sent to OpenAI, Google, Anthropic, or any third-party model provider. All AI models run on AI Genesis managed infrastructure.

4. Data Retention and Deletion

We retain personal information only for as long as necessary to fulfill the purposes described in this policy, unless a longer retention period is required by law. Client deployment data is retained for the duration of the service agreement and deleted within 30 days of contract termination, unless otherwise agreed in writing.

You may request deletion of your personal information at any time by contacting us (see Section 13). We will process your request within 30 days, subject to any legal retention obligations.

5. Data Security

We implement industry-leading security measures to protect your data:

• Encryption at rest (AES-256) and in transit (TLS 1.3).
• Isolated infrastructure per client — no shared tenancy.
• SOC 2 Type II certified operations.
• Role-based access controls with multi-factor authentication.
• Regular penetration testing and third-party security audits.
• 24/7 security monitoring and incident response.

6. Cookies and Tracking Technologies

Our Website uses cookies and similar technologies for the following purposes:

• Essential cookies — Required for Website functionality, such as session management.
• Analytics cookies — Help us understand how visitors interact with our Website to improve performance and content.

You can control cookies through your browser settings. Disabling certain cookies may affect Website functionality.

7. Third-Party Services

Our Website integrates with the following third-party services:

• Cal.com — For scheduling calls and meetings. Subject to Cal.com's Privacy Policy.
• Analytics providers — For anonymous, aggregated Website usage analysis. No personal data is shared with advertising networks.

These services have their own privacy policies, and we encourage you to review them. We do not control their data practices.

8. Your Rights Under GDPR (EEA Residents)

If you are located in the European Economic Area (EEA), you have the following rights under the General Data Protection Regulation:

• Right of access — Request a copy of the personal data we hold about you.
• Right to rectification — Request correction of inaccurate or incomplete data.
• Right to erasure — Request deletion of your personal data ("right to be forgotten").
• Right to data portability — Receive your data in a structured, machine-readable format.
• Right to object — Object to processing based on legitimate interests or direct marketing.
• Right to restrict processing — Request limitation of processing under certain conditions.

To exercise any of these rights, contact us at the information provided in Section 13. We will respond within 30 days.

9. Your Rights Under CCPA (California Residents)

If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with the following rights:

• Right to know — Request disclosure of the categories and specific pieces of personal information we have collected.
• Right to delete — Request deletion of your personal information.
• Right to opt out — We do not sell personal information. No opt-out is necessary.
• Right to non-discrimination — We will not discriminate against you for exercising your CCPA rights.

10. Children's Privacy

Our Website and Services are not directed at individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have inadvertently collected such data, we will take immediate steps to delete it. If you believe a child under 16 has provided us with personal information, please contact us immediately.

11. International Data Transfers

AI Genesis is based in the United States. If you access our Website or Services from outside the United States, your information may be transferred to, stored, and processed in the United States or other jurisdictions where our infrastructure operates. We ensure that all international transfers comply with applicable data protection laws, including the use of Standard Contractual Clauses (SCCs) for transfers from the EEA, and Data Processing Agreements with all subprocessors.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. We will post the updated policy on this page and update the "Last Updated" date. For material changes, we will provide notice via email or a prominent notice on our Website. Your continued use of our Website or Services after any changes constitutes acceptance of the revised policy.

13. Contact Information

If you have questions about this Privacy Policy or wish to exercise your data rights, please contact us: