Privacy Policy

1. Introduction

Welcome to Compliance AI, a division of Ray Management Group ("we," "us," or "our"). This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you use our AI-powered business automation services, including our website, AI agents, call handling systems, lead management platforms, and related services (collectively, the "Services").

We are committed to protecting your privacy and ensuring the security of your personal information. This policy complies with applicable data protection laws, including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other relevant privacy regulations.

2. Information We Collect

2.1 Personal Information You Provide

We collect information you directly provide to us, including:

• Contact Information: Name, email address, phone number, business address
• Business Information: Company name, industry, business size, role/title
• Account Information: Username, password, account preferences
• Communication Data: Messages, emails, chat logs, support requests
• Payment Information: Billing address, payment method details (processed securely through third-party payment processors)
• Demo and Consultation Data: Information shared during demos, strategy calls, or consultations

2.2 Information Collected Through AI Services

Our AI agents and automated systems collect:

• Call Data: Voice recordings, call transcripts, call duration, phone numbers
• Lead Information: Prospect details, interaction history, qualification status
• Appointment Data: Scheduling information, calendar integrations, meeting preferences
• Campaign Data: Ad performance metrics, lead sources, conversion data
• Operational Data: System usage patterns, feature utilization, performance metrics

2.3 Automatically Collected Information

We automatically collect certain technical information:

• Device Information: IP address, browser type, operating system, device identifiers
• Usage Analytics: Pages visited, time spent, click patterns, feature usage
• Location Data: General geographic location based on IP address
• Cookies and Tracking: Session data, preferences, authentication tokens

2.4 Third-Party Information

We may receive information from:

• Business Partners: Referral information, joint marketing data
• Public Sources: Publicly available business information
• Social Media: Professional profile information from LinkedIn and similar platforms
• Data Enrichment Services: Additional business contact information

3. How We Use Your Information

3.1 Service Provision

• Operate and maintain our AI agents and automation services
• Process and fulfill your service requests
• Manage your account and provide customer support
• Enable call handling, lead qualification, and appointment scheduling
• Integrate with your existing business systems and workflows

3.2 Communication and Marketing

• Send service-related notifications and updates
• Provide customer support and respond to inquiries
• Send marketing communications about our services (with consent)
• Conduct surveys and gather feedback
• Deliver personalized content and recommendations

3.3 Business Operations

• Analyze usage patterns to improve our services
• Conduct research and development for new features
• Monitor system performance and security
• Comply with legal obligations and protect our rights
• Process payments and manage billing

3.4 AI Training and Improvement

• Train and improve our AI models and algorithms
• Enhance natural language processing capabilities
• Optimize call handling and lead qualification processes
• Develop new AI features and functionalities

4. Information Sharing and Disclosure

4.1 Service Providers

We share information with trusted third-party service providers who assist us in:

• Cloud hosting and data storage (AWS, Google Cloud, Microsoft Azure)
• Payment processing (Stripe, PayPal)
• Communication services (Twilio, SendGrid)
• Analytics and monitoring (Google Analytics, Mixpanel)
• Customer support platforms (Zendesk, Intercom)
• Calendar and scheduling integrations (Calendly, Google Calendar)

4.2 Business Partners

We may share information with:

• Integration partners for seamless service delivery
• Marketing partners for joint campaigns (with consent)
• Resellers and distributors in our network

4.3 Legal Requirements

We may disclose information when required by law or to:

• Comply with legal processes, court orders, or government requests
• Protect our rights, property, or safety
• Investigate potential violations of our terms of service
• Prevent fraud or security threats

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity, subject to this privacy policy.

5. Data Security

5.1 Security Measures

We implement comprehensive security measures including:

• Encryption: Data encrypted in transit (TLS 1.3) and at rest (AES-256)
• Access Controls: Role-based access with multi-factor authentication
• Network Security: Firewalls, intrusion detection, and monitoring systems
• Regular Audits: Security assessments and penetration testing
• Employee Training: Security awareness and data handling protocols

5.2 Call Recording Security

Voice recordings and call data are subject to additional security measures:

• Encrypted storage with limited access
• Automatic deletion after specified retention periods
• Secure transcription and processing
• Compliance with telecommunications regulations

6. Data Retention

6.1 Retention Periods

We retain information for the following periods:

• Account Information: Duration of your account plus 7 years
• Call Recordings: 2 years unless legally required otherwise
• Lead Data: 3 years or as specified in your service agreement
• Payment Information: 7 years for tax and accounting purposes
• Marketing Data: Until you unsubscribe or withdraw consent

6.2 Deletion Procedures

We securely delete information when:

• Retention periods expire
• You request deletion (subject to legal requirements)
• Your account is terminated
• Information is no longer necessary for our business purposes

7. Your Privacy Rights

7.1 General Rights

You have the right to:

• Access: Request copies of your personal information
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your personal information
• Portability: Receive your data in a structured format
• Restriction: Limit how we process your information
• Objection: Object to certain types of processing

7.2 CCPA Rights (California Residents)

California residents have additional rights:

• Right to know what personal information is collected
• Right to delete personal information
• Right to opt-out of the sale of personal information
• Right to non-discrimination for exercising CCPA rights

7.3 GDPR Rights (EU Residents)

EU residents have rights under GDPR including:

• Right to withdraw consent at any time
• Right to lodge a complaint with supervisory authorities
• Right to object to automated decision-making
• Right to data portability

7.4 Exercising Your Rights

To exercise your rights, contact us at:

• Email: rayr@raysmgmt.com
• Phone: (609) 201-8431
• Mail: Ray Management Group - Privacy Department, PO Box 0631, Allentown, NJ 08501

We will respond to verified requests within 30 days (or as required by applicable law).

8. Cookies and Tracking Technologies

8.1 Types of Cookies

We use the following types of cookies:

• Essential Cookies: Required for basic website functionality
• Performance Cookies: Help us understand how visitors use our site
• Functional Cookies: Remember your preferences and settings
• Marketing Cookies: Used to deliver relevant advertisements

8.2 Cookie Management

You can control cookies through:

• Browser settings to block or delete cookies
• Our cookie preference center
• Opt-out tools provided by advertising networks
• Third-party cookie management tools

9. International Data Transfers

9.1 Transfer Mechanisms

When we transfer data internationally, we use:

• Standard Contractual Clauses: EU-approved contract terms
• Adequacy Decisions: Transfers to countries with adequate protection
• Binding Corporate Rules: Internal data transfer agreements
• Consent: Where legally permitted

9.2 Data Processing Locations

Your data may be processed in:

• United States (primary data centers)
• European Union (for EU customers)
• Other countries where our service providers operate

10. Children's Privacy

Our Services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children under 18. If we learn that we have collected information from a child under 18, we will delete it promptly.

11. Third-Party Links and Services

Our Services may contain links to third-party websites or integrate with third-party services. This Privacy Policy does not apply to those third parties. We encourage you to review their privacy policies before providing any information.

12. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or applicable laws. We will:

• Post the updated policy on our website
• Update the "Last Updated" date
• Notify you of material changes via email or prominent notice
• Obtain consent for changes that materially affect your rights

13. Contact Information

13.1 Privacy Questions

For privacy-related questions or concerns:

13.2 Data Protection Officer

For GDPR-related matters:

13.3 Business Contact

14. Compliance Certifications

Compliance AI maintains the following certifications and compliance standards:

• SOC 2 Type II: Annual audits of security controls
• ISO 27001: Information security management systems
• GDPR: European data protection compliance
• CCPA: California consumer privacy compliance
• HIPAA: Healthcare information protection (where applicable)
• PCI DSS: Payment card industry security standards