Privacy Policy

aiapps365 is a product of Avant-Garde Global LLC, a California limited liability company headquartered in Long Beach, California. Throughout this Privacy Policy, "we", "us", and "aiapps365" refer to Avant-Garde Global LLC operating under the aiapps365 brand.

For privacy questions, opt-out requests, or any inquiry about how your personal information is handled, contact us at privacy@aiapps365.com (preferred). If that mailbox is unavailable, reach us at aiapps365@gmail.com. Mailing address: Long Beach, California (specific address available on request).

Marketing forms. When you submit a demo booking, contact form, or onboarding intake on this site, we collect the fields you provide (name, business name, email, phone, vertical, free-text message, optional preferred time) plus light metadata (IP address, user agent, referrer, UTM parameters) used solely for spam triage and attribution.

Account data (tenant staff). When a tenant business signs up, we collect business contact information, the names and email addresses of authorized staff members, and per-staff role assignments. Authentication is handled by our authentication provider; we never see or store passwords.

Call audio and transcripts. For inbound calls our AI receptionist handles, we receive an audio recording, a real-time transcription, and structured outputs (caller name, requested service, scheduled appointment, etc.) from our voice provider. Call recording is disclosed to the caller verbally at the start of the call (see California Two-Party Consent below).

SMS content. When you text our published toll-free number, we receive your phone number, the message body, and message metadata (timestamp, carrier-supplied message ID). We store the conversation thread to power the menu-driven response flow described in the Use section.

Calendar OAuth tokens. If a tenant connects a Google Calendar, we store an OAuth refresh token (encrypted at rest) so the AI can read availability and write new appointments. We do not read calendar events outside the configured calendar.

Payment data. Subscription billing is handled by our payment processor. We never see, store, or process card numbers; we receive an opaque customer identifier and the subscription status.

Cookies. We do not use marketing or analytics cookies on the public site at this time. Authenticated areas use a single session cookie required for sign-in.

To deliver the aiapps365 service: route inbound calls, generate AI replies, send SMS responses, schedule appointments on connected calendars, deliver transactional emails, and operate the tenant administration console.

To respond to inquiries: a marketing-form or SMS submission means you want a response from us. We use your contact information to reply, follow up, and (if you become a customer) onboard your account.

To improve our service: we review aggregated, de-identified usage signals (e.g., counts of intents, response latencies, failed AI tool calls) to find bugs and improve quality. We do not use individual customer call audio or transcripts to train third-party foundation models, and we do not sell or share this data with third parties for their own AI training.

To meet legal and regulatory obligations: tax, accounting, fraud prevention, and lawful requests from public authorities.

To secure the service: detect and respond to abuse, spam, and unauthorized access (including SMS abuse via the inbound spam-guard).

For US residents, we rely on legitimate business interests (delivering the service you requested, securing our systems) and your consent (where you submit a form or initiate an SMS conversation).

We are GDPR-aware but do not currently target the EU/UK market. If you are an EU/UK resident and contact us, we will honor reasonable access and deletion requests on a best-effort basis. We do not yet maintain a full Article 30 record of processing.

We are not currently a HIPAA-covered entity or business associate. The Phase 3 architecture for HIPAA-eligible verticals (medical, dental) is intentionally deferred — see our public roadmap. Do not transmit protected health information to us under our current Terms.

We do not sell your personal information, and we do not share it with third parties for their own marketing or advertising purposes.

We do share your data with the subprocessors listed below — service providers who process data on our behalf under contractual obligations of confidentiality and security. The subprocessor table on this page is the canonical list and is updated when subprocessors change.

We may also share your data when required by law, in response to a valid legal process, or to protect the rights, property, or safety of aiapps365, our customers, or the public.

California is a two-party (all-party) consent state for call recording (Cal. Penal Code § 632). Every inbound call our AI receptionist answers begins with a verbal disclosure that the call may be recorded for quality and service-delivery purposes. The exact wording is documented in our internal call script and reviewed periodically.

If you do not consent to the recording, you may end the call at the disclosure point. We retain call recordings only as described in the Retention section below.

Tenant businesses are responsible for ensuring that their use of the AI receptionist with their callers complies with the recording laws of any other jurisdictions in which their callers are located.

Marketing form submissions and contact inquiries: kept until the lead is marked converted or lost, then archived for up to 24 months to support back-references and analytics, after which it is deleted.

Call audio recordings: retained for 90 days by default (configurable per tenant under the MSA), then deleted.

Call transcripts and structured outputs (booking, callback details): retained for the life of the tenant relationship and for 12 months after termination, then deleted unless legally required to retain longer.

SMS conversations: retained for the life of the tenant relationship and for 12 months after termination, except for opt-out records (sms_opt_outs) which are retained indefinitely as required by carrier compliance.

Calendar OAuth tokens: retained while the integration is connected; revoked and deleted on disconnect within 24 hours.

Billing records: retained for the period required by US tax and accounting law (currently seven years).

Final retention periods will be set in writing in the signed Master Services Agreement (MSA) for tenant businesses; the values above are defaults pending attorney review.

If you are a California resident, you have the right under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), to:

Know what personal information we have collected about you.

Delete personal information we have collected from you, subject to limited exceptions.

Correct inaccurate personal information we maintain about you.

Opt out of the sale or sharing of your personal information. We do not sell or share personal information for cross-context behavioral advertising; this right is informational.

Limit our use of sensitive personal information. We do not collect sensitive personal information in the CCPA/CPRA sense.

Non-discrimination — we will not deny service, charge a different price, or provide a different level of service because you exercised any of these rights.

To exercise any of these rights, email privacy@aiapps365.com from the email address on file with us, or contact us via the channel where you originally provided your data. We will respond within the period required by law (currently 45 days, with one 45-day extension if necessary).

We do not use third-party advertising cookies, analytics cookies, or tracking pixels on our public marketing pages at this time.

Authenticated areas of the site (administrator console, tenant portal) use a single first-party session cookie required for sign-in. This cookie is essential to operating the service and is not used for tracking.

If we add analytics in the future, we will choose a privacy-first option (such as a server-side, cookieless platform) and update this Policy before turning it on.

aiapps365 is a B2B service intended for use by businesses and their employees, not by individuals under 18. We do not knowingly collect personal information from children. If you believe a child has provided personal information to us, contact privacy@aiapps365.com and we will delete the information.

We may update this Privacy Policy from time to time. The "Last updated" date at the top of the page reflects the most recent revision. Material changes will be announced on the aiapps365 site and, for tenant businesses, communicated via email to the primary account contact.

Your continued use of the service after a revised Policy takes effect constitutes acceptance of the changes.

For privacy-related inquiries, opt-out or deletion requests, or to exercise any of the rights described above, email privacy@aiapps365.com. If that address is not yet provisioned, reach us at aiapps365@gmail.com.

Mailing address: Long Beach, California (specific address available on request).