Privacy Policy (incl. Cookie Policy)

Last Updated: November 01, 2025

1. Introduction

Vita Marketing Partners, LLC ("we," "us," "our," or "Company") operates under the brand name Voxiety AI. We are committed to protecting the privacy and security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard personal data when you use our voice AI services and website.

Contact Information:

• Company Name: Vita Marketing Partners, LLC

• Address: 30 N Gould St #54253, Sheridan, WY 82801, USA

• Email: contact@voxietyai.com

• Phone: +1 (478) 778-8990

• Data Protection Officer: Not applicable

Scope: This policy applies to business customers ("Clients") and their end users who interact with our voice AI systems. As a B2B service provider, we primarily act as a data processor for our Clients, who are the data controllers for their end users' data.

2. Information We Collect

2.1 Business Client Information

We collect the following information from our business clients:

• Company name, business address, and contact details

• Names, email addresses, and phone numbers of authorized representatives

• Payment and billing information

• Account credentials and authentication data

• Business communications and support inquiries

2.2 Voice AI & Automation Interaction Data

When our voice AI and automation systems are deployed for our Clients, we may collect:

• Voice recordings of conversations between the AI system and end users

• Call metadata: call duration, date/time, phone numbers, caller ID information

• Transcript data: text transcriptions of voice interactions

• Interaction analytics: sentiment analysis, intent classification, conversation flow data

• Technical data: IP addresses, device information, browser type, operating system

• Usage data: feature usage, system performance metrics

2.3 Website and Cookies

Our website collects:

• Automatically collected data: IP address, browser type, device information, pages visited, time spent on pages

• Cookies and similar technologies: See Section 11 (Cookie Policy) below

2.4 Data We Do NOT Collect

We do not knowingly collect:

• Information from individuals under 16 years of age

• Sensitive personal data (special categories under GDPR), unless specifically required for service delivery, and with explicit consent

3. Legal Basis for Processing (GDPR)

For EU/EEA data subjects, we process personal data based on the following legal grounds:

• Contract performance: Processing necessary to provide our services to Clients (Art. 6(1)(b) GDPR)

• Legitimate interests: Improving our services, security, fraud prevention (Art. 6(1)(f) GDPR)

• Legal obligation: Compliance with applicable laws and regulations (Art. 6(1)(c) GDPR)

• Consent: Where required by law, particularly for cookies and marketing communications (Art. 6(1)(a) GDPR)
  
  

4. How We Use Information

We use the collected information for the following purposes:

4.1 Service Delivery

• Providing voice AI services to our Clients

• Processing and analyzing voice interactions

• Generating transcripts and analytics reports

• Training and improving AI models (only with appropriate consent/legal basis)

• Technical support and troubleshooting

4.2 Business Operations

• Managing Client accounts and relationships

• Processing payments and billing

• Communicating about services, updates, and support

• Conducting internal research and development

• Ensuring system security and preventing fraud

4.3 Legal and Compliance

• Complying with legal obligations

• Enforcing our Terms of Service

• Protecting our rights and property

• Responding to legal requests and preventing harm

4.4 AI Model Training

We may use voice interaction data to train and improve our AI models. When acting as a data processor:

• We only train models as instructed by our Clients

• Client data is processed in accordance with Data Processing Agreements

• We implement appropriate safeguards, including anonymization where feasible

• Clients can opt-out of data being used for model training
  
  

5. Data Sharing and Disclosure

5.1 We Share Data With:

Service Providers and Subprocessors: We engage third-party service providers who process data on our behalf:

• Cloud hosting providers: via www.framer.com

• Analytics services: Google Analytics

Business Transfers: In connection with any merger, sale, acquisition, or transfer of assets, personal data may be transferred to the acquiring entity.

Legal Requirements: We may disclose information when required by law, court order, or government request, or to protect our rights and safety.

Client Access: Our Clients (data controllers) have access to data collected through their voice AI deployments.

5.2 We Do NOT:

• Sell personal data to third parties

• Share data for third-party marketing purposes

• Use voice recordings for purposes other than service delivery without consent
  
  

6. International Data Transfers

For EU/EEA Data Subjects:

Vita Marketing Partners, LLC is located in the United States. When we process data from EU/EEA data subjects, we transfer data outside the European Economic Area.

We implement appropriate safeguards for international transfers:

• Standard Contractual Clauses (SCCs): We use EU-approved SCCs with our Clients and subprocessors

• Adequacy decisions: We transfer data to countries recognized by the EU Commission as providing adequate protection

• Additional security measures: Encryption, access controls, and technical safeguards

Data Transfer Impact Assessment: We have conducted assessments of data transfer risks and implemented supplementary measures as required.

7. Data Retention

We retain personal data only as long as necessary for the purposes outlined in this policy:

Voice Recordings and Transcripts:

• Default retention: 90 days unless Client specifies a different retention period

• Clients can configure retention periods in their account settings

• Data is automatically deleted after the retention period expires

Client Account Information:

• Retained for the duration of the business relationship plus 10 years for legal and tax purposes

• Deleted upon written request after account termination, subject to legal retention requirements

Analytics and Aggregated Data:

• Anonymized and aggregated data may be retained indefinitely for research and improvement purposes

Legal Holds: Data may be retained longer when required by law, legal proceedings, or to protect our rights.

8. Data Security

We implement appropriate technical and organizational measures to protect personal data:

Technical Measures:

• Encryption of data in transit (TLS 1.2 or higher) and at rest (AES-256 or equivalent)

• Access controls and multi-factor authentication

• Regular security assessments and penetration testing

• Intrusion detection and prevention systems

• Secure data centers with SOC 2, ISO 27001

Organizational Measures:

• Employee training on data protection

• Confidentiality agreements with staff and contractors

• Incident response procedures

• Regular security audits

• Vendor security assessments

Data Breach Notification: In the event of a data breach affecting personal data:

• We will notify affected Clients within 72 hours (GDPR requirement)

• Clients (as data controllers) are responsible for notifying their end users as required by law

• We will cooperate with Clients in breach investigation and mitigation

9. Your Rights (EU/EEA Data Subjects)

Under GDPR, you have the following rights regarding your personal data:

Right of Access (Art. 15): Request confirmation of what personal data we process and obtain a copy

Right to Rectification (Art. 16): Request correction of inaccurate data

Right to Erasure (Art. 17): Request deletion of your data ("right to be forgotten") in certain circumstances

Right to Restriction (Art. 18): Request limitation on how we process your data

Right to Data Portability (Art. 20): Receive your data in a structured, machine-readable format

Right to Object (Art. 21): Object to processing based on legitimate interests

Right to Withdraw Consent (Art. 7(3)): Withdraw consent at any time where processing is based on consent

Right Not to be Subject to Automated Decision-Making (Art. 22): Request human review of decisions made solely by automated means that significantly affect you

Right to Lodge a Complaint: File a complaint with your local data protection authority

How to Exercise Your Rights:

• If you are an end user: Contact the business that deployed our voice AI system (they are the data controller)

• If you are a Client representative: Contact us at privacy@voxietyai.com

• We will respond to requests within 30 days (GDPR requirement)

10. Your Rights (US Data Subjects)

Under various US state privacy laws (CCPA/CPRA, Virginia CDPA, Colorado CPA, etc.), you may have the following rights:

Right to Know: Request disclosure of personal information we collect, use, and share

Right to Delete: Request deletion of your personal information

Right to Correct: Request correction of inaccurate information

Right to Opt-Out: Opt-out of "sales" or "sharing" of personal information (Note: We do not sell personal information)

Right to Non-Discrimination: Not to receive discriminatory treatment for exercising privacy rights

Right to Limit Sensitive Data: Limit use and disclosure of sensitive personal information

How to Exercise Your Rights:

• Email: privacy@voxietyai.com

• Phone: +1 (478) 778-8990

• Online form: https://www.voxietyai.com/contact

• Response timeframe: 45 days (may extend by 45 days with notice)

Verification: We may require verification of your identity before fulfilling requests.

Authorized Agents: You may designate an authorized agent to make requests on your behalf.

11. Cookie Policy

11.1 What Are Cookies?

Cookies are small text files stored on your device when you visit our website. We use cookies and similar technologies (pixels, web beacons, local storage) to improve your experience and analyze website usage.

11.2 Types of Cookies We Use

Strictly Necessary Cookies:

• Essential for website functionality

• Cannot be disabled

• Examples: session management, security, load balancing

• Legal basis: Legitimate interest (no consent required)

Performance/Analytics Cookies:

• Help us understand how visitors use our website

• Collect anonymous usage statistics

• Services used: [INSERT, e.g., Google Analytics, Plausible]

• Legal basis: Consent (EU) / Legitimate interest with opt-out (US)

Functional Cookies:

• Remember your preferences and settings

• Examples: language preference, display settings

• Legal basis: Consent (EU) / Legitimate interest (US)

11.3 Cookie Duration

• Session cookies: Deleted when you close your browser

• Persistent cookies: Remain on your device for 90 days or until manually deleted

11.4 Managing Cookies

Cookie Consent Banner: When you first visit our website, you will see a cookie consent banner allowing you to:

• Accept all cookies

• Reject non-essential cookies

• Customize cookie preferences

Changing Your Preferences:

• Use our cookie preference center: [INSERT LINK]

• Browser settings: Most browsers allow you to refuse or delete cookies

• Opt-out tools: [INSERT LINKS, e.g., Google Analytics opt-out, NAI opt-out]

Note: Disabling cookies may affect website functionality.

11.5 Third-Party Cookies

Our website may contain links to third-party websites. We are not responsible for the privacy practices or cookies used by third parties. Please review their privacy policies.

11.6 Do Not Track Signals

[LEGAL REVIEW NEEDED: Clarify your DNT policy.] Our website [does/does not] respond to "Do Not Track" browser signals. Under California law, we disclose how we respond to DNT signals.

12. Children's Privacy

Our services are directed at businesses and not intended for individuals under 16 years of age. We do not knowingly collect personal information from children.

If you believe we have inadvertently collected information from a child, please contact us immediately at privacy@voxietyai.com, and we will delete it promptly.

13. Voice AI Specific Disclosures

13.1 AI System Transparency

Nature of Service: Our voice AI systems use artificial intelligence and natural language processing to conduct automated voice conversations.

How AI Works:

• Voice input is converted to text (speech-to-text)

• AI models analyze intent and generate responses

• Text responses are converted back to speech (text-to-speech)

• Systems may learn from interactions to improve performance

Limitations:

• AI may occasionally misunderstand or provide incorrect responses

• Systems may not handle all scenarios appropriately

• Human oversight is recommended for critical decisions

Human Oversight: Human agents can intervene during calls

13.2 Call Recording and Consent

Recording Notice: When our voice AI systems are used, calls are typically recorded for:

• Service delivery and quality assurance

• Training AI models

• Legal compliance

• Dispute resolution

Consent Mechanism:

• End users are informed at the beginning of calls that they are interacting with AI and that calls may be recorded

• [INSERT: Your specific consent approach, e.g., "Continued interaction constitutes consent" or "Explicit verbal consent is obtained"]

Opt-Out: End users can request to speak with a human agent or hang up and contact via alternative channels

13.3 Voice Biometric Data

If our systems use voice biometric analysis (e.g., speaker identification, emotion detection):

• We will obtain explicit consent before collecting voice biometric data

• Illinois BIPA and other state biometric laws require specific notices and consent

• Voice biometric data is encrypted and stored securely

• Data is deleted within [INSERT TIMEFRAME] or upon request

14. Business Customer Responsibilities

As a B2B service provider, we typically act as a data processor for our Clients, who are data controllers for their end users' data.

Client Obligations:

• Provide appropriate privacy notices to end users

• Obtain necessary consents from end users

• Ensure lawful basis for processing

• Comply with applicable privacy laws

• Notify us of any data subject requests that require our assistance

Data Processing Agreement (DPA): We enter into DPAs with our Clients that specify:

• Scope and purpose of processing

• Data security obligations

• Subprocessor arrangements

• Data breach notification procedures

• The rights and obligations of both parties

15. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements.

Notification of Changes:

• Material changes will be communicated via email to Clients at least 30 days before taking effect

• Updated policy will be posted on our website with the "Last Updated" date

• Continued use of services after changes constitutes acceptance

Version History: 1.0

16. Contact Us

For questions, concerns, or requests regarding this Privacy Policy or our data practices:

Privacy Inquiries:

• Email: privacy@voxietyai.com

• Mail: Vita Marketing Partners, LLC, Attn: Privacy Officer, 30 N Gould St #54253, Sheridan, WY 82801, USA

• Phone: +1 (478) 778-8990

EU Representative: N/A

Data Protection Officer: Not applicable

Supervisory Authority (EU/EEA): You have the right to lodge a complaint with your local data protection authority. A list of EU data protection authorities is available at: https://edpb.europa.eu/about-edpb/about-edpb/members_en