🔒 Privacy Policy

Welcome to Truecare AI Studio (“Company,” “we,” “our,” or “us”). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit truecare.ai and use our AI-powered automation services, chatbot solutions, and multi-channel customer support systems (collectively, the “Services”).

2.1 Information You Provide Directly

• Contact Information: Name, email, phone number, company name, and job title.
• Account Information: Username, password, and profile details.
• Communication Data: Messages, inquiries, and feedback you submit.
• Payment Information: Billing details processed via third-party processors — we do not store full card numbers.
• Service Configuration Data: AI chatbot scripts, support workflows, and automation templates.

2.2 Information Collected Automatically

• Usage Data: Pages visited, time spent, clicks, and referral URLs.
• Device & Technical Data: IP address, browser type, operating system, and device identifiers.
• Log Data: Server logs, error reports, and access timestamps.
• Cookies & Tracking Technologies: See Section 7 for details.

2.3 Data Processed on Your Behalf (Client Data)

When you use our Services to power your own customer support, we process your end users’ data as a Data Processor on your behalf. You remain the Data Controller and we act strictly per your instructions and any applicable Data Processing Agreement (DPA).

4.1 AI Model Training: We may use anonymized and aggregated interaction data to improve model accuracy. We do not use identifiable end-user data for training without explicit written permission. Opt out anytime at [email protected].

4.2 Automated Decision-Making: Our AI may automatically classify, route, or respond to queries. Where this significantly impacts you, you may request human review.

4.3 Chatbot Conversations: Conversations may be stored and analyzed to improve quality. Businesses deploying chatbots are responsible for informing their end users.

• Service Providers & Subprocessors: Trusted vendors for hosting, payments, email, analytics — all contractually bound to protect your data.
• Business Partners & Integrations: Third-party platforms you connect (e.g., CRMs, helpdesks) per your configuration.
• Legal & Compliance: When required by law, court order, or to protect rights, safety, or property.
• Business Transfers: In a merger or acquisition — with advance notice to you.
• With Your Consent: For any other purpose with your explicit approval.

Upon account deletion or written request, we will delete or anonymize your data within 30 days, unless retention is required by law.

Control cookies via your browser settings or our Cookie Consent Banner. Disabling essential cookies may impair the Services.

All Users: Access, Correction, Deletion, Objection, Withdraw Consent, and Opt-Out of Marketing.

EU/UK Residents (GDPR / UK GDPR): Data Portability, Restriction of Processing, Human Review of automated decisions, and right to lodge a complaint with your local Data Protection Authority (DPA).

California Residents (CCPA / CPRA): Right to Know, Delete, Opt-Out of Sale (we do not sell personal data), and Non-Discrimination.

• Encryption in transit: TLS 1.2+ (HTTPS) on all data transmissions.
• Encryption at rest: Sensitive data encrypted in our databases.
• Access controls: Role-based access limited to authorized personnel only.
• Security monitoring: Continuous monitoring for unauthorized access and anomalies.
• Regular audits: Periodic security assessments and penetration testing.
• Employee training: Mandatory privacy and security training for all staff.

In the event of a breach affecting your rights, we will notify you and relevant authorities within 72 hours.

Your data may be processed in countries outside your residence. For EU/EEA or UK transfers, we use Standard Contractual Clauses (SCCs), the UK Addendum, and adequacy decisions where applicable.

Our Services are not directed to individuals under 16. We do not knowingly collect data from minors. If you believe a child’s data was inadvertently collected, contact [email protected] immediately for prompt deletion.

We may update this Privacy Policy periodically. Material changes will be communicated via email or in-platform notification. We update the Last Updated date at the top of this page. Continued use of our Services constitutes acceptance of any updated policy.