Privacy Policy

1. Overview

Crockett LLC, operating as Agentifiq ("Agentifiq," "we," "us," or "our") operates an AI-powered business automation platform that helps organizations automate inbound communications, manage customer relationships, and accelerate growth through intelligent agent workflows. This Privacy Policy explains how we collect, use, store, share, and protect personal data from three categories of individuals: website visitors who browse agentifiq.com, prospective clients who submit inquiries or sign up for early access, and tenant end-users of the Agentifiq platform.

This policy governs agentifiq.com and all associated subdomains, as well as any application or service that links to this policy. Our principal place of business is 1901 Pacific Ave, Suite 12030, Dallas, TX 75201, USA. We are subject to the laws of the State of Texas and, where applicable, federal US law.

If you have questions about this policy or wish to exercise any of your privacy rights, please contact us at privacy@agentifiq.com.

2. Data We Collect

Information You Provide Directly

When you interact with our website or platform, you may provide personal information including:

• Contact and identity data: your full name, email address, phone number, job title, and company name when you submit a contact form, book a strategy call, or sign up for our newsletter.
• Account credentials: email address and password when you register for the Agentifiq platform; OAuth tokens when you authenticate via Google.
• Billing information: credit card numbers and billing addresses are entered directly into Stripe's secure payment interface. Agentifiq does not store raw payment card data on our servers. We retain Stripe customer IDs and subscription metadata.
• Communications: any messages, feedback, or support requests you send to us.

Platform Usage Data (Tenant Clients)

When your business subscribes to Agentifiq and uses our AI automation services, we process data on your behalf that may include:

• Voice call recordings and transcripts: generated by the AI Receptionist when callers contact your business phone number. Recordings are stored for 90 days by default.
• SMS and messaging content: inbound and outbound messages routed through the AI Receptionist SMS bridge, including any escalation threads.
• Appointment and booking data: names, email addresses, phone numbers, and meeting preferences submitted by your customers when booking through the AI Receptionist.
• CRM records: contact profiles, interaction history, notes, and pipeline stage data created or updated through Agentifiq's engagement tools.
• Review management data: review platform credentials (stored encrypted), review content retrieved on your behalf, and response drafts generated by AI.

Automatically Collected Data

When you visit agentifiq.com, our servers and analytics tooling automatically collect:

• IP address and approximate geolocation (country, region, city)
• Browser type, version, and operating system
• Device type (desktop, mobile, tablet)
• Pages visited, time on page, scroll depth, and click paths
• Referring URL (the site you came from)
• Session duration and engagement metrics

We use first-party analytics only. We do not load Google Analytics, Meta Pixel, or any third-party behavioral tracking scripts on our public website.

Cookies

We use cookies and similar technologies as described in detail in our Cookie Policy. In summary: we use strictly necessary cookies for session management and authentication, and optional first-party analytics cookies to understand how visitors use our site.

3. How We Use Your Data

We use the personal data we collect for the following purposes:

• Providing and operating the platform: processing your requests, routing voice and SMS communications, managing your account and tenant environment, and delivering the AI automation services you have contracted for.
• Responding to inquiries: when you submit a contact form or book a strategy call, we use your information to respond promptly and follow up as appropriate.
• Service-related communications: sending transactional emails such as account confirmations, password resets, two-factor authentication codes, billing receipts, and service status notifications. We do not send marketing email without your explicit consent.
• Payment processing: passing necessary billing information to Stripe to process subscription charges, invoices, and refunds.
• Platform improvement: analyzing aggregated, de-identified usage patterns to identify performance bottlenecks, prioritize features, and improve reliability. Individual user data is not used for model training without explicit written consent.
• Security and fraud prevention: monitoring for unauthorized access attempts, rate-limit violations, spam, and abuse of our AI services.
• Legal compliance: retaining records as required by applicable law, responding to lawful requests from government authorities, and enforcing our Terms of Service.

4. Sharing & Disclosure

We do not sell personal data. We do not share personal data with advertising networks, data brokers, or marketing platforms. We share data only in the circumstances described below.

Infrastructure and Service Providers

We engage vetted third-party providers to operate the platform. Each is bound by a Data Processing Agreement (DPA) that restricts their use of data to providing services on our behalf:

• Stripe — payment processing and subscription management (USA)
• Neon / PostgreSQL — primary cloud database hosting (USA)
• Backblaze B2 — object storage for file uploads and voice recordings (USA)
• SignalWire — voice and SMS carrier infrastructure for AI Receptionist (USA)
• Telnyx — alternative voice/SMS infrastructure for AI Receptionist (USA)
• OpenAI — large language model inference for AI Receptionist responses, call summaries, and SEO content generation (USA). OpenAI's API data is not used to train their models per their API terms.

Legal Requirements

We may disclose your information if we believe in good faith that disclosure is required to: (a) comply with applicable law, regulation, legal process, or governmental request; (b) enforce our Terms of Service; (c) detect, prevent, or address fraud, security, or technical issues; or (d) protect the rights, property, or safety of Agentifiq, our users, or the public.

Business Transfers

If Agentifiq is involved in a merger, acquisition, asset sale, or bankruptcy proceeding, your personal data may be transferred as part of that transaction. We will provide notice (by email or prominent notice on our website) before your data is transferred and becomes subject to a different privacy policy.

With Your Consent

We may share data for any other purpose with your explicit prior consent.

5. Data Retention

We retain personal data only as long as necessary to fulfill the purposes described in this policy, or as required by law. Our standard retention periods are:

• Account and subscription data: retained for the duration of your active subscription plus 90 days following cancellation or termination, to allow for account recovery and billing dispute resolution. After 90 days, your data is deleted from production systems and removed from backups within a further 30-day window.
• Voice call recordings: 90 days from the date of the call, unless you configure a longer retention period in your account settings or your subscription plan includes extended retention.
• Voice transcripts and call summaries: 90 days, aligned with recording retention.
• SMS conversation logs: 90 days from the date the conversation was resolved or timed out.
• Contact form submissions: 2 years from submission date, to support follow-up and relationship management.
• Billing records and invoices: 7 years, as required for tax and accounting compliance.
• Server access logs: 90 days for security monitoring purposes.

You may request earlier deletion of your personal data at any time by contacting privacy@agentifiq.com. Deletion requests will be fulfilled within 30 days, subject to legal retention obligations. Note that deletion of your account data will terminate your access to the platform.

6. Your Rights

Depending on your jurisdiction, you may have the following rights with respect to your personal data. We honor these rights regardless of where you are located, to the extent technically and legally feasible.

All Users

• Access: request a copy of the personal data we hold about you.
• Correction: request correction of inaccurate or incomplete personal data.
• Deletion: request deletion of your personal data, subject to legal retention obligations.
• Data portability: receive your data in a structured, machine-readable format.
• Withdraw consent: where we process data based on your consent, you may withdraw that consent at any time without affecting the lawfulness of prior processing.

California Residents (CCPA / CPRA)

• Right to know: the categories and specific pieces of personal information we have collected about you, the sources, the purposes, and the third parties with whom it is shared.
• Right to delete: request deletion of personal information we have collected from you, with certain exceptions.
• Right to correct: request correction of inaccurate personal information.
• Right to opt out of sale or sharing: we do not sell or share personal information for cross-context behavioral advertising, so this right is not currently exercisable. Should our practices change, we will update this policy and provide a "Do Not Sell or Share" mechanism.
• Right to limit use of sensitive personal information: we only use sensitive personal information (such as government ID, precise geolocation, or financial data) for the purpose for which it was collected.
• Non-discrimination: we will not discriminate against you for exercising your CCPA rights.

EEA and UK Residents (GDPR / UK GDPR)

• Restriction of processing: request that we restrict processing of your data under certain circumstances.
• Object to processing: object to processing based on legitimate interests or for direct marketing.
• Lodge a complaint: you have the right to lodge a complaint with your local supervisory authority. In the UK, this is the Information Commissioner's Office (ICO). In the EU, contact your national data protection authority.

7. Cookies & Tracking

We use cookies and similar browser storage technologies to operate and improve our website and platform. For complete details on the specific cookies we set, their purpose, duration, and your control options, please see our Cookie Policy.

In summary, our cookie usage falls into two categories:

• Strictly necessary cookies: required for the platform to function. These include session cookies that keep you logged in, CSRF protection tokens that secure form submissions, and load balancer cookies. These cookies cannot be disabled without breaking platform functionality.
• Analytics cookies (optional): first-party cookies that help us understand how visitors navigate our public website — which pages are most visited, where users exit, and how traffic flows. We use aggregated data only. These cookies are optional and can be declined via our cookie consent banner.

We do not use third-party advertising cookies, retargeting pixels, or any tracking technologies that follow you across websites after you leave agentifiq.com. We do not honor or send Do Not Track (DNT) browser signals, as there is no consistent industry standard for them, but we do respect browser-level cookie blocking.

8. Children

The Agentifiq platform is designed for use by businesses and their employees. It is not directed to, intended for, or marketed to individuals under the age of 13. We do not knowingly collect personal data from children under 13.

If you are a parent or guardian and believe that your child under 13 has provided personal data to us, please contact us at privacy@agentifiq.com and we will promptly delete that information from our systems.

Users of the platform who are between 13 and 18 years of age must have parental or guardian consent to use the service.

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other business reasons. All changes will be posted on this page with an updated "Last updated" date at the top.

For material changes — those that significantly affect your rights or how we process your data — we will provide additional notice:

• Registered platform users will receive an email notification at the address associated with their account at least 14 days before the change takes effect.
• We will display a prominent notice on the Agentifiq dashboard for logged-in users during the notice period.

Your continued use of our website or platform after the effective date of any updated Privacy Policy constitutes your acceptance of the changes. If you do not agree with the updated policy, you must discontinue use of our services and may request deletion of your account data.

We encourage you to review this policy periodically to stay informed about how we protect your information.

10. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us through any of the following channels:

We take privacy inquiries seriously and commit to responding within 5 business days for general questions, and within 30 calendar days for formal rights requests.