Privacy Policy

1. What Information Do We Collect?

In Short: We collect personal information that you provide to us.

Personal Information You Disclose to Us

We collect personal information that you voluntarily provide to us when you register on the Services, express an interest in obtaining information about us or our products and Services, when you participate in activities on the Services, or otherwise when you contact us.

Personal Information Provided by You

The personal information we collect may include:

• Names
• Phone numbers
• Email addresses
• Usernames
• Passwords
• Job titles
• Mailing addresses

Sensitive Information

When necessary, with your consent or as otherwise permitted by applicable law, we process the following categories of sensitive information:

• Health data
• Data about a person's sex life or sexual orientation

Payment Data

We may collect data necessary to process your payment if you choose to make purchases, such as your payment instrument number, and the security code associated with your payment instrument. All payment data is handled and stored by Stripe. You may find their privacy notice here: https://stripe.com/privacy.

Information Automatically Collected

In Short: Some information — such as your IP address and/or browser and device characteristics — is collected automatically when you visit our Services.

We automatically collect certain information when you visit, use, or navigate the Services. This information does not reveal your specific identity but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, and information about how and when you use our Services.

Log and Usage Data

Log and usage data is service-related, diagnostic, usage, and performance information our servers automatically collect when you access or use our Services. This may include your IP address, device information, browser type, and settings and information about your activity in the Services.

2. How Do We Process Your Information?

We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law.

We process your personal information for a variety of reasons, including:

• To facilitate account creation and authentication and otherwise manage user accounts.
• To deliver and facilitate delivery of services to the user.
• To respond to user inquiries and offer support to users.
• To send administrative information about our products and services, changes to our terms and policies.
• To fulfill and manage your orders, payments, returns, and exchanges.
• To identify usage trends so we can improve our Services.
• To comply with our legal obligations, respond to legal requests, and defend our legal rights.

Use of Personal Information for Chatbot and Related Services: We use personal information collected through our chatbot solely for the purpose of providing and enhancing the chatbot functionality, responding to your inquiries, and delivering related Services. We do not use personal information for unrelated business purposes without first obtaining your additional, explicit consent.

3. What Legal Bases Do We Rely On?

In Short: We only process your personal information when we believe it is necessary and we have a valid legal reason to do so under applicable law.

If you are located in Canada, this section applies to you. We may process your information if you have given us specific permission (express consent) or in situations where your permission can be inferred (implied consent). You can withdraw your consent at any time.

In some exceptional cases, we may be legally permitted to process your information without your consent, including:

• If collection is clearly in the interests of an individual and consent cannot be obtained in a timely way
• For investigations and fraud detection and prevention
• For business transactions provided certain conditions are met
• If contained in a witness statement necessary to assess, process, or settle an insurance claim
• For identifying injured, ill, or deceased persons and communicating with next of kin
• If we have reasonable grounds to believe an individual has been, is, or may be victim of financial abuse
• If disclosure is required to comply with a subpoena, warrant, court order, or rules of the court
• If the collection is solely for journalistic, artistic, or literary purposes
• If the information is publicly available and specified by the regulations

4. When and With Whom Do We Share Your Personal Information?

We may need to share your personal information in the following situations:

• Business Transfers. We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.

5. Do We Use Cookies and Other Tracking Technologies?

We may use cookies and similar tracking technologies (like web beacons and pixels) to gather information when you interact with our Services. Some online tracking technologies help us maintain the security of our Services and your account, prevent crashes, fix bugs, save your preferences, and assist with basic site functions.

We also permit third parties and service providers to use online tracking technologies on our Services for analytics.

Google Analytics

We may share your information with Google Analytics to track and analyze the use of the Services. To opt out of being tracked by Google Analytics, visit https://tools.google.com/dlpage/gaoptout.

6. Do We Offer Artificial Intelligence-Based Products?

In Short: We offer products powered by artificial intelligence and do not use personal information for AI training without your explicit consent.

As part of our Services, we offer products, features, or tools powered by artificial intelligence, machine learning, or similar technologies ("AI Products"). The following additional terms apply:

1. Limited Purpose

Your input, output, and personal information are shared with our AI Service Providers only as necessary to enable the AI features you interact with. We do not permit AI Service Providers to use your personal information for their own product development, model training, or any other purposes outside of fulfilling your requests.

2. Prohibited Use of Personal Information for Training

Jakiro will not use any personal information collected from chatbot logs or similar user input to train our own or third-party AI models without your prior, express consent.

3. Contractual Safeguards

Where we engage third-party AI Service Providers (including OpenAI), they are contractually bound to process your information solely for the purpose of providing the requested AI functionalities and in accordance with this Privacy Notice.

4. Data Minimization & Security

We employ data minimization practices and technical measures to protect your personal information when using our AI Products.

7. How Long Do We Keep Your Information?

In Short: We keep your information for as long as necessary to fulfill the purposes outlined in this Privacy Notice unless otherwise required by law.

We will only keep your personal information for as long as it is necessary for the purposes set out in this Privacy Notice, unless a longer retention period is required or permitted by law. No purpose in this notice will require us keeping your personal information for longer than three (3) months past the termination of the user's account.

When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize such information, or securely store it and isolate it from any further processing until deletion is possible.

8. How Do We Keep Your Information Safe?

In Short: We aim to protect your personal information through a system of organizational and technical security measures, including encryption in transit and at rest.

We have implemented appropriate and reasonable technical and organizational security measures designed to protect the security of any personal information we process. These measures include:

• Encryption in Transit: All data transmitted between your browser or device and our servers is encrypted using TLS/SSL (Transport Layer Security).
• Encryption at Rest: Data stored in our databases and file systems is encrypted at rest using AES-256 or equivalent encryption standards.
• Cloud Infrastructure: Our Services are hosted on Google Cloud Platform (US-based), which maintains SOC 2, ISO 27001, and other industry certifications.
• Access Controls: Access to production systems and customer data is restricted to authorized personnel using role-based access controls and multi-factor authentication.

However, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure. You should only access the Services within a secure environment.

9. Do We Collect Information From Minors?

We do not knowingly collect, solicit data from, or market to children under 18 years of age, nor do we knowingly sell such personal information. By using the Services, you represent that you are at least 18 or that you are the parent or guardian of such a minor and consent to such minor dependent's use of the Services.

10. What Are Your Privacy Rights?

In Short: In some regions, you have certain rights under applicable data protection laws, including the right to access, rectify, or erase your personal information.

You can make such a request by contacting us using the contact details provided below. We will consider and act upon any request in accordance with applicable data protection laws.

Withdrawing Your Consent

If we are relying on your consent to process your personal information, you have the right to withdraw your consent at any time by contacting us. This will not affect the lawfulness of the processing before its withdrawal.

Opting Out of Marketing Communications

You can unsubscribe from our marketing and promotional communications at any time by clicking on the unsubscribe link in the emails we send, replying "STOP" to SMS messages, or by contacting us. No mobile information will be shared with third parties for marketing purposes.

Account Information

If you would like to review or change the information in your account or terminate your account, you can:

• Log in to your account settings and update your user account
• Contact us using the contact information provided

If you have questions or comments about your privacy rights, you may email us at support@jakiro.ai.

11. Controls for Do-Not-Track Features

Most web browsers and some mobile operating systems include a Do-Not-Track ("DNT") feature or setting you can activate to signal your privacy preference. At this stage, no uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals.

California law requires us to let you know how we respond to web browser DNT signals. Because there currently is not an industry or legal standard for recognizing or honoring DNT signals, we do not respond to them at this time.

12. Do US Residents Have Specific Privacy Rights?

In Short: If you are a resident of California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, or Virginia, you may have specific privacy rights.

Categories of Personal Information We Collect

We have collected the following categories of personal information in the past twelve (12) months:

• Category A. Identifiers — Contact details, such as name, postal address, phone number, email address, and account name
• Category B. California Customer Records — Name, contact information, education, employment, and financial information
• Category C. Protected Classifications — Gender, age, date of birth, race and ethnicity, national origin, marital status
• Category D. Commercial Information — Transaction information, purchase history, financial details, and payment information
• Category E. Biometric Information — Fingerprints and voiceprints
• Category F. Internet Activity — Browsing history, search history, online behavior, and interactions with websites
• Category G. Geolocation Data — Device location
• Category H. Sensory Information — Audio, video or call recordings created in connection with our business
• Category I. Professional Information — Business contact details, work history, and professional qualifications
• Category J. Education Information — Student records and directory information
• Category K. Inferences — Inferences drawn to create a profile about preferences and characteristics
• Category L. Sensitive Information — Health data, account login information, contents of communications

Your Rights

You have rights under certain US state data protection laws, including:

• Right to know whether or not we are processing your personal data
• Right to access your personal data
• Right to correct inaccuracies in your personal data
• Right to request the deletion of your personal data
• Right to obtain a copy of the personal data you previously shared with us
• Right to non-discrimination for exercising your rights
• Right to opt out of targeted advertising, sale of personal data, or profiling

How to Exercise Your Rights

To exercise these rights, you can contact us by emailing support@jakiro.ai. We will honor your opt-out preferences if you enact the Global Privacy Control (GPC) opt-out signal on your browser.

California "Shine The Light" Law

California Civil Code Section 1798.83 permits our users who are California residents to request information about categories of personal information disclosed to third parties for direct marketing purposes. If you are a California resident, please submit your request to us using the contact details provided below.

13. Data Breach Notification

In Short: If a data breach occurs that affects your personal information, we will notify you within 72 hours.

In the event of a data breach that results in unauthorized access to, or disclosure of, your personal information, we will:

• Notify affected users within 72 hours of becoming aware of the breach, via email to the address associated with your account.
• Notify applicable regulatory authorities as required by law, including the Office of the Privacy Commissioner of Canada under PIPEDA and relevant US state authorities.
• Provide details about the breach, including the nature of the incident, the types of data affected, the measures we are taking to address the breach, and recommended steps you can take to protect yourself.

14. Voice Recording Disclosure

In Short: Voice calls handled by our AI agents may be recorded. Callers are informed and consent is obtained before recording begins.

Recording Notice and Consent

Our Services include AI-powered voice agents that may record telephone conversations. Before any recording begins, callers are informed via an automated disclosure at the start of the call. By continuing the call after this disclosure, the caller consents to the recording. This process is designed to comply with applicable federal and state laws, including two-party consent requirements.

Storage and Security

Voice recordings are stored on encrypted servers hosted on Google Cloud Platform. Recordings are encrypted at rest and in transit using industry-standard protocols.

Retention Period

Voice recordings are retained for the duration of the customer's active account and for up to three (3) months following account termination, consistent with our general data retention policy. Recordings may be retained longer if required by law or for ongoing legal proceedings.

Access to Recordings

Access to voice recordings is restricted to authorized Jakiro personnel and the subscribing organization's designated administrators through the Jakiro dashboard. Recordings are not shared with third parties except as required by law or as described in this Privacy Notice.

15. Subprocessors

In Short: We use trusted third-party service providers to help deliver our Services. Below is a list of our primary subprocessors.

We engage the following third-party service providers (subprocessors) to process personal information on our behalf in connection with delivering our Services:

Each subprocessor is contractually obligated to maintain appropriate privacy and security measures consistent with this Privacy Notice and applicable data protection laws. We review our subprocessors periodically and update this list as needed.

16. Incident Response

In Short: We maintain a formal incident response process to detect, respond to, and recover from security incidents.

Jakiro maintains an internal incident response process led by our engineering and security team. In the event of a security incident, our process includes:

• Detection and Triage: Automated monitoring and alerting systems identify potential incidents, which are triaged by severity.
• Containment: Immediate steps are taken to contain the incident and prevent further impact.
• Investigation: A forensic analysis is conducted to determine the root cause, scope, and impact of the incident.
• Remediation: Vulnerabilities are patched and systems are restored to a secure state.
• Notification: Affected users and regulatory authorities are notified in accordance with our Data Breach Notification policy.
• Post-Incident Review: A retrospective is conducted to improve our security practices and prevent recurrence.

If you believe you have discovered a security vulnerability or suspect a security incident, please contact us immediately at support@jakiro.ai.

17. Do We Make Updates to This Notice?

In Short: Yes, we will update this notice as necessary to stay compliant with relevant laws.

We may update this Privacy Notice from time to time. The updated version will be indicated by an updated "Revised" date at the top of this Privacy Notice. If we make material changes, we may notify you by prominently posting a notice or by directly sending you a notification.

18. How Can You Contact Us About This Notice?

If you have questions or comments about this notice, you may email us at support@jakiro.ai or contact us by post at:

19. How Can You Review, Update, or Delete the Data We Collect From You?

Based on the applicable laws of your country or state of residence in the US, you may have the right to request access to the personal information we collect from you, details about how we have processed it, correct inaccuracies, or delete your personal information. To request to review, update, or delete your personal information, please fill out and submit a data subject access request.