1. Introduction

• Who We Are: Voxr AI Corp (“Voxr,” “we,” “us,” or “our”) provides an AI-powered communication platform offering voice, text, and email automation for sales, marketing, and customer support, serving industries including insurance, financial services, and healthcare.
• Purpose of the Policy: This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our platform, website, and related services (“Services”). We are committed to protecting your privacy and ensuring transparency.
• Applicability: This Policy applies to all users, customers, and visitors of our Services, including end-users, partners, resellers, and their clients. Please read it carefully to understand our practices.

2. Information We Collect

• Information Provided by Users/Customers:
  • Account registration details (name, email, company, phone)
  • Billing and payment information
  • Communications and correspondence with Voxr
  • Content uploaded, transmitted, or generated via the Service (including audio recordings, text transcripts, leads, contacts, and customer information)
  • Consents and authorizations (e.g., for voice cloning, data processing, HIPAA-related consents)
• Information Collected Automatically:
  • Device and usage data (IP address, browser type, device identifiers)
  • Log files and session data
  • Cookies, web beacons, and similar tracking technologies
  • Interaction history with our Service
• Information from Third Parties:
  • Data imported from integrated third-party platforms (e.g., CRM, telephony, email systems)
  • Information from partners, resellers, or affiliates (where permitted by law)
• Cookies and Tracking Technologies: We use cookies and similar technologies to enable essential platform functionality, such as keeping you logged in and personalizing your experience. We do not use cookies for advertising or from advertisers.
  • Authentication & Session Cookies: Help us recognize you when you log in and navigate our Services.
  • Performance & Service Improvement: Used to understand usage patterns and improve our Services (not for cross-site advertising).
  • Affiliate/Reseller Cookies: If you click on a reseller or affiliate link, we place a cookie to track the referral. These cookies expire within 30 days and are not used for any other purpose.
  You may control cookies through your browser settings, but some features may not work if cookies are disabled.

3. How We Use Information

• Providing and Improving the Service: To deliver, maintain, and enhance our platform’s features and security.
• AI Processing and Automation: To enable automated voice, text, and email communications, lead qualification, and customer support, including training and refining our AI models (in anonymized/aggregated form unless you opt out).
• Communications and Support: To respond to your requests, provide customer support, and notify you of updates or service issues.
• Marketing (if applicable): To send you information about our Services, events, or partner offerings (you may opt out at any time).
• Analytics and Reporting: To analyze trends, usage, and improve user experience.
• Compliance with Legal Obligations: To comply with laws and regulations (such as HIPAA, GLBA, insurance marketing laws, TCPA, GDPR, CCPA/CPRA), respond to lawful requests, and enforce our Terms.

4. Legal Bases for Processing (GDPR)

• Where required by law (e.g., GDPR in the EU/UK), we process your personal data on the following legal bases:
• Consent: Where you give us permission (e.g., for marketing or voice cloning).
• Contractual Necessity: To perform our contract with you (e.g., providing the Service).
• Legitimate Interests: To operate and improve our business, prevent fraud, and ensure network security.
• Legal Obligations: To comply with applicable law and regulatory requirements.

5. How We Share Information

• Sub-Processors and Service Providers: We use trusted third-party providers (e.g., hosting, analytics, payment processing, telephony, AI processing) who may access data only to perform services on our behalf and under contractual confidentiality and security obligations.
• CRM, Telephony, and Integrations: At your direction, we may share information with your integrated platforms and partners.
• Legal and Regulatory Disclosures: We may disclose data if required by law, regulation, or valid legal process, or to protect the rights, property, or safety of Voxr, our users, or the public.
• Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction, subject to standard confidentiality safeguards.
• We do not sell your personal data to advertisers or share it with third parties for their independent marketing purposes. Data may be shared only with trusted service providers under contract to help us operate the Service (such as hosting, analytics, payment processing, or telephony providers), or at your direction (for integrations), or as required by law. We require all service providers to adhere to strict confidentiality and security obligations.

6. International Data Transfers

• Data Storage Locations:
  • For users located outside the European Union, all personal data is stored on secure servers located in the United States with major US-based cloud providers.
  • For EU-based users, all personal data is stored on servers located within the European Union, also managed by major US cloud providers, to comply with local data protection regulations.
  • If you are located outside the United States or the European Union, your data may be transferred to and processed in these jurisdictions with different data protection laws.
  • Where required, we use appropriate safeguards for cross-border transfers, such as Standard Contractual Clauses (SCCs) or the UK Addendum.

7. Data Retention

• We retain personal data as long as necessary to provide the Service, fulfill the purposes described in this Policy, comply with legal obligations, resolve disputes, and enforce agreements.
• Retention periods may vary based on data type, regulatory requirements (e.g., HIPAA, insurance, or financial recordkeeping), and customer instructions.
• Upon account closure or upon request, we will delete or anonymize your personal data as required by law, subject to certain legal exceptions.

8. Your Rights and Choices

• Depending on your location and applicable law, you may have the following rights:
  • Access, Correction, Deletion: Request access to, correction, or deletion of your personal data.
  • Data Portability: Obtain a copy of your data in a structured, machine-readable format.
  • Opt-Out of Marketing: Unsubscribe from marketing communications at any time.
  • Objection to Processing: Object to certain types of processing (e.g., direct marketing, AI training).
  • Restriction of Processing: Request limits on how we process your data in certain circumstances.
  • Withdrawal of Consent: Withdraw consent where processing is based on consent (this does not affect processing prior to withdrawal).
  • CCPA Rights: California residents have additional rights, including the right to know, delete, opt out of sale/sharing, and not be discriminated against for exercising these rights.
• To opt out of anonymized data being used to improve our AI models, email support@voxr.ai with your request.
• To exercise other rights, please contact us using the details below. We may verify your identity before responding.

9. Security Measures

• Technical and Organizational Protections: We use industry-standard security practices, including encryption in transit and at rest, secure infrastructure (major cloud providers located in the U.S. and EU), access controls, and regular audits to protect your information. Most of our AI processing runs locally within our secure environment. We may also leverage leading U.S.-based AI tools and infrastructure, including Google Gemini, OpenAI GPT, Anthropic Claude, Microsoft Phi, and NVIDIA Agentic/LLM tools, where appropriate.
  • Any data transmitted through our system and any data stored are encrypted.
  • We also use the U.S. federal Do Not Call (DNC) and Canadian federal DNC lists to ensure compliance with telemarketing laws.
• Incident Response: We have procedures in place for detecting and responding to data security incidents. In the event of a data breach involving your personal information, we will notify affected users and, if required, relevant regulators within 72 hours of becoming aware of the breach, in compliance with applicable laws.

10. Children’s Privacy

• The Service is not intended for or directed to children under the age of 16 (or the minimum age required by local law). We do not knowingly collect personal information from children. If you believe a child’s data has been provided to us, please contact us and we will delete it.

11. Third-Party Services and Links

• Our Service may contain links or integrations to third-party websites, services, or applications. This Privacy Policy does not apply to those third parties, and we are not responsible for their privacy practices. Please review the privacy policies of any third-party service you interact with.

12. Changes to the Privacy Policy

• We may update this Privacy Policy from time to time to reflect changes to our practices, technology, or legal requirements. We will notify you of significant changes by posting an updated policy on our website and, where appropriate, via email or Service notification. Your continued use of the Service after such notice constitutes acceptance of the updated Policy.

13. Contact Information

• If you have any questions, requests, or concerns about this Privacy Policy or our privacy practices, please contact us at:
  Voxr AI Corp
  2200 Envoy Circle
  Louisville, KY 40299
  support@voxr.ai

14. Jurisdiction-Specific Disclosures

• California (CCPA/CPRA): California residents have the right to request information about our data practices, to access and delete their data, and to opt out of the “sale” or “sharing” of personal information as defined under CCPA/CPRA.
  We do not sell or share your personal information with third parties for cross-context behavioral advertising or any marketing purposes. We also do not use analytics cookies for advertising or share data with advertisers. For more information or to exercise your rights, contact us as above.
• EU/EEA/UK (GDPR): You have the right to lodge a complaint with your local data protection authority. Our legal basis for processing your data is set out in Section 4.
• Other Regions as Needed: We comply with local privacy and data protection laws in all jurisdictions where we operate. If you are unsure of your rights, please contact us.
• Special Notice for Healthcare, Insurance, and Financial Services Clients: If you are a covered entity or business associate under HIPAA, or are subject to GLBA or similar regulations, please contact us to execute a separate data protection addendum as required by law. We can provide a Business Associate Agreement (BAA) for HIPAA or a Data Protection Addendum for GLBA upon request.