Privacy Policy

Last Updated: January 5, 2026

Your privacy is important to us. This policy explains how AIVA Connect collects, uses, and protects your personal information.

Table of Contents

Introduction

Welcome to AIVA Connect ("we," "our," or "us"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains what information we collect, how we use it, and what rights you have in relation to it.

This policy applies to all information collected through our website, platform, and services (collectively, the "Services"). Please read this policy carefully. If you do not agree with the terms of this Privacy Policy, please do not access the Services.

Data We Collect

We collect personal information that you provide to us, information automatically collected when you use our Services, and information from third-party sources.

How We Use Your Data

We use your personal information for the following purposes:

  • Service Delivery: To provide, maintain, and improve our AI receptionist services, including call handling, message routing, and VIP contact management.
  • AI Training: To train and improve our AI models (you can opt-out via your account settings).
  • Analytics: To analyze usage patterns, understand user behavior, and improve our Services.
  • Communication: To send you service updates, technical notices, security alerts, and support messages.
  • Marketing: With your consent, to send promotional emails about new features, special offers, and events.
  • Legal Compliance: To comply with legal obligations, resolve disputes, and enforce our agreements.

Data Sharing

We may share your personal information in the following situations:

Third-Party Service Providers

  • Twilio: Phone number provisioning and call routing
  • Retell AI: AI voice processing and transcription
  • Stripe: Payment processing
  • AWS/Supabase: Data hosting and storage
  • Google Analytics: Usage analytics (if you consent)

We Do NOT Sell Your Data

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., court orders, subpoenas).

Your Rights (GDPR/CCPA)

Depending on your location, you may have the following rights regarding your personal data:

Right to Access

You can request a copy of all personal data we hold about you.

Right to Deletion

You can request deletion of your personal data, subject to legal obligations.

Right to Portability

You can request your data in a structured, machine-readable format.

Right to Object

You can object to processing of your personal data for marketing purposes.

Right to Rectification

You can request correction of inaccurate or incomplete data.

Right to Restrict Processing

You can request limitation of how we process your data.

How to Exercise Your Rights

To exercise any of these rights, please:

Data Security

We implement appropriate technical and organizational security measures to protect your personal information:

  • Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256)
  • Access Controls: Strict role-based access controls limit who can access your data
  • Regular Audits: Security audits and penetration testing (SOC 2 compliance in progress)
  • Employee Training: All staff undergo security and privacy training
  • Breach Notification: We will notify you within 72 hours of any data breach affecting your information

Important: No method of transmission over the Internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

Data Retention

We retain your personal information for as long as necessary to provide our Services and comply with legal obligations:

Account Data: Retained until you delete your account
Call Logs & Recordings: Retained for 2 years for quality and legal purposes
Analytics Data: Retained for 14 months
Payment Records: Retained for 7 years for tax and legal compliance

Children's Privacy

Our Services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@connectaiva.com and we will delete such information.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

  • Posting the new Privacy Policy on this page
  • Updating the "Last Updated" date
  • Sending you an email notification (for material changes)

Your continued use of our Services after changes are posted constitutes acceptance of the updated policy.

Contact Us

Questions About This Policy?

If you have any questions about this Privacy Policy or our data practices, please contact us:

Email: privacy@connectaiva.com

Privacy Center: Manage Your Privacy Preferences

AIVA Connect
Privacy Compliance Team
Response Time: Within 30 days