Effective Date: November 1, 2025 Last Updated: November 1, 2025

1. Introduction Aloevoice.com ("Aloevoice," "we," "us," or "our") is a provider of Voice AI Technologies, business integrations, and automation services. We operate from Brooklyn, New York, serving healthcare and business clients by providing advanced AI communication solutions.

This Privacy Policy describes how we collect, use, disclose, and protect your personal information when you use our website, platform, and services (collectively, the "Services").

We are committed to protecting your privacy and complying with applicable data protection laws, including the Health Insurance Portability and Accountability Act (HIPAA), the California Consumer Privacy Act (CCPA), and other relevant state and federal regulations.

By accessing or using our Services, you agree to the collection, use, and disclosure of your information as described in this Privacy Policy.

2. Information We Collect

2.1 Information You Provide Directly We collect information that you provide directly to us when you register for an account, purchase services, or communicate with us:

Account Registration: Name, email address, business name, business address, phone number, and authorized user details.

Billing Information: Payment method details (credit card, bank account) which are processed securely by our third-party payment processors (e.g., Stripe). We do not store full credit card numbers on our servers.

Communications: Messages, support tickets, feedback, and other communications you send to us.

Service Configuration: Custom instructions, scripts, knowledge bases, and workflows you configure for your Voice AI agents.

2.2 Voice & Service Data (HIPAA & Business Data) As a provider of Voice AI services for healthcare and business clients, we process specific types of sensitive data on your behalf:

Voice Data: Audio recordings of calls made or received through our platform.

Transcripts: Text-based transcripts of voice conversations generated by our AI sub-processors.

Call Metadata: Call duration, timestamps, originating and destination phone numbers, call status, and analytics data.

Protected Health Information (PHI): For healthcare clients, we may process PHI (e.g., patient names, dates of birth, medical information) contained within voice recordings or transcripts. This data is handled in strict accordance with our Business Associate Agreement (BAA) and HIPAA regulations.

2.3 Automatically Collected Information We automatically collect certain information when you visit our website or use our platform:

Usage Data: Information about how you use our platform, features accessed, pages visited, and time spent.

Device Information: IP address, browser type, device type, operating system, and unique device identifiers.

Log Data: Server logs, error logs, and system performance data.

Tracking Data: Information collected via cookies, pixels, and web beacons (see Section 6 below).

3. How We Use Your Information

We use the information we collect for the following purposes:

3.1 Service Provision & Operations

To provide, operate, and maintain our Voice AI and automation services.

To process metered billing transactions based on your usage (e.g., per-minute fees, per-integration fees).

To configure and deploy Voice AI agents that interact with your end-users or patients.

To manage your account, user authentication, and security.

3.2 Healthcare & Business Compliance

HIPAA Compliance: To securely store and retain PHI and other sensitive records for a minimum of six (6) years, or as required by applicable law and our BAA.

To enforce our Terms of Use and comply with legal obligations.

3.3 Analytics & Improvement

To monitor and analyze usage trends to improve our platform's performance and user experience.

To generate billing reports and usage summaries for your account.

To detect, prevent, and address technical issues, security breaches, and fraud.

3.4 Marketing & Communication

To send you technical notices, updates, security alerts, and administrative messages.

To send you promotional communications about new features or services (you may opt out of these at any time).

To deliver targeted advertising via third-party platforms (e.g., LinkedIn, Facebook, Google) based on your interests.

4. Data Sharing and Disclosure

We do not sell your personal data in the traditional sense. However, we may share your information in the following circumstances:

4.1 Sub-Processors & Service Providers We engage third-party companies to perform services on our behalf. These "Sub-processors" are contractually obligated to protect your data and, where applicable, sign Business Associate Agreements (BAAs) to ensure HIPAA compliance.

Voice AI & LLM Providers: We utilize services from providers such as OpenAI, Vapi, Twilio, Retell AI, Bland AI, and ElevenLabs to generate voice and text responses.

Cloud Infrastructure: Our platform is hosted on secure cloud infrastructure provided by Amazon Web Services (AWS) and Google Cloud Platform (GCP).

Payment Processing: We use Stripe (or similar vendors) to process payments.

Analytics & Marketing: We share data with Google Analytics, Meta (Facebook), and LinkedIn for analytics and advertising purposes.

4.2 Legal Requirements We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or a government agency).

4.3 Business Transfers If we are involved in a merger, acquisition, or asset sale, your personal information may be transferred. We will provide notice before your personal information becomes subject to a different privacy policy.

5. Data Retention

To comply with HIPAA regulations and ensure the integrity of healthcare records:

Retention Period: We retain all call logs, voice recordings, transcripts, and associated metadata for a minimum of six (6) years from the date of creation or the date when the record was last in effect, whichever is later.

Deletion: After the required retention period expires, data is securely deleted or anonymized in accordance with our data destruction policy, unless a longer retention period is required by law or for ongoing legal disputes.

6. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to track activity on our Service and hold certain information.

Essential Cookies: Necessary for the website to function (e.g., login sessions).

Analytics Cookies: Google Analytics helps us understand how visitors interact with our site.

Marketing Pixels: We use Facebook Pixel and LinkedIn Insights Tag to measure the effectiveness of our advertising and retarget users who have visited our site.

Your Choices: You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.

7. Security

We implement robust administrative, physical, and technical safeguards to protect your data, including:

Encryption: Data is encrypted in transit (TLS 1.2+) and at rest (AES-256).

Access Controls: Strict role-based access controls (RBAC) ensure only authorized personnel can access sensitive data.

Audits: Regular security assessments and logging of all system access.

While we strive to use commercially acceptable means to protect your Personal Information, no method of transmission over the Internet is 100% secure.

8. Children's Privacy

Our Services are strictly for business use (B2B) and are not intended for anyone under the age of 18. We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your child has provided us with Personal Data, please contact us.

9. Your Rights

Depending on your location, you may have rights regarding your personal information, including:

Right to Access: Request copies of the personal data we hold about you.

Right to Correction: Request that we correct any information you believe is inaccurate.

Right to Deletion: Request that we delete your personal data (subject to our 6-year HIPAA retention obligations).

Right to Opt-Out: Opt out of the "sale" or "sharing" of personal data for cross-context behavioral advertising.

To exercise these rights, please contact us at [email protected].

10. International Data Transfer

Aloevoice.com is located in the United States. If you choose to provide information to us from outside the U.S., please note that we transfer the data, including Personal Data, to the United States and process it there.

11. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. You are advised to review this Privacy Policy periodically for any changes.

12. Contact Us

If you have any questions about this Privacy Policy, please contact us:

Email: [email protected]

Address: Golden Ratio International Inc., dba Aloevoice.com 39 Brighton 6th Ct Brooklyn, NY 11235