Privacy Policy

1. Introduction

Primeassist.ai ("we," "our," or "us") operates an AI-powered customer engagement platform that enables businesses to communicate with their customers via Voice AI, WhatsApp, SMS, and Live Chat. This Privacy Policy applies to our website at primeassist.ai, our web application, APIs, and all related services (collectively, the "Platform").

By accessing or using the Platform, you acknowledge that you have read, understood, and agree to the collection and use of information in accordance with this policy. If you are a business customer using our Platform to engage your end-users, you are responsible for ensuring that your own privacy notices comply with applicable laws and reflect how Primeassist.ai processes data on your behalf.

2. Information We Collect

2.1 Information You Provide Directly

Account data: Name, email address, company name, phone number, and password when you register.
Billing information: Payment card details (processed securely by our payment processor; we do not store full card numbers), billing address, and VAT/tax ID.
Communications: Messages, feedback, or support requests you send us.
Demo & onboarding data: Information provided when booking a demo or completing onboarding forms.

2.2 Information Collected Automatically

Usage data: Pages visited, features used, click paths, session duration, and error logs within the Platform.
Device & technical data: IP address, browser type and version, operating system, time zone, and device identifiers.
Cookies & similar technologies: Session tokens, preference cookies, and analytics identifiers (see Section 6).

2.3 Customer Communication Data (Processed on Your Behalf)

When you use our Platform to send messages or conduct calls on behalf of your business, we process the content and metadata of those communications (e.g., call recordings, transcripts, message logs) as a data processor acting under your instructions. You, as the data controller, are responsible for the lawful basis of processing that data.

3. How We Use Your Data

We use the information we collect for the following purposes:

Service delivery: To create and manage your account, process transactions, and provide the Platform's features.
Product improvement: To analyse usage patterns, debug issues, and enhance the AI models and user experience.
Customer support: To respond to queries, troubleshoot problems, and provide technical assistance.
Communications: To send service notifications, security alerts, and — where you have opted in — marketing emails about new features and offers.
Legal & compliance: To comply with applicable laws, enforce our Terms, and prevent fraud or abuse.
Analytics: To generate aggregated, anonymised statistics about Platform usage.

We do not sell your personal data to third parties. We do not use your customer communication data to train our AI models without your explicit consent.

4. Sharing & Disclosure

We may share your information in the following circumstances:

Service providers: Trusted vendors who process data on our behalf (e.g., cloud hosting, payment processing, email delivery, analytics). These providers are contractually bound to protect your data.
Business transfers: In connection with a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction. We will notify you before your data is subject to a different privacy policy.
Legal requirements: When required by law, court order, or governmental authority, or where necessary to protect our legal rights.
With your consent: For any other purpose disclosed to you at the time of collection, with your prior consent.

5. Data Security

We implement industry-standard technical and organisational measures to protect your data against unauthorised access, alteration, disclosure, or destruction. These include:

Encryption in transit (TLS 1.2+) and at rest (AES-256)
Role-based access controls and multi-factor authentication for internal systems
Regular security audits and vulnerability assessments
Incident response procedures and breach notification processes

No method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security. In the event of a data breach affecting your rights, we will notify you in accordance with applicable law.

6. Cookies & Tracking Technologies

We use cookies and similar technologies to operate and improve the Platform. Our cookies fall into three categories:

Essential cookies: Required for the Platform to function (e.g., authentication tokens, session management). These cannot be disabled.
Analytics cookies: Help us understand how users interact with the Platform (e.g., Google Analytics with IP anonymisation enabled). You may opt out via your browser settings or our cookie preference centre.
Marketing cookies: Used to deliver relevant advertising and measure campaign effectiveness, only where you have consented.

You can control cookie preferences through your browser settings. Note that disabling non-essential cookies may affect some Platform features.

7. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes described in this policy or as required by law:

Account data: Retained for the duration of your account plus 90 days after deletion, to allow recovery and resolve disputes.
Communication data (processed on your behalf): Retained per your configured settings; default retention is 12 months unless you configure otherwise.
Financial records: Retained for 7 years to comply with accounting and tax regulations.
Support tickets: Retained for 3 years after resolution.

You may request deletion of your data at any time (subject to legal retention obligations) by contacting us at the address in Section 12.

8. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

Access: Request a copy of the personal data we hold about you.
Rectification: Request correction of inaccurate or incomplete data.
Erasure ("right to be forgotten"): Request deletion of your data where there is no compelling reason for its continued processing.
Restriction: Request that we restrict processing of your data in certain circumstances.
Portability: Receive your data in a structured, machine-readable format and transfer it to another controller.
Objection: Object to processing based on legitimate interests or for direct marketing purposes.
Withdraw consent: Where processing is based on consent, withdraw it at any time without affecting the lawfulness of prior processing.

Residents of California (CCPA/CPRA), the European Union, and the United Kingdom have additional rights. To exercise any of these rights, please contact us at privacy@primeassist.ai. We will respond within 30 days.

9. Third-Party Services

Our Platform integrates with third-party services (e.g., WhatsApp Business API via Meta, Shopify, telephony carriers). When you use these integrations, data may be processed by those third parties under their own privacy policies. We encourage you to review those policies. We are not responsible for the privacy practices of third-party services.

10. Children's Privacy

The Platform is intended for businesses and individuals aged 18 and over. We do not knowingly collect personal data from children under 13 (or the applicable age of digital consent in your jurisdiction). If we become aware that we have inadvertently collected such data, we will delete it promptly. If you believe we may have collected data from a child, please contact us immediately.

11. Policy Changes

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. We will notify you of material changes by posting the updated policy on this page with a revised "Last updated" date and, where appropriate, by email. Your continued use of the Platform after the effective date constitutes acceptance of the updated policy.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact our Data Privacy team:

Primeassist.ai — Privacy Team

Email: privacy@primeassist.ai

Website: primeassist.ai

If you are located in the European Union and believe your rights have not been adequately addressed, you have the right to lodge a complaint with your local data protection authority.