Privacy Policy

1. Introduction

Ephesus AI Solutions ("we," "us," "our," or "Company") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, services, AI solutions, and communications, including our AI Voice Receptionist, SMS programs, and custom AI development services.

By accessing or using our services, you agree to the terms of this Privacy Policy. If you do not agree with our practices, please do not use our services.

2. Information We Collect

2.1 Information You Provide Directly

We collect information that you voluntarily provide to us when you:

• Create an Account: Name, email address, phone number, company name, job title, password
• Contact Us: Name, email, phone number, message content, company information
• Schedule Consultations: Contact details, preferred dates/times, consultation topic, business requirements
• Use Our Services: Service preferences, project specifications, custom requirements
• Make Purchases: Billing information, payment card details (processed securely by third-party payment processors)
• Complete Surveys: Survey responses, feedback, ratings, comments
• Opt-In to Communications: Phone number for SMS, email address for newsletters, communication preferences

2.2 Information Collected Automatically

When you access our website or services, we automatically collect certain information:

• Device Information: IP address, browser type, operating system, device identifiers
• Usage Information: Pages viewed, links clicked, time spent on pages, access times, referral URLs
• Location Information: General geographic location based on IP address
• Cookies and Tracking: Session IDs, preferences, analytics data (see Section 9 for details)
• Log Data: Server logs, error reports, performance data

2.3 AI Voice Receptionist Data

When you interact with our AI Voice Receptionist, we collect:

• Voice Recordings: Audio recordings of your conversations with our AI system
• Transcripts: Text transcriptions of voice interactions
• Call Metadata: Call duration, date/time, phone number, call outcome
• Intent and Context: Purpose of call, topics discussed, inquiries made
• Conversation Analytics: Sentiment analysis, language preferences, interaction patterns

Note: Voice recordings are used to improve AI accuracy, provide services, and ensure quality. Recordings may be reviewed by our team for training and quality assurance.

2.4 SMS and Communication Data

When you participate in our SMS program:

• Phone Number: Mobile phone number and carrier information
• Message Content: Content of SMS messages sent and received
• Engagement Data: Message open rates, response times, opt-in/opt-out status
• Consent Records: Date/time of opt-in, consent method, opt-out requests

2.5 Information from Third Parties

We may receive information about you from third-party sources:

• Business Partners: Referral information, lead data
• Analytics Providers: Website analytics, user behavior insights
• Social Media: Public profile information if you interact with us on social platforms
• Data Enrichment Services: Company information, business intelligence data

3. How We Use Your Information

We use the collected information for various purposes:

3.1 Service Delivery

• Provide, operate, and maintain our AI services and website
• Process transactions and send related information
• Schedule and manage consultations and appointments
• Deliver AI Voice Receptionist services and call handling
• Develop and implement custom AI solutions
• Provide customer support and respond to inquiries

3.2 Communications

• Send transactional emails and SMS messages (order confirmations, appointment reminders)
• Send marketing communications, newsletters, and promotional offers (with your consent)
• Respond to comments, questions, and customer service requests
• Conduct surveys and gather feedback
• Send important notices about our services, policies, or terms

3.3 AI Improvement and Training

• Train and improve our AI models and algorithms
• Enhance voice recognition and natural language processing capabilities
• Develop new AI features and services
• Conduct research and development in artificial intelligence
• Analyze conversation patterns to improve response accuracy

3.4 Analytics and Business Operations

• Monitor and analyze usage patterns and trends
• Improve website functionality and user experience
• Conduct business planning and reporting
• Detect, prevent, and address technical issues and fraud
• Ensure security and integrity of our services

3.5 Legal and Compliance

• Comply with legal obligations and regulatory requirements
• Enforce our Terms of Service and other policies
• Protect our rights, property, and safety
• Resolve disputes and enforce agreements
• Respond to legal requests and prevent illegal activity

4. How We Share Your Information

We may share your information in the following circumstances:

4.1 Service Providers

We share information with third-party service providers who perform services on our behalf:

• Cloud Hosting: AWS, Google Cloud, or similar providers for data storage and computing
• Payment Processing: Stripe, PayPal, or other payment processors for transaction processing
• SMS Services: Twilio, MessageBird, or similar providers for SMS delivery
• Email Services: SendGrid, Mailchimp, or similar providers for email delivery
• Analytics: Google Analytics, Mixpanel, or similar tools for usage analytics
• AI Infrastructure: OpenAI, Anthropic, or other AI service providers for AI processing
• Customer Support: Zendesk, Intercom, or similar platforms for support services

These service providers are contractually obligated to protect your information and use it only for the specific services they provide to us.

4.2 Business Transfers

If we are involved in a merger, acquisition, sale of assets, financing, bankruptcy, or other business transaction, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control of your personal information.

4.3 Legal Requirements

We may disclose your information if required to do so by law or in response to:

• Court orders, subpoenas, or other legal processes
• Government or regulatory requests
• Law enforcement inquiries
• Legal claims or investigations
• Protection of our legal rights and safety

4.4 With Your Consent

We may share your information with third parties when you give us explicit consent to do so.

4.5 Aggregated and De-Identified Data

We may share aggregated, anonymized, or de-identified information that cannot reasonably be used to identify you for business purposes, research, or marketing.

5. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

Retention Periods:

• Account Information: Retained while your account is active and for 3 years after account closure
• Voice Recordings: Retained for up to 2 years for quality assurance and AI training
• Transaction Data: Retained for 7 years for tax and accounting purposes
• Marketing Data: Retained until you opt out or for 3 years of inactivity
• Website Analytics: Retained for up to 26 months
• Support Communications: Retained for 3 years after resolution

After the retention period expires, we will securely delete or anonymize your information. Some information may be retained in backup systems for a limited time after deletion.

6. Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction:

• Encryption: Data is encrypted in transit (TLS/SSL) and at rest (AES-256)
• Access Controls: Role-based access controls and multi-factor authentication
• Secure Infrastructure: Firewall protection, intrusion detection, and monitoring
• Regular Audits: Security assessments and vulnerability testing
• Employee Training: Staff trained on data protection and security practices
• Incident Response: Procedures for detecting and responding to security incidents
• Vendor Security: Third-party vendors must meet our security standards

Important: No method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

7. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

7.1 General Rights

• Access: Request access to your personal information and receive a copy
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information (subject to legal retention requirements)
• Opt-Out: Opt out of marketing communications at any time
• Data Portability: Request your data in a structured, machine-readable format
• Restriction: Request restriction of processing in certain circumstances
• Object: Object to processing based on legitimate interests

7.2 California Residents (CCPA Rights)

California residents have additional rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information is collected, used, shared, or sold
• Right to delete personal information (with exceptions)
• Right to opt-out of the sale of personal information (we do not sell your information)
• Right to non-discrimination for exercising your CCPA rights

7.3 European Residents (GDPR Rights)

If you are in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR):

• Right to withdraw consent at any time
• Right to lodge a complaint with a supervisory authority
• Right to data portability
• Right to object to processing for direct marketing

7.4 How to Exercise Your Rights

To exercise any of your rights, contact us at:

• Email: privacy@ephesusai.com or support@ephesusai.com
• Submit a request through our Contact page
• For SMS opt-out: Text STOP to any message

We will respond to your request within 30 days (or as required by applicable law). We may need to verify your identity before processing your request.

8. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children under 18. If you believe we have collected information from a child under 18, please contact us immediately at privacy@ephesusai.com, and we will take steps to delete such information.

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect and store information about your use of our website and services.

9.1 Types of Cookies We Use

• Essential Cookies: Required for website functionality (authentication, security)
• Analytics Cookies: Help us understand how visitors use our website (Google Analytics)
• Preference Cookies: Remember your settings and preferences
• Marketing Cookies: Track visits across websites for advertising purposes (with your consent)

9.2 Managing Cookies

You can control cookies through:

• Your browser settings (most browsers allow you to refuse or delete cookies)
• Our cookie consent banner when you first visit our website
• Opt-out tools provided by advertising networks

Note: Disabling cookies may affect website functionality and your user experience.

10. Third-Party Links and Services

Our website may contain links to third-party websites, services, or applications. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal information.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. When we transfer your information internationally, we ensure appropriate safeguards are in place, such as:

• Standard Contractual Clauses approved by the European Commission
• Data Processing Agreements with service providers
• Compliance with applicable data protection frameworks

12. AI and Automated Decision-Making

We use AI and automated systems to:

• Provide AI Voice Receptionist services
• Analyze customer interactions and sentiment
• Personalize user experiences
• Detect fraud and security threats

We do not make automated decisions that significantly affect you without human oversight or your explicit consent. You have the right to request human review of automated decisions.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

• Update the "Last Updated" date at the top of this policy
• Notify you via email or through a prominent notice on our website
• For significant changes, obtain your consent where required by law

Your continued use of our services after changes to this Privacy Policy constitutes acceptance of the updated terms.

14. Data Protection Officer

If you have questions about our privacy practices or wish to exercise your privacy rights, you can contact our Data Protection Officer at:

15. Contact Us

If you have any questions, concerns, or complaints about this Privacy Policy or our data practices, please contact us: