Privacy Policy

1.1 Information You Provide Directly

1.2 Information Collected Automatically

1.3 Information from Voice Agent Interactions

1.4 Information from Third-Party Integrations

When you connect third-party services:

We access third-party data only as necessary to provide the Service and only with your authorization through OAuth or API credentials you provide.

2.1 To Provide and Maintain the Service

• Creating and managing your Account
• Processing voice agent interactions
• Storing and retrieving conversation data
• Executing integrations and workflows
• Generating analytics and reports
• Providing customer support
• Processing payments and billing

2.2 To Improve the Service

• Analyzing usage patterns to identify improvements
• Testing new features and functionality
• Optimizing performance and reliability
• Training and improving AI models (using aggregated, anonymized data)
• Identifying and fixing bugs
• Conducting research and development

2.3 To Communicate with You

• Sending transactional emails (confirmations, receipts, notifications)
• Providing Service updates and announcements
• Responding to support inquiries
• Sending marketing communications (with your consent)
• Conducting surveys and gathering feedback
• Notifying you of Terms or Policy changes

2.4 For Security and Fraud Prevention

• Detecting and preventing unauthorized access
• Monitoring for suspicious activity
• Investigating potential violations of our Terms
• Complying with legal obligations
• Protecting against fraud and abuse
• Maintaining system security

2.5 For Legal and Compliance Purposes

• Complying with applicable laws and regulations
• Responding to legal requests (subpoenas, court orders)
• Enforcing our Terms of Service
• Protecting our legal rights
• Resolving disputes

2.6 With Your Consent

We may use your information for other purposes with your explicit consent.

3.1 We Do Not Sell Your Personal Information

Ayra does not sell, rent, or trade your personal information to third parties for their marketing purposes.

3.2 Service Providers

We share information with third-party service providers who perform services on our behalf:

These providers are contractually obligated to protect your information and use it only for the purposes we specify.

3.3 Business Transfers

If Ayra is involved in a merger, acquisition, bankruptcy, or sale of assets, your information may be transferred to the successor entity. We will provide notice before your information is transferred and becomes subject to a different privacy policy.

3.4 Legal Requirements

We may disclose your information when required by law or in response to:

• Subpoenas or court orders
• Legal process or government requests
• Protection of our legal rights
• Investigation of fraud or illegal activity
• Enforcement of our Terms of Service
• Protection of safety or security

We will attempt to notify you of legal demands for your information when allowed by law.

3.5 Aggregated and Anonymized Data

We may share aggregated, anonymized data that cannot identify you:

• Industry benchmarks and statistics
• Product usage trends
• Research findings
• Marketing materials

3.6 With Your Consent

We may share your information with third parties when you explicitly consent to such sharing.

3.7 Agency and White-Label Considerations

If you are an Agency customer using white-label features:

• Your clients (End Users) interact with the Service under your brand
• End Users' information is treated as your Content
• You are responsible for your clients' privacy rights
• We process End User data only on your behalf and at your direction

4.1 Account Data

We retain your Account information for as long as your Account is active. After Account termination:

• Core Account data is deleted within 30 days
• Billing records are retained for 7 years (tax and legal requirements)
• Anonymized usage data may be retained indefinitely

4.2 Conversation Data

Conversation recordings, transcripts, and analytics are retained according to your configured retention settings:

4.3 Backup Data

Deleted data may persist in backups for up to 90 days before being permanently purged from all systems.

4.4 Legal Holds

If data is subject to legal holds, litigation, or investigation, we will retain such data until the hold is lifted, regardless of retention settings.

5.1 Security Measures

We implement industry-standard security measures to protect your information:

5.2 Security Certifications

Ayra maintains the following security certifications:

• SOC 2 Type II compliance
• GDPR compliance framework
• HIPAA compliance (for customers with Business Associate Agreements)

5.3 Your Security Responsibilities

You are responsible for:

• Maintaining confidentiality of your Account credentials
• Using strong, unique passwords
• Enabling two-factor authentication
• Monitoring your Account for unauthorized access
• Promptly reporting security concerns

5.4 Security Incidents

In the event of a data breach:

• We will investigate immediately
• Affected users will be notified without unreasonable delay
• We will take steps to mitigate harm
• We will cooperate with regulatory authorities
• We will document and learn from incidents

To report a security vulnerability: security@ayra.ai

6.1 Access and Portability

You have the right to:

• Access your personal information
• Download your data in a portable format (JSON, CSV)
• Review conversation recordings and transcripts
• Obtain copies of your Account data

Access your data through the Service dashboard or contact privacy@ayra.ai.

6.2 Correction

You may update or correct your information at any time through your Account settings. If you cannot update information yourself, contact us at privacy@ayra.ai.

6.3 Deletion

You have the right to request deletion of your personal information. You may:

• Delete your Account through the dashboard (deletes all data)
• Request deletion of specific data by contacting privacy@ayra.ai
• Delete individual conversations through the Service interface

Exceptions: We may retain information necessary for legal obligations, dispute resolution, or fraud prevention.

6.4 Objection and Restriction

You may object to or request restriction of certain processing activities:

• Opt out of marketing emails (unsubscribe link in emails)
• Disable analytics cookies (browser settings)
• Request restriction of processing for specific purposes

6.5 Withdraw Consent

Where processing is based on consent, you may withdraw consent at any time. This does not affect the lawfulness of processing before withdrawal.

6.6 Automated Decision-Making

The Service uses automated decision-making for:

• Sentiment analysis
• Intent classification
• Conversation routing

You may contest automated decisions by contacting privacy@ayra.ai.

6.7 Complaints

If you believe we have violated your privacy rights, you may file a complaint with:

• Ayra at privacy@ayra.ai
• Your local data protection authority
• In the EU: Your Member State's supervisory authority

7.1 European Users (GDPR)

If you are in the European Economic Area (EEA), UK, or Switzerland:

7.2 California Users (CCPA/CPRA)

If you are a California resident:

7.3 Other U.S. States

Residents of Virginia, Colorado, Connecticut, Utah, and other states with privacy laws have similar rights to California residents. Contact privacy@ayra.ai to exercise these rights.

7.4 Canadian Users (PIPEDA)

Canadian users have rights under PIPEDA similar to GDPR rights. Contact privacy@ayra.ai for assistance.