Privacy Policy

Effective Date: July 20, 2025
Last Updated: July 22, 2025

Azulio.ai ("we," "us," or "our") is a Texas-based Software-as-a-Service (SaaS) provider offering AI-driven voice automation, customer engagement tools, workflow automation, and lead management solutions. Our platform includes a combination of proprietary and third-party technologies that provide business intelligence (BI) capabilities, customer relationship management (CRM), and artificial intelligence (AI) functionality (collectively, the "Services").

We take data privacy seriously and are committed to protecting your personal information and sensitive customer deal data. This Privacy Policy explains how we collect, use, share, and safeguard your information—including when engaging with integrated technology partners.

By using our Services, you agree to the practices described below.

1. Roles and Responsibilities

Depending on context, we may act as:

A data controller (or "business" under laws like CPRA and TDPSA), when managing account and billing information.
A data processor (or "service provider"), when handling CRM and customer deal data on behalf of our clients.

Our third-party CRM and AI providers serve as sub-processors, governed by contracts that include Data Processing Addendums (DPAs) with standard security and confidentiality obligations.

2. Information We Collect

2.1 Personal Information

We collect the following information directly from you:

Contact Details: Name, email, phone, company name, and job title
Account Information: Login credentials, billing info, subscription preferences
User-Provided Content: CRM entries, customer contact details, transaction history, financial data, and other deal-related content
Sensitive Personal Information: If applicable (e.g., voiceprints or biometric identifiers), collected only with explicit consent in accordance with CPRA/TDPSA

2.2 Automatically Collected Information

When using our Services:

Usage Data: IP address, browser/device type, actions performed, pages visited
Cookies & Tracking: See our [Cookie Policy]
AI-Generated Data: Automated insights (e.g., lead scoring, predictions), which may include profiling—processed with appropriate privacy controls

2.3 Third-Party Data Sources

Integrations: Data shared via third-party services you authorize
Public Data: Enrichment information from lawful sources (e.g., business registries)

3. How We Use Your Information

We use collected data to:

Provide and Improve Services: Operate and enhance CRM/AI features
Ensure Platform Security: Fraud detection, system integrity, and compliance
Process Transactions: Manage subscriptions and billing
Analyze and Report: Monitor platform performance and AI model accuracy
Communicate: Deliver service notices, product updates, or alerts
Market (with Consent): Send promotional content, which you may opt out of

All use follows data minimization principles—only what's necessary, no more.

4. AI Usage and Model Training

Our platform uses AI to deliver predictive analytics, voice automation, and lead insights. This may include automated profiling (e.g., prioritizing leads) but never for legal or similarly significant decisions without human review or consent.

We do not use your data to train third-party foundation models, nor do we contribute customer deal data to external AI systems. Any internal model tuning uses de-identified data only.

All AI processing is:

Role-restricted and access-controlled
Anonymized where feasible
Bound by sub-processor contracts

You may object to profiling under applicable laws (see Section 8).

5. Data Sharing and Disclosure

We do not sell or share personal or customer deal data, including for cross-context behavioral advertising. We only share data:

With Authorized Service Providers: Bound by DPAs and confidentiality terms
With Integrated Third-Party Tools: Only with your permission
For Legal Compliance: In response to valid subpoenas or government requests
During Business Transactions: With notice if part of a merger or acquisition

6. Data Security

We employ industry-standard safeguards:

Encryption (in transit and at rest)
Role-Based Access Controls (least privilege principle)
Regular Security Assessments (internal and third-party)
Tenant Segregation: Prevents cross-account data access
Data Protection Impact Assessments (for high-risk AI use)

If a breach occurs, we'll notify affected users within required timelines (e.g., 72 hours under GDPR).

7. Data Retention

We retain data as follows:

Account Data: Retained for the life of the account + 90 days
CRM / Deal Data: Deleted within 30 days of subscription termination
Backups: May be retained longer with secure access controls

Third-party processors are required to delete data upon contract termination.

Early deletion may be requested (see Section 8).

8. Your Privacy Rights

Depending on your location, you may have the right to:

Access or correct your data
Request deletion of personal or deal data
Restrict or object to certain processing
Receive a copy of your data (portability)
Opt out of profiling or targeted advertising
Limit use of sensitive personal information
Opt out of sale or sharing (though we don't engage in this)

To exercise your rights, email: [Insert Contact Email]

We honor Global Privacy Control (GPC) signals where required.

We will respond within legal timeframes (e.g., 30 days under GDPR, 45 days under CPRA/TDPSA). If we act as a processor, we may forward your request to the data controller.

9. Communication Preferences

You may opt out of:

Marketing Emails: Via unsubscribe links or account settings
Non-Essential Messages: Product news, surveys, etc.

Transactional emails (e.g., billing notices, system alerts) are required for service and cannot be disabled without terminating your account.

10. International Data Transfers

We host and process data in [insert location, e.g., the United States]. If you access the Services from another jurisdiction, your data may be transferred across borders.

We use Standard Contractual Clauses (SCCs) and similar legal mechanisms to safeguard cross-border transfers in accordance with GDPR and other frameworks.

11. Third-Party Integrations

You may authorize integration of third-party services (e.g., email, analytics, marketing). These are governed by their own privacy policies, and we are not responsible for their practices.

We recommend reviewing their terms prior to enabling any integration.

12. Voice and Call Processing

If our AI voice features include recording or transcription, you are responsible for:

Complying with consent laws (e.g., one- vs. two-party states)
Informing and obtaining consent from participants
Managing disclosures on your end

If biometric data (e.g., voice prints) is involved, it is processed only with explicit consent and may be subject to additional rights (see Section 8).

13. Children's Privacy

Our Services are not intended for:

Children under 13 (in accordance with COPPA), or
Individuals under 16 (where GDPR applies)

We do not knowingly collect data from minors. If you believe we have done so, contact us immediately.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via:

Email notification, or
Platform alert

The current version will always be available at this page with the "Last Updated" date shown above.

15. Contact Us

If you have any questions or wish to exercise your rights, contact:

Azulio

Email: info@azulio.ai

Phone: (512) 957-4993

Data Protection Officer (DPO): support@azulio.ai

16. Governing Law

This Privacy Policy is governed by the laws of the State of Texas, without regard to conflict of law principles. Users outside the U.S. may also be subject to local data protection regulations.

This policy complies with:

GDPR (EU/EEA)
CCPA / CPRA (California)
TDPSA (Texas)
VCDPA, CPA, CTDPA (other U.S. states)
Other applicable international privacy laws