Privacy Policy

Last updated: April 22, 2026

1. Introduction

aivio ("Company," "we," "us," or "our") operates the aivio website at aivioflow.com and the aivio CRM platform at app.aivioflow.com. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, products, and services. By using our services, you agree to the practices described in this Policy.

2. Information We Collect

Information you provide directly:

• Account registration details (name, work email, company name, role)
• Billing and payment information (processed securely via third-party payment processors)
• Customer and contact data you import or sync with our platform
• Call recordings, meeting transcripts, chat logs, and voice notes
• Support inquiries, demo requests, and feedback submissions

Information collected automatically:

• Device and browser information (browser type, operating system, IP address)
• Usage analytics (features accessed, session duration, click patterns)
• Log data (access timestamps, pages visited, error logs)
• Cookies and similar tracking technologies (see Section 8)

Information from third-party integrations:

• CRM records synced from Salesforce, HubSpot, or other connected platforms
• Calendar and meeting data from Google Meet, Microsoft Teams, or Zoom
• Messaging data from Slack, Gmail, or other authorized channels

3. How We Use Your Information

We use the information we collect to:

• Provide, operate, maintain, and improve our platform and services
• Process your transactions and send related billing communications
• Respond to your inquiries, demo requests, and provide customer support
• Send service-related notifications, security alerts, and onboarding guidance
• Personalize your experience and surface relevant platform recommendations
• Detect, prevent, and investigate fraud, security threats, and abuse
• Analyze aggregate usage patterns to improve product performance and UX
• Use artificial intelligence (AI) internally to process, analyze, and derive insights from your data to enhance platform functionality and user experience
• Comply with applicable legal and regulatory obligations
• Send marketing communications where you have given explicit consent (opt-out available at any time)

4. Data Security

aivio employs a multi-layer security approach to protect your information:

• Encryption: All data in transit is encrypted using TLS 1.2+. Data at rest is encrypted using AES-256.
• Access Controls: Role-based access controls (RBAC) restrict data access to authorized personnel only.
• SOC 2 Alignment: Our infrastructure and processes are designed to align with SOC 2 Type II security principles.
• Security Audits: We conduct regular internal audits and work with third-party security researchers.
• Incident Response: We maintain an incident response plan to address potential breaches promptly and notify affected users as required by law.

While we take all reasonable precautions, no method of electronic transmission or storage is 100% secure. We encourage you to use strong passwords and keep your credentials confidential.

5. Data Retention

We retain your personal information for as long as your account remains active or as necessary to fulfill the purposes described in this Policy. Specifically:

• Account data is retained while your account is active and for up to 90 days after account closure.
• Conversation and CRM data is retained per your workspace configuration settings.
• Billing records are retained for 7 years as required by applicable financial regulations.
• Log and usage data is retained for up to 12 months for security and service analysis.

You can request early deletion of your data at any time by contacting support@aivioflow.com.

6. Sharing of Information

We do not sell, rent, or trade your personal information. We may share information only in the following circumstances:

• Service Providers: With trusted vendors who support our infrastructure, payments, analytics, and support operations — all under strict data processing agreements.
• Legal Compliance: When required by law, court order, or government authority, or to protect the rights, safety, and property of aivio and its users.
• Business Transfers: In connection with a merger, acquisition, or asset sale; you will be notified before any such transfer occurs.
• With Your Consent: In any other circumstances where you have explicitly authorized disclosure.

6.1 Artificial Intelligence (AI) Processing

aivio uses artificial intelligence internally to enhance your experience and provide advanced platform features. This section explains how we use AI and protects your data:

• What We Do: We use AI internally to process, analyze, and derive insights from your data, including call recordings, meeting transcripts, chat conversations, and customer information.
• Purpose of AI: AI processing is used to:
  • Generate summaries and key insights from conversations
  • Identify patterns and trends in your business data
  • Enhance search and discovery capabilities
  • Improve platform recommendations and personalization
  • Improve overall platform performance and user experience
• Processing Location: All AI processing is performed on our own servers using our own infrastructure. Your data remains within aivio's secure systems at all times.
• No Third-Party Sharing: aivio does NOT share your personal data with any third-party AI services, external AI platforms, or third-party vendors for AI processing. All AI processing is handled entirely within our own secure infrastructure.
• Data Protection: All data used for AI processing is protected by the same encryption, access controls, and security measures described in Section 4 (Data Security).
• User Control: You have full control over AI features. You can enable or disable AI-powered features in your workspace settings at any time without affecting other platform functionality.

7. Third-Party Integrations

aivio integrates with third-party platforms including Slack, Gmail, HubSpot, Salesforce, Microsoft Teams, Jira, and others. When you authorize these integrations:

• We access only the data scopes you explicitly grant permission for.
• Data exchanged with third-party platforms is governed by their respective privacy policies.
• You can revoke integration access at any time from your workspace settings.

We encourage you to review the privacy policies of any third-party services you connect with aivio.

8. Cookies and Tracking Technologies

We use the following types of cookies and tracking technologies:

• Essential Cookies: Required for core platform functionality such as session authentication and security. These cannot be disabled.
• Functional Cookies: Remember your preferences and settings across sessions to improve usability.
• Analytics Cookies: Help us understand how users interact with our platform (e.g., Google Analytics). Data is aggregated and anonymized where possible.
• Marketing Cookies: Used to deliver relevant content and track campaign effectiveness. Only set with your consent.

You can manage cookie preferences through your browser settings or by using the cookie consent controls on our website. Disabling certain cookies may impact platform functionality.

9. GDPR Rights (European Users)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have the following rights under the General Data Protection Regulation (GDPR):

• Right of Access: Request a copy of the personal data we hold about you.
• Right to Rectification: Request correction of inaccurate or incomplete data.
• Right to Erasure: Request deletion of your data ("right to be forgotten") where applicable.
• Right to Restriction: Request limited processing of your data in certain circumstances.
• Right to Data Portability: Receive your data in a structured, machine-readable format.
• Right to Object: Object to processing based on legitimate interests or for direct marketing.
• Right to Withdraw Consent: Withdraw consent at any time where processing is consent-based.

Our legal basis for processing your data includes: performance of a contract, compliance with legal obligations, legitimate business interests, and your explicit consent. To exercise any of these rights, contact us at support@aivioflow.com.

10. CCPA Rights (California Residents)

If you are a California resident, the California Consumer Privacy Act (CCPA) grants you additional rights:

• Right to Know: Request disclosure of the categories and specific pieces of personal information we have collected about you.
• Right to Delete: Request deletion of personal information we have collected, subject to certain exceptions.
• Right to Opt-Out: We do not sell personal information. If this changes, we will provide a "Do Not Sell My Personal Information" link.
• Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.

To submit a CCPA request, contact us at support@aivioflow.com with "CCPA Request" in the subject line.

11. International Data Transfers

aivio is based in the United States. If you access our services from outside the US, your information may be transferred to, stored in, and processed in the United States or other countries where our service providers operate.

For transfers from the EEA or UK, we rely on approved transfer mechanisms including Standard Contractual Clauses (SCCs) as approved by the European Commission, to ensure your data receives an equivalent level of protection.

12. Children's Privacy

Our services are not directed to individuals under the age of 13, and we do not knowingly collect personal information from children under 13. If we become aware that we have inadvertently collected such information, we will take steps to delete it promptly. If you believe we have collected data from a child under 13, please contact us immediately at support@aivioflow.com.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please reach out to us:

Email: support@aivioflow.com
Subject Line: Privacy Policy Inquiry
Response Time: Within 5 business days

14. Policy Changes

We may update this Privacy Policy periodically to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will:

• Update the "Last updated" date at the top of this page.
• Notify active users via email at least 14 days before the changes take effect.
• Display a notice on our website for significant updates.

Your continued use of our services after changes become effective constitutes your acceptance of the updated Policy.