Privacy Policy

Your data security and privacy are fundamental to everything we do. Learn how Agenteract protects your information with enterprise-grade security and industry-specific compliance.

Last updated: August 11, 2025

Table of Contents

1. Information We Collect

1.1 Information You Provide Directly

  • Contact Information: Name, email address, phone number, company name
  • Business Information: Industry type, business size, current technology stack
  • Project Information: Automation requirements, workflow descriptions, business objectives
  • Communication Records: Emails, chat messages, phone call recordings (with consent)

1.2 Information Collected During AI Implementation

  • Business Process Data: Workflow patterns, document types, communication templates
  • Integration Data: API configurations, system specifications, user permissions
  • Performance Metrics: AI agent performance, efficiency improvements, ROI measurements

1.3 Automatically Collected Information

  • Website Usage: IP addresses, browser type, device information, pages visited
  • Analytics Data: Session duration, click patterns, referral sources
  • Technical Logs: System access logs, error reports, security events

2. How We Use Your Information

2.1 Service Delivery

  • Design and develop custom AI agents for your business
  • Provide technical support and system maintenance
  • Monitor AI agent performance and optimize functionality
  • Ensure compliance with industry-specific regulations

2.2 Communication and Support

  • Respond to inquiries and provide customer support
  • Send service updates and important notifications
  • Provide training and implementation guidance
  • Conduct satisfaction surveys and feedback collection

2.3 Business Operations

  • Process payments and maintain billing records
  • Conduct security monitoring and fraud prevention
  • Analyze usage patterns to improve our services
  • Comply with legal obligations and regulatory requirements

3. Data Sharing and Disclosure

🔒 Our Commitment: We Never Sell Your Data

Agenteract does not sell, rent, or trade your personal or business data to third parties for marketing purposes. Your information is used solely to provide and improve our AI services.

3.1 Limited Data Sharing

We may share your information only in the following circumstances:

  • Service Providers: Trusted third-party vendors who assist in service delivery (cloud infrastructure, security monitoring)
  • Legal Requirements: When required by law, court order, or regulatory authority
  • Business Transfers: In the event of a merger, acquisition, or sale of assets (with notification)
  • Protection of Rights: To protect our rights, property, or safety, or that of our clients

3.2 Third-Party Service Providers

We work with carefully vetted partners who are contractually bound to:

  • Maintain the confidentiality and security of your data
  • Use your information only for specified purposes
  • Comply with applicable privacy and security regulations
  • Delete or return data upon contract termination

4. Data Security and Protection

4.1 Technical Security Measures

  • Encryption: AES-256 encryption for data at rest and in transit
  • Access Controls: Multi-factor authentication and role-based access
  • Network Security: Firewalls, intrusion detection, and monitoring systems
  • Secure Infrastructure: SOC 2 compliant cloud providers and data centers

4.2 Operational Security Measures

  • Background Checks: All personnel undergo security clearance verification
  • Training: Regular security awareness and privacy training programs
  • Incident Response: 24/7 monitoring and rapid incident response procedures
  • Regular Audits: Third-party security assessments and penetration testing

4.3 Data Breach Response

In the unlikely event of a data breach, we will:

  • Immediately contain and investigate the incident
  • Notify affected clients within 72 hours
  • Provide detailed information about the breach and remediation steps
  • Work with clients to prevent future incidents

5. Industry-Specific Compliance

5.1 Healthcare (HIPAA Compliance)

  • Protected Health Information (PHI): Strict handling according to HIPAA requirements
  • Business Associate Agreements: Executed with all healthcare clients
  • Access Logging: Complete audit trails for all PHI access
  • Data Minimization: Collection limited to necessary information only

5.2 Legal Services (Attorney-Client Privilege)

  • Privileged Communications: Maintained with highest security standards
  • Ethical Compliance: Adherence to ABA Model Rules and state bar requirements
  • Document Security: End-to-end encryption for all legal documents
  • Confidentiality: Strict non-disclosure protocols for all staff

5.3 Financial Services (SOX/FINRA Compliance)

  • Financial Data Protection: Bank-grade security for financial information
  • Audit Trails: Complete logging for regulatory compliance
  • Data Retention: Compliance with financial record-keeping requirements
  • Risk Management: Ongoing monitoring for compliance violations

6. Data Retention

6.1 Retention Periods

  • Active Client Data: Retained for the duration of service agreement
  • Business Communications: 7 years from last contact (business requirement)
  • Financial Records: 7 years from transaction date (legal requirement)
  • Healthcare Data: As required by HIPAA and state regulations
  • Legal Documents: As required by attorney-client privilege rules

6.2 Data Deletion

Upon contract termination or data retention period expiration:

  • Secure deletion of all client data from our systems
  • Certificate of destruction provided upon request
  • 30-day notice before scheduled deletion
  • Option for data export before deletion

7. Your Rights and Choices

7.1 Data Subject Rights (GDPR/CCPA)

  • Right to Access: Request copies of your personal data
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data
  • Right to Portability: Receive your data in a portable format
  • Right to Object: Object to certain processing activities
  • Right to Restrict: Limit how we process your data

7.2 Exercising Your Rights

To exercise any of these rights:

  • Email us at privacy@agenteract.com
  • Include your name, email, and specific request
  • We will respond within 30 days
  • Identity verification may be required

7.3 Communication Preferences

  • Opt out of marketing communications at any time
  • Customize notification preferences in your account
  • Essential service communications cannot be disabled

8. Cookies and Tracking Technologies

8.1 How We Use Cookies

  • Essential Cookies: Required for website functionality
  • Analytics Cookies: Help us understand website usage
  • Preference Cookies: Remember your settings and preferences

8.2 Third-Party Analytics

We use Google Analytics to understand website performance. You can opt out through:

  • Google Analytics Opt-out Browser Add-on
  • Browser privacy settings
  • Our cookie consent manager

9. International Data Transfers

If you are located outside the United States, your data may be transferred to and processed in the United States. We ensure adequate protection through:

  • Standard Contractual Clauses: EU-approved data transfer mechanisms
  • Adequacy Decisions: Reliance on adequacy decisions where available
  • Additional Safeguards: Technical and organizational measures

10. Changes to This Privacy Policy

We may update this privacy policy to reflect:

  • Changes in our services or business practices
  • Updates to applicable laws and regulations
  • Improvements to our security and privacy measures

Notification of Changes:

  • Email notification for material changes
  • Website notice for 30 days
  • Updated "last modified" date

11. Contact Us

If you have questions about this privacy policy or our data practices:

📧 Email

privacy@agenteract.com

📞 Phone

(555) 123-AGNT

📮 Mail

Agenteract Privacy Office
[Your Business Address]
[City, State ZIP Code]

Our Response Commitment

  • Privacy inquiries: Response within 24 hours
  • Data requests: Completion within 30 days
  • Compliance issues: Immediate investigation

Our Certifications & Compliance

HIPAA Compliant
SOC 2 Type II
GDPR Ready
CCPA Compliant
ISO 27001
Enterprise Security